Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 319
Index
A
Absolute security, philosophy of, 7, 120
121, 247
Access control, 114, 134, 300
discretionary, 114-115
granularity of, 134
mandatory, 96, 114-115
mechanisms for, as add-one, 292
operating system, 147
violations of, 44
Access level, 44, 300
Access modes, multiple, 193
ACL (access control list), 147, 292, 300
ACL2 theorem prover, 97
ActiveX, 111, 141-142, 283, 300
Ada programming language, 85-86, 300
ADSL (asymmetric digital subscriber lines),
56, 300
Advanced Automation Systems air-traffic
control system, 99
Advanced Research Projects Agency
network (ARPANET), 29-30, 34, 133,
283, 301
switching node for, 307
Alcatel, 220
American National Standards Institute
(ANSI), 199
Anomaly detection, 9. See also Detection
319
ANSI. See American National Standards
Institute
APIs. See Application programming
interfaces
Application-level security, 139-149
Application programming interfaces
(APIs), 127, 132, 226-227, 301
Applique, 138
ARPA. See Defense Advanced Research
Projects Agency
ARPANET. See Advanced Research
Projects Agency network
Assessment Technology Branch (ATB) of
NASA, 222, 301
Assurance, 15, 204-205, 301. See also
System assurance
Asymmetric cryptography. See
Cryptography
Asynchronous transfer mode (ATM), 132-
133, 301
ATB. See Assessment Technology Branch of
NASA
ATM. See Asynchronous transfer mode
AT&T, 42, 46, 220
Attacks by hostile parties, 13, 22, 47-55
damage from, 112
detecting, 160
measuring, 185
scripts for, 174
OCR for page 320
320
Authentication, 33-36, 125, 292, 301, 307
biometric, 123-124, 301
cryptographic, 7, 122, 214
need for effective, 7
network-based, 121, 124
Authenticode signatures, 141
Authority, 112. See also Certification
authorities (CAB)
Autonomous system (AS), 301
routing within, 53
Availability, 14, 55, 149-150, 250, 301
B
Baan (software vendor), 221, 282
BAAs. See Broad area announcements
BCR (black/ crypto /red) project, 133, 301
Bell and La Padula policy, 115, 118, 301
Bell Laboratories, 291, 316
Bell operating companies, 26
Beta testing, 89
BGP. See Border Gateway Protocol
Biometric authentication, 8, 123-124, 229,
248, 301
Blacker devices, 35, 133, 302
"Blue boxes," 28, 302
Border Gateway Protocol (BGP), 30, 52, 301
routers for, 38, 53-55, 164
Bottom-up integration, 93
British Ministry of Defense, 202
Broad area announcements (BAAs), 233-
234, 237, 255, 301
Bugs, 32, 45, 99, 182
protecting against, 135
seriousness of, 88
C
C++ programming language, 85, 302
standard template library (STL) for, 87
Cable services, 4
Caller ID, 29, 241
Call forwarding, 27-28
Canadian Trusted Computer Product
Evaluation Criteria (CTCPEC), 204,
304
Caneware, 133, 138, 302
CAP. See Complex arithmetic processor
Capability Maturity Model (CMM), 78-80,
303
critique of, 80
INDEX
CCF (central control function), 99, 302
CCITT. See Consultative Committee on
International Telephony and
Telegraphy
CCv2. See Common Criteria, version 2
CDIS (central control function display
information system), 99, 302
CDSA. See Common data security
architecture
Cellular telephony fraud, 176
Central Intelligence Agency (CIA), 223
Centralized naming-service architecture, 5
6. See also Domain Name Services
CERT/CC. See Computer Emergency
Response Team/Coordination
Center
Certificate management, 128-129, 302
Certificate revocation list (CRL), 130, 304
Certification, 197, 302
Certification authorities (CAs), 8, 128-132,
302
Certification authority private keys,
recovery from compromise of, 8, 129
CGI. See Common gateway interface
Checkpoint, 220
Chinese Wall (Brewer-Nash) model, 116,
302
CIA. See Central Intelligence Agency
CIAO. See Critical Infrastructure Assurance
Office
CIC R&D. See Computing, Information,
and Communications Research and
Development
Circuit relays, 293-294
Cisco routers, 46, 163
Clark/Wilson model, 116
CLEFs. See Commercially licensed
evaluation facilities
Clipper chip, 227, 303
