Skip to main content

Trust in Cyberspace (1999) / Chapter Skim
Currently Skimming:

Executive Summary
Pages 1-11

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.


From page 1...
... Interrupting service can threaten lives and property; destroying information or changing it improperly can disrupt the work of governments and corporations; and disclosing secrets can embarrass people or hurt organizations. The widespread interconnection of networked information systems allows outages and disruptions to spread from one system to others; it enables attacks to be waged anonymously and from a safe distance; and it compounds the difficulty of understanding and controlling these systems.
From page 2...
... Virus detectors identify and eradicate attacks embedded in exchanged files, and firewalls hinder attacks by filtering messages between a trusted enclave of networked computers and its environment (from which attacks might originate)
From page 3...
... Contemporary examinations of issues, ranging from information warfare to critical infrastructure, have advanced hypotheses and assumptions about specific, substantial, and proactive roles for government. But their rationales are incomplete.
From page 4...
... AN AGENDA FOR RESEARCH The goal of further research would be to provide a science base and engineering expertise for building trustworthy NISs. Commercial and industrial software producers have been unwilling to pay for this research, doing the research will take time, and the construction of trustworthy NISs presupposes appropriate technology for which this research is still needed.
From page 5...
... The next step is to provide specific technical guidance for NIS designers, implementers, and managers. A study of existing NISs can help determine what problems dominate NIS architecture and software development, the interaction of different aspects of trustworthiness in design and implementation or use, and how to quantify the actual benefits of using proposed methods and techniques.
From page 6...
... When an NIS is being built, subsystems spanning distributed networks must be integrated and tested despite their limited visibility and limited control over their operation. Yet the trend has been for researchers to turn their attention away from such integration and testing questions a trend that needs to be reversed by researchers and by those who fund research.
From page 7...
... There are accepted processes for component design and implementation, although the novel characteristics of NISs raise questions about the utility of these processes. Modern programming languages include features that promote trustworthiness, such as compile-time checks and support for modularity and component integration, and the potential exists for further gains from research.
From page 8...
... and to support faster encryption and authentication/ integrity algorithms to keep pace with rapidly increasing communication speeds. The use of hardware tokens holds promise for implementing authentication, although using personal identification numbers constitutes a vulnerability (which might be somewhat mitigated through the use of biometrics)
From page 9...
... Little is known about the advantages and disadvantages of the various possible positionings and system architectures, and an analysis of existing NISs should prove instructive along these lines. One architecture that has been suggested is based on the idea of a broadly useful core minimum functionality a minimum essential information infrastructure (MEII)
From page 10...
... There is also industry-funded research and development work in NIS trustworthiness; that work understandably tends to have more direct relevance to existing or projected markets (it emphasizes development relative to research)
From page 11...
... R2's effectiveness depends on better leveraging of talent both outside and inside the organization. The committee believes that increased funding is warranted for both information security research in particular and NIS trustworthiness research in general.


This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.