Home > 107th Congressional Public Laws > Pub.L. 107-306 To authorize appropriations for fiscal year 2003 for intelligence and ...Pub.L. 107-306 To authorize appropriations for fiscal year 2003 for intelligence and ...
<DOC>
[[Page 116 STAT. 2367]]
Public Law 107-305
107th Congress
An Act
To authorize funding for computer and network security research and
development and research fellowship programs, and for other
purposes. <<NOTE: Nov. 27, 2002 - [H.R. 3394]>>
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress <<NOTE: Cyber Security Research and
Development Act.>> assembled,
SECTION 1. <<NOTE: Communications and tele- communications.>> SHORT
TITLE.
This Act may be cited as the ``Cyber Security Research and
Development Act''.
SEC. 2. FINDINGS.
The Congress finds the following:
(1) Revolutionary advancements in computing and
communications technology have interconnected government,
commercial, scientific, and educational infrastructures--
including critical infrastructures for electric power, natural
gas and petroleum production and distribution,
telecommunications, transportation, water supply, banking and
finance, and emergency and government services--in a vast,
interdependent physical and electronic network.
(2) Exponential increases in interconnectivity have
facilitated enhanced communications, economic growth, and the
delivery of services critical to the public welfare, but have
also increased the consequences of temporary or prolonged
failure.
(3) A Department of Defense Joint Task Force concluded after
a 1997 United States information warfare exercise that the
results ``clearly demonstrated our lack of preparation for a
coordinated cyber and physical attack on our critical military
and civilian infrastructure''.
(4) Computer security technology and systems implementation
lack--
(A) sufficient long term research funding;
(B) adequate coordination across Federal and State
government agencies and among government, academia, and
industry; and
(C) sufficient numbers of outstanding researchers in
the field.
(5) Accordingly, Federal investment in computer and network
security research and development must be significantly
increased to--
(A) improve vulnerability assessment and
technological and systems solutions;
[[Page 116 STAT. 2368]]
(B) expand and improve the pool of information
security professionals, including researchers, in the
United States workforce; and
(C) better coordinate information sharing and
collaboration among industry, government, and academic
research projects.
(6) While African-Americans, Hispanics, and Native Americans
constitute 25 percent of the total United States workforce and
30 percent of the college-age population, members of these
minorities comprise less than 7 percent of the United States
computer and information science workforce.
SEC. 3. <<NOTE: 15 USC 7402.>> DEFINITIONS.
In this Act:
(1) Director.--The term ``Director'' means the Director of
the National Science Foundation.
(2) Institution of higher education.--The term ``institution
of higher education'' has the meaning given that term in section
101(a) of the Higher Education Act of 1965 (20 U.S.C. 1001(a)).
SEC. 4. <<NOTE: 15 USC 7403.>> NATIONAL SCIENCE FOUNDATION RESEARCH.
(a) Computer and Network Security Research Grants.--
(1) In general.--The Director shall award grants for basic
research on innovative approaches to the structure of computer
and network hardware and software that are aimed at enhancing
computer security. Research areas may include--
(A) authentication, cryptography, and other secure
data communications technology;
(B) computer forensics and intrusion detection;
(C) reliability of computer and network
applications, middleware, operating systems, control
systems, and communications infrastructure;
(D) privacy and confidentiality;
(E) network security architecture, including tools
for security administration and analysis;
(F) emerging threats;
(G) vulnerability assessments and techniques for
quantifying risk;
(H) remote access and wireless security; and
(I) enhancement of law enforcement ability to
detect, investigate, and prosecute cyber-crimes,
including those that involve piracy of intellectual
property.
(2) Merit review; competition.--Grants shall be awarded
under this section on a merit-reviewed competitive basis.
(3) Authorization of appropriations.--There are authorized
to be appropriated to the National Science Foundation to carry
out this subsection--
(A) $35,000,000 for fiscal year 2003;
(B) $40,000,000 for fiscal year 2004;
(C) $46,000,000 for fiscal year 2005;
(D) $52,000,000 for fiscal year 2006; and
(E) $60,000,000 for fiscal year 2007.
(b) Computer and Network Security Research Centers.--
(1) In general.--The Director shall award multiyear grants,
subject to the availability of appropriations, to institutions
of higher education, nonprofit research institutions, or
[[Page 116 STAT. 2369]]
consortia thereof to establish multidisciplinary Centers for
Computer and Network Security Research. Institutions of higher
education, nonprofit research institutions, or consortia thereof
receiving such grants may partner with 1 or more government
laboratories or for-profit institutions, or other institutions
of higher education or nonprofit research institutions.
(2) Merit review; competition.--Grants shall be awarded
under this subsection on a merit-reviewed competitive basis.
(3) Purpose.--The purpose of the Centers shall be to
generate innovative approaches to computer and network security
by conducting cutting-edge, multidisciplinary research in
computer and network security, including the research areas
described in subsection (a)(1).
(4) Applications.--An institution of higher education,
nonprofit research institution, or consortia thereof seeking
funding under this subsection shall submit an application to the
Director at such time, in such manner, and containing such
information as the Director may require. The application shall
include, at a minimum, a description of--
(A) the research projects that will be undertaken by
the Center and the contributions of each of the
participating entities;
(B) how the Center will promote active collaboration
among scientists and engineers from different
disciplines, such as computer scientists, engineers,
mathematicians, and social science researchers;
(C) how the Center will contribute to increasing the
number and quality of computer and network security
researchers and other professionals, including
individuals from groups historically underrepresented in
these fields; and
(D) how the center will disseminate research results
quickly and widely to improve cyber security in
information technology networks, products, and services.