Closed user groups (CUGs), 111, 132-133
CMM. See Capability Maturity Model
COCOMO. See Constructive cost model
Collective behavior, research into, 299
COM. See Common object model
Commercially licensed evaluation facilities
(CLEFS), 208, 303
Commercial off-the-shelf (COTS)
components, 92, 118, 281, 296, 304
adapting and customizing, 6, 281-282
benefits of, 3, 63
changing role of, 87-89
DOD use of, 10, 13-15
OCR for page 321
INDEX
general problems with, 89-90, 103
need for greater trustworthiness in, 4,
70, 190-191
software, 22, 87-90
Common Criteria, version 2 (CCv2), 204,
206-207
Common data security architecture
(CDSA), 132, 145, 302
Common gateway interface (CGI) scripts,
32, 302
Common object model (COM), 87, 303
Common object request broker architecture
(CORBA), 87, 303, 311
Communications security, new approaches
to, 7-9
Communications speed, 8
Complex arithmetic processor (CAP), 97,
302
Complexity, increased problems with, 3,
16,65
Components. See also Commercial off-the-
shelf (COTS) components; Critical
components
building and acquiring, 82-92
design and implementation, 84-85
integrating, 82-92
Computer break-ins, 17-18
Computer crime, 113
Computer Emergency Response Team/
Coordination Center (CERT/CC),
110, 302
advisories of, 150
Web site of, 15, 50
Computer networks. See Networks
Computer security, new approaches to, 7-9,
118-120
Computer Security Act, 215, 218
Computer Security Technology Center, 222
Computing, Information, and
Communications Research and
Development (CIC R&D), 216, 223,
303, 307
Computing systems, integrating, 24, 77-78,
92-94
Concurrency, 100
Confidentiality, 125, 303
and cryptography, 214
Congestion, 3841, 149-150
Conops (concept of operations), 69-70, 303
approval of, 74
Constructive cost model (COCOMO), 67,
194, 303
321
Consultative Committee on International
Telephony and Telegraphy (CCITT),
99, 302
Consumer risk management, 187-188
Contingency planning, 289
Controls
personnel, 109
procedural, 297
Control theory, 16
Control tones, 28, 302
Convenience issues, 212
COPS (computer oracle password
security), 44, 303
CORBA. See Common object request
broker architecture
Correctness, 14, 75, 92-93, 97, 303
Cost pressures, 3, 13, 38
Costs
consumer, 181-184, 252
direct, 181-182
estimating, 67
indirect, 182
producer, 192-194
See also Failure costs
COTS components. See Commercial off-
the-shelf components
CPU (central processing unit)
increasing power of, 182
intensive calculations by, 41, 243
Credit card transactions, 158
CRISIS report. See Cryptography's Role in
Securing the Information Society
Criteria creep, 207
Critical components, 76-77
Critical Foundations: Protecting America's
Infrastructures, 287
Critical Infrastructure Assurance Office
(CIAO), 13, 216, 303
CRL. See Certificate revocation list
Cross-connect components, 242, 304
Cryptographic authentication, 122, 135-136,
214, 247
Cryptographic protocols, 99, 124-125,
133
Cryptography. See also Authentication
classified research into, 232
and confidentiality, 214
defined, 304
factors inhibiting widespread
deployment of, 211-213, 253
increased use of, 289-290
promoting wider use of, 243
OCR for page 322
322
and public-key infrastructures (PKIs),
124-132
and security, 7
and trustworthiness, 55, 210-214
Cryptography's Role in Securing the
Information Society (CRISIS report),
211, 289-290, 304
CSP (Communicating Sequential Process),
100, 304
CTCPEC. See Canadian Trusted Computer
Product Evaluation Criteria
CUGs (closed user groups), 132-133, 138,
304
Customers, and trustworthiness, 180-189
Cyberspace, trust in, 11, 111
D
Damage from attacks, 112
DARPA. See Defense Advanced Research
Projects Agency
Database attacks, 4849
Data Encryption Standard (DES), 199, 203,
305
DCOM. See Distributed common object
model
Decentralization, research into, 299
Deception, research into, 299
Decision support, 289
Defense Advanced Research Projects
Agency (DARPA), 172, 217, 223, 304,
308
