Information Security and Privacy in Network Environments
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
A Theory on Information Security
Australasian Conference on Information Systems Horne et al. 2016, Wollongong, Australia A Theory on Information Security A Theory on Information Security Craig A. Horne Department of Computing and Information Systems The University of Melbourne Victoria, Australia Email: [email protected] Atif Ahmad Department of Computing and Information Systems The University of Melbourne Victoria, Australia Email: [email protected] Sean B. Maynard Department of Computing and Information Systems The University of Melbourne Victoria, Australia Email: [email protected] Abstract This paper proposes a theory on information security. We argue that information security is imperfectly understood and aim to bring about an altered understanding of why efforts are made to engage in information security. The goal of information security is widely recognised as the confidentiality, integrity and availability of information however we argue that the goal is actually to simply create resources. This paper responds to calls for more theory in information systems, places the discussion in philosophical context and compares various definitions. It then identifies the key concepts of information security, describes the relationships between these concepts, as well as scope and causal explanations. The paper provides the theoretical base for understanding why information is protected, in addition to theoretical and practical implications and suggestions for future research. Keywords Information security, resources, controls, threats, theory development. 1 Australasian Conference on Information Systems Horne et al. 2016, Wollongong, Australia A Theory on Information Security 1 INTRODUCTION Despite the concept of information security being very well established, the reasons and motivations behind it are imperfectly understood. This paper seeks to explain how and why the phenomena that comprise the concepts of information security occur. -
Data and Database Security and Controls
1 Handbook of Information Security Management, Auerbach Publishers, 1993, pages 481-499. DATA AND DATABASE SECURITY AND CONTROLS Ravi S. Sandhu and Sushil Jajodia Center for Secure Information Systems & Department of Information and Software Systems Engineering George Mason University, Fairfax, VA 22030-4444 Telephone: 703-993-1659 1 Intro duction This chapter discusses the topic of data security and controls, primarily in the context of Database Management Systems DBMSs. The emphasis is on basic principles and mechanisms, which have b een successfully used by practitioners in actual pro ducts and systems. Where appropriate, the limitations of these techniques are also noted. Our discussion fo cuses on principles and general concepts. It is therefore indep endent of any particular pro duct except for section 7 which discusses some pro ducts. In the more detailed considerations we limit ourselves sp eci cally to relational DBMSs. The reader is assumed to be familiar with rudimentary concepts of relational databases and SQL. A brief review of essential concepts is given in the app endix. The chapter b egins with a review of basic security concepts in section 2. This is followed, in section 3, by a discussion of access controls in the current generation of commercially available DBMSs. Section 4 intro duces the problem of multilevel security. It is shown that the techniques of section 3 are inadequate to solve this problem. Additional techniques develop ed for multilevel security are reviewed. Sec- tion 5, discusses the various kinds of inference threats that arise in a database system, and discusses metho ds that have b een develop ed for dealing with them. -
NSA's Efforts to Secure Private-Sector Telecommunications Infrastructure
Under the Radar: NSA’s Efforts to Secure Private-Sector Telecommunications Infrastructure Susan Landau* INTRODUCTION When Google discovered that intruders were accessing certain Gmail ac- counts and stealing intellectual property,1 the company turned to the National Security Agency (NSA) for help in securing its systems. For a company that had faced accusations of violating user privacy, to ask for help from the agency that had been wiretapping Americans without warrants appeared decidedly odd, and Google came under a great deal of criticism. Google had approached a number of federal agencies for help on its problem; press reports focused on the company’s approach to the NSA. Google’s was the sensible approach. Not only was NSA the sole government agency with the necessary expertise to aid the company after its systems had been exploited, it was also the right agency to be doing so. That seems especially ironic in light of the recent revelations by Edward Snowden over the extent of NSA surveillance, including, apparently, Google inter-data-center communications.2 The NSA has always had two functions: the well-known one of signals intelligence, known in the trade as SIGINT, and the lesser known one of communications security or COMSEC. The former became the subject of novels, histories of the agency, and legend. The latter has garnered much less attention. One example of the myriad one could pick is David Kahn’s seminal book on cryptography, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet.3 It devotes fifty pages to NSA and SIGINT and only ten pages to NSA and COMSEC. -
