Cybersecurity Collection

In a world of increasing dependence on information technology, the prevention of cyberattacks on a nation's important computer and communications system and networks is a problem that looms large. In order to best prevent such attacks, this collection explains the importance of increasing the usability of security technologies, recommends strategies for future research aimed at countering cyberattacks, and considers how information technology systems can be used to not only maximize protection against attacks, but also respond to threats.


At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues ( 2014 )

At the Nexus of Cybersecurity and Public Policy offers a wealth of information on practical measures, technical and nontechnical challenges, and potential policy responses to the never-ending battle of cybersecurity. ...[more]


Professionalizing the Nation's Cybersecurity Workforce?: Criteria for Decision-Making ( 2013 )

Professionalizing the Nation's Cybersecurity Workforce? Criteria for Decision-Making considers approaches to increasing the professionalization of the nation's cybersecurity workforce. This report examines workforce requirements for cybersecurity and the segments and job functions in which professionalization is most needed; the role of assessment tools, certification, licensing, and other means for assessing and enhancing professionalization; and emerging approaches, such as performance-based measures. It also examines requirements for the federal (military and civilian) ...[more]


The Rise of Games and High Performance Computing for Modeling and Simulation ( 2010 )

The technical and cultural boundaries between modeling, simulation, and games are increasingly blurring, providing broader access to capabilities in modeling and simulation and further credibility to game-based applications. The purpose of this study is to provide a technical assessment of Modeling, Simulation, and Games (MS&G) research and development worldwide and to identify future applications of this technology and its potential impacts on government and society. Further, this study identifies feasible ...[more]


Proceedings of a Workshop on Deterring Cyberattacks:Informing Strategies and Developing Options for U.S. Policy ( 2010 )

In a world of increasing dependence on information technology, the prevention of cyberattacks on a nation's important computer and communications systems and networks is a problem that looms large. Given the demonstrated limitations of passive cybersecurity defense measures, it is natural to consider the possibility that deterrence might play a useful role in preventing cyberattacks against the United States and its vital interests. At the request of the Office of ...[more]


Toward a Safer and More Secure Cyberspace ( 2007 )

Given the growing importance of cyberspace to nearly all aspects of national life, a secure cyberspace is vitally important to the nation, but cyberspace is far from secure today. The United States faces the real risk that adversaries will exploit vulnerabilities in the nation s critical information systems, thereby causing considerable suffering and damage. Online e-commerce business, government agency files, and identity records are all potential security targets. Toward ...[more]


Who Goes There?:Authentication Through the Lens of Privacy ( 2003 )

Who Goes There?: Authentication Through the Lens of Privacy explores authentication technologies (passwords, PKI, biometrics, etc.) and their implications for the privacy of the individuals being authenticated. As authentication becomes ever more ubiquitous, understanding its interplay with privacy is vital. The report examines numerous concepts, including authentication, authorization, identification, privacy, and security. It provides a framework to guide thinking about these issues when deciding whether and how to use authentication ...[more]


Toward Better Usability, Security, and Privacy of Information Technology:Report of a Workshop ( 2010 )

Despite many advances, security and privacy often remain too complex for individuals or enterprises to manage effectively or to use conveniently. Security is hard for users, administrators, and developers to understand, making it all too easy to use, configure, or operate systems in ways that are inadvertently insecure. Moreover, security and privacy technologies originally were developed in a context in which system administrators had primary responsibility for security and privacy ...[more]


Software for Dependable Systems: Sufficient Evidence? ( 2007 )

The focus of Software for Dependable Systems is a set of fundamental principles that underlie software system dependability and that suggest a different approach to the development and assessment of dependable software. Unfortunately, it is difficult to assess the dependability of software. The field of software engineering suffers from a pervasive lack of evidence about the incidence and severity of software failures; about the dependability of existing ...[more]


Critical Code: Software Producibility for Defense ( 2010 )

Critical Code contemplates Department of Defense (DoD) needs and priorities for software research and suggests a research agenda and related actions. Building on two prior books--Summary of a Workshop on Software Intensive Systems and Uncertainty at Scale and Preliminary Observations on DoD Software Research Needs and Priorities--the present volume assesses the nature of the national investment in software research and, in particular, considers ways to revitalize the knowledge base needed ...[more]


Biometric Recognition:Challenges and Opportunities ( 2010 )

Biometric recognition--the automated recognition of individuals based on their behavioral and biological characteristic--is promoted as a way to help identify terrorists, provide better control of access to physical facilities and financial accounts, and increase the efficiency of access to services and their utilization. Biometric recognition has been applied to identification of criminals, patient tracking in medical informatics, and the personalization of social services, among other things. In spite of substantial ...[more]


Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities ( 2009 )

The United States is increasingly dependent on information and information technology for both civilian and military purposes, as are many other nations. Although there is a substantial literature on the potential impact of a cyberattack on the societal infrastructure of the United States, little has been written about the use of cyberattack as an instrument of U.S. policy. Cyberattacks--actions intended to damage adversary computer systems ...[more]


Information Technology for Counterterrorism:Immediate Actions and Future Possibilities ( 2003 )

Information technology (IT) is essential to virtually all of the nation s critical infrastructures making them vulnerable by a terrorist attack on their IT system. An attack could be on the system itself or use the IT system to launch or exacerbate another type of attack. IT can also be used as a counterterrorism tool. The report concludes that the most devastating consequences of a terrorist attack would ...[more]


Making the Nation Safer:The Role of Science and Technology in Countering Terrorism ( 2002 )

Vulnerabilities abound in U.S. society. The openness and efficiency of our key infrastructures transportation, information and telecommunications systems, health systems, the electric power grid, emergency response units, food and water supplies, and others make them susceptible to terrorist attacks. Making the Nation Safer discusses technical approaches to mitigating these vulnerabilities. A broad range of topics are covered in this book, including: Nuclear ...[more]

Cybersecurity of Freight Information Systems:A Scoping Study -- Special Report 274 ( 2003 )

TRB Special Report 274 - Cybersecurity of Freight Information Systems: A Scoping Study reviews trends in the use of information technology in the freight transportation industry and assesses potential vulnerabilities to a cyberattack. Special Report 274 Summary ...[more]