(5) Criteria.--In evaluating the applications submitted
under paragraph (4), the Director shall consider, at a minimum--
(A) the ability of the applicant to generate
innovative approaches to computer and network security
and effectively carry out the research program;
(B) the experience of the applicant in conducting
research on computer and network security and the
capacity of the applicant to foster new
multidisciplinary collaborations;
(C) the capacity of the applicant to attract and
provide adequate support for a diverse group of
undergraduate and graduate students and postdoctoral
fellows to pursue computer and network security
research; and
(D) the extent to which the applicant will partner
with government laboratories, for-profit entities, other
institutions of higher education, or nonprofit research
institutions, and the role the partners will play in the
research undertaken by the Center.
(6) Annual meeting.--The Director shall convene an annual
meeting of the Centers in order to foster collaboration and
communication between Center participants.
[[Page 116 STAT. 2370]]
(7) Authorization of appropriations.--There are authorized
to be appropriated for the National Science Foundation to carry
out this subsection--
(A) $12,000,000 for fiscal year 2003;
(B) $24,000,000 for fiscal year 2004;
(C) $36,000,000 for fiscal year 2005;
(D) $36,000,000 for fiscal year 2006; and
(E) $36,000,000 for fiscal year 2007.
SEC. 5. <<NOTE: 15 USC 7404.>> NATIONAL SCIENCE FOUNDATION COMPUTER AND
NETWORK SECURITY PROGRAMS.
(a) Computer and Network Security Capacity Building Grants.--
(1) In general.--The Director shall establish a program to
award grants to institutions of higher education (or consortia
thereof) to establish or improve undergraduate and master's
degree programs in computer and network security, to increase
the number of students, including the number of students from
groups historically underrepresented in these fields, who pursue
undergraduate or master's degrees in fields related to computer
and network security, and to provide students with experience in
government or industry related to their computer and network
security studies.
(2) Merit review.--Grants shall be awarded under this
subsection on a merit-reviewed competitive basis.
(3) Use of funds.--Grants awarded under this subsection
shall be used for activities that enhance the ability of an
institution of higher education (or consortium thereof) to
provide high-quality undergraduate and master's degree programs
in computer and network security and to recruit and retain
increased numbers of students to such programs. Activities may
include--
(A) revising curriculum to better prepare
undergraduate and master's degree students for careers
in computer and network security;
(B) establishing degree and certificate programs in
computer and network security;
(C) creating opportunities for undergraduate
students to participate in computer and network security
research projects;
(D) acquiring equipment necessary for student
instruction in computer and network security, including
the installation of testbed networks for student use;
(E) providing opportunities for faculty to work with
local or Federal Government agencies, private industry,
nonprofit research institutions, or other academic
institutions to develop new expertise or to formulate
new research directions in computer and network
security;
(F) establishing collaborations with other academic
institutions or academic departments that seek to
establish, expand, or enhance programs in computer and
network security;
(G) establishing student internships in computer and
network security at government agencies or in private
industry;
(H) establishing collaborations with other academic
institutions to establish or enhance a web-based
collection
[[Page 116 STAT. 2371]]
of computer and network security courseware and
laboratory exercises for sharing with other institutions
of higher education, including community colleges;
(I) establishing or enhancing bridge programs in
computer and network security between community colleges
and universities; and
(J) any other activities the Director determines
will accomplish the goals of this subsection.
(4) Selection process.--
(A) Application.--An institution of higher education
(or a consortium thereof) seeking funding under this
subsection shall submit an application to the Director
at such time, in such manner, and containing such
information as the Director may require. The application
shall include, at a minimum--
(i) a description of the applicant's computer
and network security research and instructional
capacity, and in the case of an application from a
consortium of institutions of higher education, a
description of the role that each member will play
in implementing the proposal;
(ii) a comprehensive plan by which the
institution or consortium will build instructional
capacity in computer and information security;
(iii) a description of relevant collaborations
with government agencies or private industry that
inform the instructional program in computer and
network security;
(iv) a survey of the applicant's historic
student enrollment and placement data in fields
related to computer and network security and a
study of potential enrollment and placement for
students enrolled in the proposed computer and
network security program; and
(v) a plan to evaluate the success of the
proposed computer and network security program,
including post-graduation assessment of graduate
school and job placement and retention rates as
well as the relevance of the instructional program
to graduate study and to the workplace.
(B) Awards.--(i) The Director shall ensure, to the
extent practicable, that grants are awarded under this
subsection in a wide range of geographic areas and
categories of institutions of higher education,
including minority serving institutions.
(ii) The Director shall award grants under this
subsection for a period not to exceed 5 years.
(5) Assessment <<NOTE: Deadline.>> required.--The Director
shall evaluate the program established under this subsection no
later than 6 years after the establishment of the program. At a
minimum, the Director shall evaluate the extent to which the
program achieved its objectives of increasing the quality and
Other Popular 107th Congressional Public Laws Documents:
|
| GovRecords.org presents information on various agencies of the United States Government. Even though all information is believed to be credible and accurate, no guarantees are made on the complete accuracy of our government records archive. Care should be taken to verify the information presented by responsible parties. Please see our reference page for congressional, presidential, and judicial branch contact information. GovRecords.org values visitor privacy. Please see the privacy page for more information. |
 |