coordinating with NSA, 228
issues for the future, 235-237, 254-255
role in trustworthiness R&D, 221, 223-
224, 232-237
sponsoring research, 5, 10, 298-299
Defense-in-depth, 127, 132, 288
Defense Information Systems Agency
(DISA), 17, 217, 223-224, 305
Defense Messaging System (DMS), 137-138,
305
Defense Science Board, 12, 286
Defensive information warfare. See
Information Warfare Defense
Denial-of-service attacks, 44, 54, 111, 305,
315
defending against, 8-9, 149-150
Dependency analysis, 75
Depreciation, 206-207
Deregulation, today's climate of, 3, 38, 220
INDEX
DES. See Data Encryption Standard
Design, top level, 66-82
Design errors, 2, 13, 156, 251
research in avoiding, 6
Detection, 158-161, 180, 251
limitations in, 158-159, 161
DGSA. See DOD Goal Security
Architecture
Digital Equipment Corp. (DEC), 198
Digital signal processors (DSPs), 38, 305
Digital signatures, 126
DISA. See Defense Information Systems
Agency
Distributed common object model
(DCOM), 87, 304
Diversity, 155-158, 192, 250
DMS. See Defense Messaging System
DNSs. See Domain Name Services
DOD. See U.S. Department of Defense
DOD access control model, 115, 117
DOD Goal Security Architecture (DGSA),
117-118, 230, 305
DOE. See U.S. Department of Energy
Domain Name Services (DNSs), 30-31, 46,
305
attacks via, 51, 175
Domain-specific languages, 86
DOS (disk operating system), 291, 305
Downstream service providers (DSPs), 26,
305
DSPs. See Digital signal processors
DTE (domain and type enforcement), 143,
305
Dynamic packet filters, 294
Dynamic resource allocation, research into,
298
E
Economic context, 171-239, 251-253
ECU. See European Currency Unit
Eligible Receiver, 18, 19
Emergency systems, eliminating, 3
Encryption
end-to-end packet, 301
key-escrow, 309
multiple, 154
network-level, 34-35
Encryption technology, controversial, 287
Enforcement subsystems, 147
Environmental disruption, 13, 16, 3741
OCR for page 323
INDEX
Ethernets, 30, 316
European Currency Unit (ECU),
introduction of, 4, 187-188
Evaluation processes, tension in, 210
Executive Order 13010, 217
Export controls, 210-211, 253
Extensible software, 111, 282-283
Exterior Gateway Protocol, 30
F
FAA. See Federal Aviation Administration
Failure costs, 183-184
Fault isolation, 146-149
Fault tolerance, 9, 233, 250, 306
FBI. See Federal Bureau of Investigation
FCC. See Federal Communications
Commission
FDA. See Food and Drug Administration
FEAL cipher, 203, 306
Federal Aviation Administration (FAA),
218, 222
Federal Bureau of Investigation (FBI), 18,
112, 217
Federal Communications Commission
(FCC), 37, 218
Federal information processing standards
(FIPS), 199, 203, 306
FIPS 46-1, 305
FIPS 140-1, 200, 203, 208
Federally funded research and
development centers (FFRDCs), 228
FFRDCs. See Federally funded research
and development centers
FGAC. See Fine-grained access control
Filters. See Packet filter firewall
Fine-grained access control (FGAC), 8, 113,
249, 306
and application security, 143-146
FIPS. See Federal information processing
standards
Firewall, 134-137, 139, 242, 248-249
defined, 306
future of, 8
limitations of, 44, 113, 135-137
need for application-layer, 8
thriving market for, 2, 188
types of, 293-295
Food and Drug Administration (FDA), 184-
185, 218
Foreign code, 7, 111, 139-149, 249-250
323
Foreign espionage agent threat, 286
Formal methods, 7, 95-101, 103-104, 246,
306
Formal policy models, shortcomings of,
115-117, 120-121
Fortezza technology, 138, 226-227, 306
Frame relay, 132
Freeh, FBI Director Louis, 18
FTP (File Transfer Protocol), 294, 306
proxy, 294
G
Gateway routing protocols, 30, 135,
212
General Accounting Office (GAO), 12, 18
Generally accepted security system
principles (GSSP), 285
Government. See also individual agencies
role in promoting trustworthiness, 3-4,
215-221
Graphical user interfaces (GUIs), 83, 282
Group identifiers, 292
GSSAPI (generic security services
application programming interface),
145, 306