Canada's Communications Security Establishment: from Cold War to Globalization
CANADA’S COMMUNICATIONS SECURITY ESTABLISHMENT: FROM COLD WAR TO GLOBALISATION Martin Rudner OCCASIONAL PAPER No 22 – 2000 CANADA’S COMMUNICATION SECURITY ESTABLISHMENT: FROM COLD WAR TO GLOBALISATION Martin Rudner OCCASIONAL PAPER No 22 – 2000 The Norman Paterson School of International Affairs Carleton University 1125 Colonel By Drive Ottawa, Ontario K1S 5B6 Telephone: 613-520-6655 Fax: 613-520-2889 www.carleton.ca/npsia This series is published by the Centre for Security and Defence Studies at the School and supported by a grant from the Security Defence Forum of the Department of National Defence. The views expressed in this paper do not necessarily represent the views of the School or the Department of National Defence. TABLE OF CONTENTS Abstract ii Abbreviations iv INTRODUCTION 1 THE BEGINNINGS OF CANADIAN SIGINT 2 CANADA’S SIGINT COLLECTION EFFORT 6 COLD WAR SIGINT OPERATIONS 8 CANADA AND THE UKUSA AGREEMENT 11 SATELLITE COMMUNICATIONS AND ECHELON 13 SIGINT TECHNOLOGY ACCESS AND SHARING 16 CANADA’S POST-COLD WAR SIGINT AGENDA 18 THE ECONOMIC INTELLIGENCE CONUNDRUM 22 FUTURE CHALLENGES 25 Notes 34 About the Author 41 LIST OF OCCASIONAL PAPERS 42 i ABSTRACT The Communications Security Establishment (CSE) is Canada’s largest, best funded and most highly secretive intelligence agency, and is the main provider of foreign intelligence to the Canadian government. CSE collects, analyses and reports on signals intelligence (SIGINT) derived from interceptions of foreign electronic communications, radio, radar, telemetry, and other electromagnetic emissions. In fulfilment of its foreign intelligence function, CSE collaborates closely in a special SIGINT sharing arrangement with the United States, United Kingdom, Australia and New Zealand known as UKUSA. -
Information Security Essentials Definition of Information Security
Computing Services Information Security Office Information Security Essentials Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification, destruction or disruption. The three objectives of information security are: • Confidentiality • Integrity • Availability Confidentiality Confidentiality refers to the protection of information from unauthorized access or disclosure. Ensuring confidentiality is ensuring that those who are authorized to access information are able to do so and those who are not authorized are prevented from doing so. Integrity Integrity refers to the protection of information from unauthorized modification or destruction. Ensuring integrity is ensuring that information and information systems are accurate, complete and uncorrupted. Availability Availability refers to the protection of information and information systems from unauthorized disruption. Ensuring availability is ensuring timely and reliable access to and use of information and information systems. Information Security Policy Carnegie Mellon has adopted an Information Security Policy as a measure to protect the confidentiality, integrity and availability of institutional data as well as any information systems that store, process or transmit institutional data. Institutional data is defined as any data that is owned or licensed by the university. Information system is defined as any electronic system that stores, processes or transmits information. Policies • Throughout its lifecycle, all Institutional Data shall be protected in a manner that is considered reasonable and appropriate given the level of sensitivity, value and criticality that the Institutional Data has to the University. • Any Information System that stores, processes or transmits Institutional Data shall be secured in a manner that is considered reasonable and appropriate given the level of sensitivity, value and criticality that the Institutional Data has to the University. -
Report of the National Workshop on Internet Voting: Issues and Research Agenda
Report of the National Workshop on Internet Voting: Issues and Research Agenda March 2001 Sponsored by the National Science Foundation Conducted in cooperation with the University of Maryland and hosted by the Freedom Forum The Internet Policy Institute The Internet Policy Institute (IPI) is the nation’s first independent, nonprofit research and education- al institute created exclusively to provide objective, high-quality analysis and outreach on economic, social and policy issues affecting and affected by the global development and use of the Internet. IPI is nonpartisan and does not lobby or otherwise actively advocate or represent the interests of businesses, associations, policy makers or others. A primary role for the Institute is as a forum for independent research, discussion, debate, and consensus building. http://www.internetpolicy.org The University of Maryland, College Park The University of Maryland, College Park is a public research university, the flagship campus of the University System of Maryland, and the original 1862 land grant institution in Maryland. The University of Maryland is committed to achieving excellence as the state's primary center for research and graduate education and as the institution of choice for undergraduate students of exceptional ability. http://www.umd.edu The Freedom Forum The Freedom Forum, based in Arlington, Va., is a nonpartisan, international foundation dedicated to free press, free speech and free spirit for all people. The foundation focuses on four main priorities: the Newseum, First Amendment issues, newsroom diversity and world press freedom. http://www.freedomforum.org The National Science Foundation The National Science Foundation (NSF) is an independent federal agency that supports fundamental research and education across all fields of science and engineering, with an annual budget of nearly $4.5 nillion. -
