Securing U.S. Defense Information Infrastructure A Proposed Approach,9780833027139

Securing U.S. Defense Information Infrastructure A Proposed Approach

by ; ; ; ;
ISBN13: 9780833027139
ISBN10: 0833027131
Format: Paperback
Pub. Date: 1999-07-13
Publisher(s): RAND Corporation
List Price: $37.82

Rent Book

Select for Price
Add to Cart
There was a problem. Please try again later.

New Book

We're Sorry
Sold Out

Used Book

We're Sorry
Sold Out

eBook

We're Sorry
Not Available

Buy from our Marketplace starting at $55.76

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

It is widely believed, and increasingly documented, that the United States is vulnerable to various types of information warfare attacks. Threats range from nuisance attacks by hackers to those potentially putting national security at risk. The latter might include attacks on essential U.S. information systems in a major regional crisis or theater war. The purpose might be to deter (or coerce) a U.S. intervention, to degrade U.S. power projection capabilities, to punish the United States or its allies, or to undermine the support of the American public for the conflict.

Table of Contents

Preface iii
Figures
ix
Tables
xi
Summary xiii
Acknowledgments xxi
Acronyms and Abbreviations xxiii
Glossary xxvii
Introduction
1(4)
Problem and Purpose
1(1)
Focus
2(3)
The Information Warfare Threat and The MEII Response
5(12)
The Threat
5(3)
The MEII As a Structure or Process
8(4)
Steps of the MEII Process
12(5)
Vulnerabilities
17(30)
Focus on Evolving Global Command, Control, Communications, and Intelligence Systems
18(5)
Global Command and Control System (GCCS)
19(1)
Global Combat Support System (GCSS)
20(1)
Defense Information Infrastructure Common Operating Environment (DII-COE)
20(1)
Internet Protocol Router Networks
21(1)
Public Switched Network (PSN)
22(1)
Illustrative Vulnerabilities
23(5)
IP Router Networks
24(1)
Public Switched Network
25(3)
Generic Vulnerabilities
28(8)
Inherent Design/Architecture
30(1)
Behavioral Complexity
31(1)
Adaptability and Manipulation
32(1)
Operation/Configuration
33(2)
Indirect/Nonphysical Exposure
35(1)
Direct/Physical Exposure
35(1)
Supporting Facilities/Infrastructures
36(1)
Relative Importance of Different Vulnerabilities
36(2)
From Generic to Specific
38(7)
A Concluding Observation
45(2)
Responsive Security Techniques
47(16)
Heterogeneity
48(1)
Static Resource Allocation
49(1)
Dynamic Resource Allocation
49(1)
Redundancy
50(1)
Resilience and Robustness
50(1)
Rapid Recovery and Reconstitution
51(1)
Deception
52(1)
Segmentation, Decentralization, and Quarantine
53(1)
Immunologic Identification
54(1)
Self-Organization and Collective Behavior
55(2)
Personnel Management
57(1)
Centralized Management of Information Resources
58(1)
Threat/Warning Response Structure
58(1)
Protect, Detect, React
59(1)
From Generic to Specific
59(4)
Identifying Security Techniques
63(14)
Matching Security Techniques to Vulnerabilities
63(6)
Refining the Applicable Set of Security Techniques
69(2)
Testing Applied Security Techniques
71(2)
Trading Security off Against Other Valued Attributes
73(4)
Distribution of Research Effort
77(6)
Approach
77(2)
Results
79(4)
Recommendations
83(70)
Use Our Methodology As a Checklist
83(1)
Develop a Test Set of Scenarios Involving IW Attacks
83(1)
Develop Case Studies of Our Proposed Methodology
84(1)
Explore Biological Analogies in More Detail
84(1)
Consider R&D on Survivability Techniques to ``Fill the Gaps''
85(2)
Appendix
A. Historical Note on the U.S. Minimum Essential Emergency Communications Network (MEECN)
87(2)
B. How Threats Relevant to an MEII Differ from Hacker Nuisance Attacks
89(2)
C. Biological Analogies for Information System Survivability
91(8)
D. Prioritization in Information Systems
99(8)
E. On Deception
107(6)
F. Mapping Security Solution Techniques to Vulnerabilities
113(30)
G. Information Assurance Research Projects Examined
143(10)
References 153

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.