GSSP. See Generally accepted security
system principles
Guards, 137-139, 249
GUIs. See Graphical user interfaces
H
Hardware tokens, 8, 123-124, 168, 247-248,
307
Hassle factor, 182, 189
HCS. See High Confidence Systems
Health maintenance organization (HMO)
example, 62-63, 70-71, 82-83, 88, 90,
93-94
Heisenbug, 157, 307
Helper applications, 283
Heterogeneity, research into, 298. See also
Diversity
High Confidence Systems (HCS) working
group, 223, 231, 307
High Performance Computing and
Communications Initiative, 216
HMO. See Health maintenance
organization example
OCR for page 324
324
Homogeneity
rationale for, 191, 198
risks of, 191-192
see also Replication
Hostile attacks. See Attacks by hostile
parties
HTML. See Hypertext Markup Language
HTTP. See Hypertext Transfer Protocol
Hypertext Markup Language (HTML), 31-
32, 307
Hypertext Transfer Protocol (HTTP), 31-32,
191, 307, 315
I
JAB. See Internet Architecture Board
IBM, 97, 99, 220, 292
ICMP (Internet Control Message Protocol),
307
IDE disk interface standard, 190, 307
IEEE. See Institute of Electrical and
Electronics Engineers
IESG. See Internet Engineering Steering
Group
IETF. See Internet Engineering Task Force
IISP. See Information Infrastructure
Standards Panel
IITF. See Information Infrastructure Task
Force
Immunological identification, research
into, 299
Imperfect information, 184-186
Implementation errors, 2, 13, 54-55, 156
research in avoiding, 6
Incident response, 289
Industry, partnership with, 226-227
Information assurance, 215-217, 288
increasing spending on, 236-237
Information Assurance Task Force, 219
Information Infrastructure Standards Panel
(IISP), 199
Information Infrastructure Task Force
(IITF), 216
Information science and technology
activities (ISATs), 234, 237, 255, 308
Information system security, NSA and
DARPA research into, 298-299
Information Systems Office (ISO), 233
Information Systems Security Research-
Joint Technology Office (ISSR1TO),
224, 228, 308
INDEX
Information Technology Industry Council,
200
Information Technology Management
Reform Act, 215
Information Technology Office (ITO), 10,
232-236, 298-299, 308
Information Technology Security
Evaluation Criteria (ITSEC), 204,
206, 208, 308
Information warfare, 20, 215, 286
Information Warfare Defense (IW-D), 286
Infosec (information security), 225
Infrastructure protection, 1-2, 12-13, 20-21,
241, 287-289
Insecurity, theory of, 109, 119-120, 160-161
Insiders, threat from, 112-113, 135
Inspections, 94-95
Institute of Electrical and Electronics
Engineers (IEEE), 97
Insurance
claims data, 112
demand for, 183
Insurance model, 178
Integration plans, 77-78, 103-104
bottom-up, 93
costs of, 193
of subsystems, 244-245
thread, 93-94
top-down, 93
Integrity of data, 125
Intel Corp., 97, 145, 190
Interconnections, weak points in, 3, 19, 40
41,52
Interface message processors (IMPs), 35, 307
Interfaces, 2
to facilitate intervention and control, 17
server, 284
International Computer Security
Association, 197
International Organization for
Standardization (ISO), 31
Internet, 5, 21, 163-164
attacks on, 50-55
business use of, 58
downloading software from, 140
managing congestion on, 3940
operational error on, 4243
protecting, 242-243
readiness for business, 56-57
security of, 36-37
telephony, 55-56
vulnerability of, 56-58
OCR for page 325
INDEX
Internet Architecture Board (IAB), 201
Internet Engineering Steering Group
(IESG), 201
Internet Engineering Task Force (IETF), 36,
132, 144-145, 200-201, 209, 307, 315
Internet Protocol (IP), 29, 121, 190, 308
headers in, 40
Internet service providers (ISPs), 26, 38,
308
protection offered by, 52
Internet Society (ISOC), 201, 308
Interoperability issues, 191-192, 212
Intrusion detection, 9, 113, 229, 233
IP. See Internet Protocol
IPsec (IP Security), 34-36, 134, 200, 229, 307,
315
ISAKMP (International Security
Association and Key Management
Protocol), 229, 308
ISATs. See Information science and