KY-58 (Vinson)
KY-58 (Vinson) The KY-57/58 is a member of the VINSON family. The VINSON family consists of wideband secure voice (WBSV) units developed by the National Security Agency to provide line of sight half-duplex voice and data encryption at 16 Kbps. The KY-57/58 provides security for AM/FM, VHF, UHF, half-duplex PTT combat net radios and tactical wireline systems when used with the HYX-57. Also used by non-tactical users for high-level communications in the local wideband telephone networks and wideband satellite terminals. The KY-57 is the manpack/vehicular model and the KY-58 is the airborne/shipborne version. The KY-57/58 is certified to pass data up to TOP SECRET and accepts key from the family of Common Fill Devices and also incorporates remote keying. KY-57/58 production was completed in 1993. No further production is planned. KY-58 photo by Tim Tyler Tim Tyler comments."The photo above depicts the KY-58 unit inside a USCG HH-65C 'Dolphin' helicopter taken in September 2008. It is currently configured just for use on their 225-400MHz aircraft band radio. Supposedly, they're in the process of upgrading the HH-65 helos into an MH-65 (Special Ops capable) configuration which will have APCO P-25 compliant radios (with AES crypto, for talking to other DHS agencies) as well as ANDVT / KY-100 type crypto for communicating with the military-side of USCG ops". The photo above depicts a KY-58 RCU installation in an A-10 attack aircraft. -
A History of U.S. Communications Security (U)
A HISTORY OF U.S. COMMUNICATIONS SECURITY (U) THE DAVID G. BOAK LECTURES VOLUME II NATIONAL SECURITY AGENCY FORT GEORGE G. MEADE, MARYLAND 20755 The information contained in this publication will not be disclosed to foreign nationals or their representatives without express approval of the DIRECTOR, NATIONAL SECURITY AGENCY. Approval shall refer specifically to this publication or to specific information contained herein. JULY 1981 CLASSIFIED BY NSA/CSSM 123-2 REVIEW ON 1 JULY 2001 NOT RELEASABLE TO FOREI6N NATIONALS SECRET HA~mLE YIA COMINT CIIA~HJELS O~JLY ORIGINAL (Reverse Blank) ---------- • UNCLASSIFIED • TABLE OF CONTENTS SUBJECT PAGE NO INTRODUCTION _______ - ____ - __ -- ___ -- __ -- ___ -- __ -- ___ -- __ -- __ --- __ - - _ _ _ _ _ _ _ _ _ _ _ _ iii • POSTSCRIPT ON SURPRISE _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I OPSEC--------------------------------------------------------------------------- 3 ORGANIZATIONAL DYNAMICS ___ -------- --- ___ ---- _______________ ---- _ --- _ ----- _ 7 THREAT IN ASCENDANCY _________________________________ - ___ - - _ -- - _ _ _ _ _ _ _ _ _ _ _ _ 9 • LPI _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I I SARK-SOME CAUTIONARY HISTORY __ --- _____________ ---- ________ --- ____ ----- _ _ 13 THE CRYPTO-IGNITION KEY __________ --- __ -- _________ - ---- ___ -- ___ - ____ - __ -- _ _ _ 15 • PCSM _ _ _ _ _ _ _ _ _ _ _ _ _ _ -
Application of Bioinformatics Methods to Recognition of Network Threats
View metadata, citation and similar papers at core.ac.uk brought to you by CORE Paper Application of bioinformatics methods to recognition of network threats Adam Kozakiewicz, Anna Felkner, Piotr Kijewski, and Tomasz Jordan Kruk Abstract— Bioinformatics is a large group of methods used in of strings cacdbd and cawxb, character c is mismatched biology, mostly for analysis of gene sequences. The algorithms with w, both d’s and the x are opposite spaces, and all developed for this task have recently found a new application other characters are in matches. in network threat detection. This paper is an introduction to this area of research, presenting a survey of bioinformatics Definition 2 (from [2]) : A global multiple alignment of methods applied to this task, outlining the individual tasks k > 2 strings S = S1,S2,...,Sk is a natural generalization and methods used to solve them. It is argued that the early of alignment for two strings. Chosen spaces are inserted conclusion that such methods are ineffective against polymor- into (or at either end of) each of the k strings so that the re- phic attacks is in fact too pessimistic. sulting strings have the same length, defined to be l. Then Keywords— network threat analysis, sequence alignment, edit the strings are arrayed in k rows of l columns each, so distance, bioinformatics. that each character and space of each string is in a unique column. Alignment is necessary, since evolutionary processes intro- 1. Introduction duce mutations in the DNA and biologists do not know, whether nth symbol in one sequence indeed corresponds to When biologists discover a new gene, its function is not al- the nth symbol of the other sequence – a shift is probable. -
AR 380-40 Safeguarding and Controlling Communications