technology activities
ISDN (integrated services digital network),
56, 308
ISO. See Information Systems Office;
International Organization for
Standardization
ISPs. See Internet service providers
ISSRlTO. See Information Systems Security
Researchloint Technology Office
Iteration, dynamic, 195
ITO. See Information Technology Office
ITSEC. See Information Technology
Security Evaluation Criteria
IW-D. See Information Warfare Defense
J
Java, 85, 142, 283, 308
JavaBeans, 87, 308
Joint-service programmable radio, 97
Joint Technology Office. See Information
Systems Security Researchloint
Technology Office
JVM Java virtual machine) specification,
142, 308
K
KDCs. See Key-distribution centers
Kernels, 164-167, 309
325
Key-distribution centers (KDCs), 127-128,
309
Key-escrow encryption, 253, 309
Key-management technologies, 8, 127-132,
248
Needham-Schroeder, 203
Key process areas (KPAs), 79, 309
Key recovery, 211
KPAs. See Key process areas
L
Lawrence Livermore National Laboratory,
222
LCLint tool, 99
Legacy software. See Software
Leverage, 191
Link failures, 37-38
M
Maintenance practices, 44
Malicious attacks. See Attacks by hostile
parties
Management information bases (MIBs), 31,
309
Market-government relationship, changing
relationship, 220-221
MEII. See Minimum essential information
infrastructure
MIBs. See Management information bases
Microsoft Corp., 190, 283, 305
Middleware, 282. See also SAP, PeopleSoft
Military weapons, tactics intended to
disrupt, 286
MILNET, 34, 304, 309
MIME (multipurpose Internet mail
extension) format, 200, 309
Minimum essential information
infrastructure (MEII), 9, 162, 164-
168, 287, 309
building, 250
taxonomy of, 166
MISSI. See Multilevel Information Systems
Security Initiative
Mitigation, risk, 23, 177-178, 289
Mobile code, 7, 111, 283-284
Model checking, 96, 101
Monitoring, 158-161, 251, 289
MS-DOS, 291
OCR for page 326
326
Mu hi c a s tin g, 8
Multics, 85, 309
compared with UNIX, 316
Multilevel Information Systems Security
Initiative (MISSI), 137-138, 226, 306,
309
Multilevel security, 96
Multimode joint-service programmable
radio, 97
Multinode networks, 35
MVS (multiple virtual storage), 292, 309
N
Name-space management, 8
Naming-service architecture, centralized,
5-6
NASA. See National Aeronautics and Space
Administration
National Aeronautics and Space
Administration (NASA), 222, 301
National Communications System (NCS),
217, 310
National Computer Security Center
(NCSC), 226, 310
National Cryptologic Strategy for the 21st
Century, 225
National Information Assurance
Partnership, 208, 220
National Information Infrastructure
initiative, 216
National Infrastructure Protection Center,
217
National Institute of Standards and
Technology (NIST), 199, 203, 218,
220, 223, 306, 310
National Partnership for Reinventing
Government (NPRG), 215, 310
National Performance Review. See National
Partnership for Reinventing
Government
National Science Foundation (NSF), 201, 222
National Security Agency (NSA), 138, 172,
217-218, 223, 310-311
issues for the future, 230-232, 254
mission of, 225
role in trustworthiness R&D, 221-232
sponsoring research, 5, 10-11, 298-299
National Security Telecommunications
Advisory Committee (NSTAC), 12,
217, 219, 310
INDEX
National Voluntary Laboratory
Accreditation Program, 208
Natural disasters, 289
NCS. See National Communications
System
NCSC. See National Computer Security
Center
Needham-Schroeder key-management
protocol, 203
NES (Network Encryption System), 133,
310
Netcom, 43
Netware Link-State Protocol (NLSP), 35,
310
Network-based authentication, 121
Networked information systems (NISs),
245-246, 281-282, 289, 310
attacks on, 111
building, 64-66, 243
definition of, 13
research into vulnerabilities, 5-6, 11-13
software for, 62-108
trustworthiness of, 24, 13-15, 154-170,
249-250
Network Management System (NMS), 138,
310
Network operations centers (NOCs), 42-43,
310
Network Reliability and Interoperability
Council (NRIC), 37, 41, 45, 218, 310
Networks, 282
controlling access to, 8, 132-139
failures, 37-55
forming, 41
layers in, 34
multinode, 35
our dependence on, 1
Network security, research into, 299
Network "sniffers," 18
Network survivability, research into, 299
NISs. See Networked information systems
NIST. See National Institute of Standards
and Technology
NLSP. See Netware Link-State Protocol
NLSP (Network-Layer Security Protocol),
35, 310
NMS. See Network Management System
NOCs. See Network operations centers
Nodes, disparate, 94
Nonrepudiation, 125, 310
Northeast power blackout, 19
OCR for page 327
INDEX
Notation and style, 70-72
NPRG. See National Partnership for
Reinventing Government
NRIC. See Network Reliability and
Interoperability Council
NSF. See National Science Foundation
NSTAC. See National Security
Telecommunications Advisory
Committee
o
OC-12 (optical carrier 12) circuits, 40, 311
Office of Management and Budget, 215
Office of Science and Technology Policy,
12, 219
Open Software Foundation, 145
Open Systems Interconnection (OSI)
networks, 35, 310-311
Operating systems (OSs), 228, 291-292. See
also individual operating systems
add-one for, 292
defined, 311
Operational errors, 13, 16, 41-45
reducing, 4445, 243-244
Operations support systems (OSSs), 28, 36,
242, 311
interconnections to the Internet, 47
Oracle (software vendor), 282
Orange Book, 23, 311, 315
Orphan products, 91
OSSs. See Operations support systems
Out-of-band signaling, 28, 56
Outsiders, threat from, 112-113
p
P5 chip (Pentium processors), 97, 311
P6 chip (Pentium Pro processors), 97, 311
Packet filter firewall, 136, 293
Packet-filtering router, 196
Paperwork Reduction Act, 215
Passwords, 292, 311
Patents, 213
PCC. See Proof-carrying code
PCCIP. See President's Commission on
Critical Infrastructure Protection
PCMCIA (Personal Computer Memory
Card Interface Association), 312
cryptographic tokens, 306
327
PDD. See Presidential Decision Directive
PeopleSoft (software vendor), 186, 282
Performance specifications, 70-72
Personal computers (PCs), 88, 312
Personal identification numbers (PINS), 8,
123, 248, 312
Personnel controls, 109
PGP (pretty good privacy), 36, 129, 312
Physical access, 112, 158
Physical threats, 50, 55, 174-175, 287
PKI. See Public-key infrastructure
PLI. See Private line interface
Postdeployment upgrades, 104, 296
PostScript, 140
Precursor information, protecting, 297
Presidential Decision Directive (PDD) 63,
13, 20, 216, 240
President's Commission on Critical
Infrastructure Protection (PCCIP), 1,
12, 20, 185, 217-219, 223, 236, 287,
312
Privacy, 14, 156, 312
Private keys, 126, 128, 312
Private line interface (PLI), 133, 312
Programmable radio, 97
Program management, 66-68
Programming languages, 85-86, 91-92. See
also individual languages
powers of, 7, 245-246
research in, 8
Proof-carrying code (PCC), 146, 148-149,
250, 312
Proof-checking, 101
Protocol design flaws, 54-55
Prototyping, 83-84
Pseudocode, 84, 312
PTN. See Public telephone network (PTN)
Public-key cryptography, 126, 301, 312-313
Public-key infrastructure (PKI), 8, 124-132,
248, 312
defined, 130-132
Public keys, 124-126, 312
Public policy context, 2, 171-239
Public-private partnerships, 219-221, 253
254
Public telephone network (PTN), 5, 21, 121,
162-163, 312
attacks on, 47-50
backup power for, 165
congestion on, 39
design of, 27-29
OCR for page 328
328
and Internet trustworthiness, 26-61
operational error on, 4142
protecting, 241-242
vulnerabilities of, 55-58
Q
Quality of service (QOS), 30, 32-33, 312
guarantees of, 5, 32-33
Quarantine, research into, 299
R
R2 program, 10-11, 228-232, 254, 312
R/3. See SAP
Radio, programmable, 97
Radio Technical Commission for
Aeronautics. See RTCA
Rapid recovery, research into, 299
Reconfiguration, 159-160
Reconstitution, research into, 299
Red Book, 162, 313
Redundancy, 41
research into, 298
See also Reserve capacity
Reliability, 14, 313