FOR OFFICIAL USE ONLY Army Regulation 380–40 Security Safeguarding and Controlling Communications Security Material Distribution Restriction Statement. This publication contains technical or operational information that is for official Government use only. Distribution is limited to Government agencies or their contractors. Requests from outside the Government for release of this publication under the Freedom of Information Act will be referred to the Commanding General, U.S. Army Intelligence and Security Command, (IACSF–FI), Fort George G. Meade, MD 20755–5995. Requests from outside of the Government for release of this publication under the Foreign Military Sales program must be made to the Deputy Chief of Staff, G–2 (DAMI–CDS), 1000 Army Pentagon, Washington, DC 20310–1000. Destruction Notice. Destroy by any method that will prevent disclosure of contents or reconstruction of the document. Rapid Action Revision (RAR) Issue Date: 24 April 2013 Headquarters Department of the Army Washington, DC 9 July 2012 FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY SUMMARY of CHANGE AR 380–40 Safeguarding and Controlling Communications Security Material This rapid action revision, dated 24 April 2013- o Updates responsibilities for Commanding General, U.S. Army Intelligence and Security Command; Commanders, Army commands, Army service component commands, and direct reporting units; command security officers; commanders at all levels; and individual users (paras 1-8, 1-11, 1-12, 1-13, and 1-16). o Provides expanded policy and guidance for administering the Counterintelligence Scope Polygraph Program in support of the Department of the Army Cryptographic Access Program (chap 7). o Requires use of the U.S. -
New-Age Supercomputers: Hi-Speed Networks and Information Security
Journal of Electrical and Electronic Engineering 2019; 7(3): 82-86 http://www.sciencepublishinggroup.com/j/jeee doi: 10.11648/j.jeee.20190703.12 ISSN: 2329-1613 (Print); ISSN: 2329-1605 (Online) New-age Supercomputers: Hi-Speed Networks and Information Security Andrey Molyakov Institute of Information Technologies and Cybersecurity, Russian State University for the Humanities, Moscow, Russia Email address: To cite this article: Andrey Molyakov. New-age Supercomputers: Hi-Speed Networks and Information Security. Journal of Electrical and Electronic Engineering. Special Issue: Science Innovation . Vol. 7, No. 3, 2019, pp. 82-86. doi: 10.11648/j.jeee.20190703.12 Received : August 18, 2019; Accepted : September 21, 2019; Published : October 9, 2019 Abstract: The author describes computing strategic tasks that are used for ensuring defense and national security, the most important scientific, technical, biomedical and sociology tasks. Most typically, these are capability-based tasks. Supercomputers for their solution are respectively called Technical Capability, i.e. machines of extreme technical capabilities. Machines of this segment are also called High End Computers (HEC), and in our terminology - strategic supercomputers (SCs). Moving to the engineering level, author says that for tasks with good spatio-temporal work with memory, cache memory and schemes for automatically pre-loading data into the cache memory can be effectively used. This can significantly reduce the average memory access time of several hundred processor cycles to fractions of a processor cycle. Such tasks are usually called computational or cache-friendly (cach-friendly) - CF tasks. On tasks with poor spatio-temporal work with memory, the cache memory is useless, so each memory access is hundreds of processor cycles, the processor is idle because of this, and therefore the real performance is in units or even a fraction of a percent of the peak. -
Computer Oral History Collection, 1969-1973, 1977
Computer Oral History Collection, 1969-1973, 1977 Interviewee: Morris Rubinoff Interviewer: Richard R. Mertz Date: May 17, 1971 Repository: Archives Center, National Museum of American History MERTZ: Professor Rubinoff, would you care to describe your early training and background and influences. RUBINOFF: The early training is at the University of Toronto in mathematics and physics as an undergraduate, and then in physics as a graduate. The physics was tested in research projects during World War II, which was related to the proximity fuse. In fact, a strong interest in computational techniques, numerical methods was developed then, and also in switching devices because right after the War the proximity fuse techniques were used to make measurements of the angular motions of projectiles in flight. To do this it was necessary to calculate trajectories. Calculating trajectories is an interesting problem since it relates to what made the ENIAC so interesting at Aberdeen. They were using it for calculating trajectories, unknown to me at the time. We were calculating trajectories by hand at the University of Toronto using a method which is often referred to as the Richardson method. So the whole technique of numerical analysis and numerical computation got to be very intriguing to me. MERTZ: Was this done on a Friden [or] Marchant type calculator? RUBINOFF: MERTZ: This was a War project at the University of Toronto? RUBINOFF: This was a post-War project. It was an outgrowth of a war project on proximity fuse. It was supported by the Canadian Army who were very interested in finding out what made liquid filled shell tumble rather than fly properly when they went through space.