amplifying, 155-157
Replication, 154-158, 250
of components, 14
Report of the Defense Science Board Task Force
on Information Warfare Defense, 286
Requests for proposals (RFPs), 188, 313
Requirements errors, 73-74
Research and development (R&D)
agenda for, 4-11, 21, 240-255
need for, 6, 13
Reserve capacity, reducing, 3, 38-39
Resilience, research into, 299
Resource allocation, 149-150,191
research into, 298
Resource Reservation Protocol (RSVP), 32-
33, 313
Response phase, 159-160
Revenge threat, 286
Reverse engineering, defending against, 297
Reviews. See Technical reviews
Revocation, 141-142
timely notification of, 8
RFC (request for comments), 201, 313
INDEX
RFPs. See Requests for proposals
Risk
defined, 173, 313
measuring, 185
Risk assessment, 173-174
Risk avoidance strategies, 23,177,180
Risk management, 23, 58, 172-180, 289
issues affecting, 186-188
strategies for, 176-180
Risk mitigation strategies, 177-178
Robustness, 88
research into, 299
Routing attacks, 48, 51-54
Routing protocols, 30, 305
inadequacies in, 5, 44-45
RPC (Remote Procedure Call) protocol,
294, 313
RSML (requirements state machine
language) notation, 98, 313
RSVP. See Resource Reservation Protocol
RTCA (Radio Technical Commission for
Aeronautics), 202, 313
S
Safety, 14, 202, 313
Sandia National Laboratories, 222
SAP (software vendor), 87,186,188,191,
220-221, 282
Satellite-based services, 4
Scalable coherent interface (SCI) standard,
97, 313
SCI. See Scalable coherent interface
SCR. See Software Cost Reduction
SCSI (small computer standard interface)
interface, 190, 313
SDSI. See Secure Distributed Security
Infrastructure
Secrecy, 314
of design, 296-297
Secret-key cryptography, 125,129, 314
Secure Distributed Security Infrastructure
(SDSI), 132, 314-315
Secure Network System (SNS), 138, 314
Secure socket layer (SSL) protocol, 32,129,
196, 200, 315
Secure Telephone Unit II (STU-II) systems,
129
Secure Telephone Unit III (STU-III)
systems, 35,129, 315
OCR for page 329
INDEX
Security, 12-14, 88, 241, 285, 314. See also
Network security
amplifying, 157-158
application-level, 139-149
demonstrating, 118-120
enforcing, 143
examples of, 291-292
growing interest in, 197-198
language-based, 146-149
reinventing, 109-153, 247-250
through obscurity, 296
Security management protocols,
supporting sophisticated, 8
Security needs, 253
evolution of, 110-111
Security Reference Monitor, 292
Segmentation, research into, 299
SKI. See Software Engineering Institute
Self-organization, research into, 299
Self-stabilization approach, 9,168, 251
SFI. See Software fault isolation
Siemens, 220
Signaling System 7 (SS7) protocol suite, 28,
242, 315
vulnerability of, 47, 50
Simple Network Management Protocol
(SNMP), 31, 309, 314
Simple Public-Key Infrastructure (SPKI),
132, 315
Skill-lifetimes, increasing, 191
Smart cards, 123, 200
S/MIME (secure/multipurpose Internet
mail extension) format, 36, 130, 196,
314
Snefru function, 203
SNMP. See Simple Network Management
Protocol
SNS. See Secure Network System (SNS)
Software. See also Components
barriers to innovative, 81-82
legacy, 90-91
needed to improve trustworthiness,
244-246
for networked information systems
(NISs), 62-108
role of, 64-66
trends in, 281-284
Software Cost Reduction (SCR) program,
70, 98, 313
329
Software developers
practices of, 21, 89-90, 95-96,124-132
scarcity of, 85, 231
Software engineering, challenges of, 6, 66
80, 82-94
Software Engineering Institute (SEI), 78-80,
302
Software fault isolation (SFI), 146,148-149,
314
Software systems, evolution of, 282
Software upgrades, timing, 284
Software wizards, 281-282
SONET (synchronous optical network), 38,
311, 314
Source code, 84-85, 314
Specification, 17, 68-69, 74-75, 314
SPKI. See Simple Public-Key Infrastructure
SP3 (Security Protocol at Level 3), 35, 314
SS7. See Signaling System 7
SSL. See Secure socket layer protocol
Standards and criteria, 199-210
for trustworthiness, 201-204, 251-252
Standard template library (STL), 87, 315
Static resource allocation, research into, 298
STL. See Standard template library
Storage, procedural controls on, 297
Structured walkthrough, 84
STU. See Secure Telephone Unit
Stubs, 93
Subsystems, 116-117
Survivability. See also Network
survivability
defined, 14, 315
SWAT (special weapons and tactics) teams,
100, 315
Switches, untrustworthy, 4041, 46-47, 242
Symmetric-key ciphers, 119-120,122, 306
secret, 309, 314
System administrators, cautions for, 135,
284
System architectures, 6, 23, 287
System assurance, 94-102
Systematic reuse, 86-87
System evolution, 102-103
System integration, 92-94
System management, 284
System planning, 66-82
requirements for, 68-74
Systems analysis, 289
OCR for page 330
330
System shutdown, 9
Systems requirements document, 69-70
T
Tactical countermeasures, 286
Tactical information warfare, 286
Tamper resistance, 123
Tandem systems, 157
TCAS II, 98
TCL (tool command language), 86, 315
TCP (Transmission Control Protocol), 29,
293, 315
headers in, 40
TCSEC. See Trusted Computer System
Evaluation Criteria
Technical reviews, 94-95, 103
Telecommunications fraud, 183-184
Telephone system. See Public telephone
network (PTN)
Testing, 101-102, 118-119, 246
costs of, 193
research in, 104
Thread integration, 93-94
Threat detection, 289
Threats, 316
insiders versus outsiders, 112-113
taxonomy of, 286
TIU (trusted interface unit), 133, 316
Token-based mechanisms. See Hardware
tokens
Top-down integration, 93
Top Secret enclaves, 292, 315
Trade-offs, managing, 176, 194
Traffic profile, 41
Transparency, 294
Transport layer, 293-294
procedural controls on, 297
terminating instantiations of, 294
Trojan horse attacks, 18, 115, 316
Trust, 11
erosion of, 15-20
warranted, 255
Trusted Computer System Evaluation
Criteria (TCSEC), 115, 162, 199, 206
208, 227, 315
Trustworthiness, 313
benefits of, 2-3
costs of, 2, 189, 192-196
of COTS components, 34
INDEX
and cryptography, 210-214
and customers, 180-189
defined, 13-15, 240, 316
enhancing, 1-2
implementing R&D into, 253-255
marketing products for, 196-198
multidimensionality of, 252-253
new paradigms for, 168-169
of networked information systems
(NISs), 2-4
placement of, 2-3
producers of products for, 190-198
studies of, 195-196, 285-290
of systems built from untrustworthy
components, 9, 23, 154-170, 250-251
see also software, role of
U
UDP. See User Datagram Protocol
U.S. Department of Defense (DOD), 10,
234-235, 286-287, 311
attacks against computers of, 17
U.S. Department of Energy (DOE), 221-223
U.S. Secret Service, 219
United States, enemies of, 286
University Research Program (URP), 228,
316
UNIX systems, 3, 157, 213, 291, 303, 316
Untrustworthy components. See
Trustworthiness
Upgrades, 102
postdeployment, 296
URP. See University Research Program
User accounts, 44
User Datagram Protocol (UDP), 31, 34, 54,
150, 293-294, 316
User IDs, 291-292
Uses of devices, procedural controls on,
297
V
Validation, 95
VDM (Vienna definition method), 100, 316
Verification, 98-99
Verity, 97, 316
Very-high-level languages, 86
VGA (video graphics adapter), 190
OCR for page 331
INDEX
Virtual circuit data networks, 132-133
Virtual private networks (VPNs), 8, 133
134, 138-139, 248, 316
Visual Basic language, 86
VPNs. See Virtual private networks (VPNs)
Vulnerabilities, 27, 287-288, 297
assessing, 120-121, 289
defined, 316
exploiting, 173-174, 313
failure to validate arguments, 95
intrinsic, 27
residual, 297
scanning for, 44
VVSL method, 100, 316
W
Waterfall development process, 68
W3C (World Wide Web Consortium), 201,
317
331
Windows NT, 157-158, 229, 283, 291, 317
Work factor model, 178, 185, 317
World Wide Web (WWW)
downloading software from, 140
exploding popularity of, 62
X
X.25 protocol suite, 35,132-133, 317
XEU (Xerox encryption unit), 133, 317
y
Y2K (year 2000) problem, 4, 12-13, 187-188,
317
Representative terms from entire chapter:
information warfare
