Trust in Cyberspace
Total Page:16
File Type:pdf, Size:1020Kb
http://www.nap.edu/catalog/6161.html We ship printed books within 1 business day; personal PDFs are available immediately. Trust in Cyberspace Fred B. Schneider, Editor, Committee on Information Systems Trustworthiness, Commission on Physical Sciences, Mathematics, and Applications, National Research Council ISBN: 0-309-51970-5, 352 pages, 6 x 9, (1999) This PDF is available from the National Academies Press at: http://www.nap.edu/catalog/6161.html Visit the National Academies Press online, the authoritative source for all books from the National Academy of Sciences, the National Academy of Engineering, the Institute of Medicine, and the National Research Council: • Download hundreds of free books in PDF • Read thousands of books online for free • Explore our innovative research tools – try the “Research Dashboard” now! • Sign up to be notified when new books are published • Purchase printed books and selected PDF files Thank you for downloading this PDF. If you have comments, questions or just want more information about the books published by the National Academies Press, you may contact our customer service department toll- free at 888-624-8373, visit us online, or send an email to [email protected]. This book plus thousands more are available at http://www.nap.edu. Copyright © National Academy of Sciences. All rights reserved. Unless otherwise indicated, all materials in this PDF File are copyrighted by the National Academy of Sciences. Distribution, posting, or copying is strictly prohibited without written permission of the National Academies Press. Request reprint permission for this book. Trust in Cyberspace http://www.nap.edu/catalog/6161.html PREFACE i trust in cyberspace Fred B. Schneider, Editor Committee on Information Systems Trustworthiness Computer Science and Telecommunications Board Commission on Physical Sciences, Mathematics, and Applications National Research Council NATIONAL ACADEMY PRESS Washington, D.C. 1999 Copyright © National Academy of Sciences. All rights reserved. Trust in Cyberspace http://www.nap.edu/catalog/6161.html NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance. Support for this project was provided by the Defense Advanced Research Projects Agency and the National Security Agency. Any opinions, findings, conclusions, or recom- mendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors. Library of Congress Cataloging-in-Publication Data Trust in cyberspace / Fred B. Schneider, editor; Committee on Information Systems Trustworthiness, Computer Science and Telecommunications Board, Commission on Physical Sciences, Mathematics, and Applications, National Research Council. p. cm. Includes bibliographical references and index. ISBN 0-309-06558-5 (casebound) 1. Computer networks—Security measures. 2. Telecommunication—Government policy—United States. 3. Internet (Computer network)—Security measures. I. Schneider, Fred B. II. National Research Council (U.S.). Committee on Information Systems Trustworthiness. TK5105.59 .T78 1999 384.3—ddc21 98-58061 Additional copies of this report are available from: National Academy Press 2101 Constitution Avenue, N.W. Box 285 Washington, DC 20055 800/624-6242 202/334-3313 (in the Washington metropolitan area) Copyright 1999 by the National Academy of Sciences. All rights reserved. Printed in the United States of America Copyright © National Academy of Sciences. All rights reserved. Trust in Cyberspace http://www.nap.edu/catalog/6161.html COMMITTEE ON INFORMATION SYSTEMS TRUSTWORTHINESS FRED B. SCHNEIDER, Cornell University, Chair STEVEN M. BELLOVIN, AT&T Labs Research MARTHA BRANSTAD, Computer Security Researcher and Entrepreneur J. RANDALL CATOE, Cable and Wireless STEPHEN D. CROCKER, Steve Crocker Associates CHARLIE KAUFMAN, Iris Associates Inc. STEPHEN T. KENT, BBN Corporation JOHN C. KNIGHT, University of Virginia STEVEN McGEADY, Intel Corporation RUTH R. NELSON, Information System Security ALLAN M. SCHIFFMAN, SPYRUS GEORGE A. SPIX, Microsoft Corporation DOUG TYGAR, University of California at Berkeley Special Advisor W. EARL BOEBERT, Sandia National Laboratories Staff MARJORY S. BLUMENTHAL, Director JANE BORTNICK GRIFFITH, Interim Director (1998) HERBERT S. LIN, Senior Scientist ALAN S. INOUYE, Program Officer MARK BALKOVICH, Research Associate (until July 1998) LISA L. SHUM, Project Assistant (until August 1998) RITA A. GASKINS, Project Assistant DAVID PADGHAM, Project Assistant iii Copyright © National Academy of Sciences. All rights reserved. Trust in Cyberspace http://www.nap.edu/catalog/6161.html COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD DAVID D. CLARK, Massachusetts Institute of Technology, Chair FRANCES E. ALLEN, IBM T.J. Watson Research Center JAMES CHIDDIX, Time Warner Cable JOHN M. CIOFFI, Stanford University W. BRUCE CROFT, University of Massachusetts, Amherst A.G. FRASER, AT&T Corporation SUSAN L. GRAHAM, University of California at Berkeley JAMES GRAY, Microsoft Corporation PATRICK M. HANRAHAN, Stanford University JUDITH HEMPEL, University of California at San Francisco BUTLER W. LAMPSON, Microsoft Corporation EDWARD D. LAZOWSKA, University of Washington DAVID LIDDLE, Interval Research JOHN MAJOR, QUALCOMM Inc. TOM M. MITCHELL, Carnegie Mellon University DONALD NORMAN, Nielsen Norman Group RAYMOND OZZIE, Groove Networks DAVID A. PATTERSON, University of California at Berkeley DONALD SIMBORG, KnowMed Systems LEE SPROULL, Boston University LESLIE L. VADASZ, Intel Corporation MARJORY S. BLUMENTHAL, Director JANE BORTNICK GRIFFITH, Interim Director (1998) HERBERT S. LIN, Senior Scientist JERRY R. SHEEHAN, Senior Program Officer ALAN S. INOUYE, Program Officer JON EISENBERG, Program Officer JANET BRISCOE, Administrative Associate NICCI DOWD, Project Assistant RITA GASKINS, Project Assistant DAVID PADGHAM, Project Assistant iv Copyright © National Academy of Sciences. All rights reserved. Trust in Cyberspace http://www.nap.edu/catalog/6161.html COMMISSION ON PHYSICAL SCIENCES, MATHEMATICS, AND APPLICATIONS PETER M. BANKS, ERIM International Inc., Co-chair W. CARL LINEBERGER, University of Colorado, Co-chair WILLIAM BROWDER, Princeton University LAWRENCE D. BROWN, University of Pennsylvania MARSHALL H. COHEN, California Institute of Technology RONALD G. DOUGLAS, Texas A&M University JOHN E. ESTES, University of California at Santa Barbara JERRY P. GOLLUB, Haverford College MARTHA P. HAYNES, Cornell University JOHN L. HENNESSY, Stanford University CAROL M. JANTZEN, Westinghouse Savannah River Company PAUL G. KAMINSKI, Technovation Inc. KENNETH H. KELLER, University of Minnesota MARGARET G. KIVELSON, University of California at Los Angeles DANIEL KLEPPNER, Massachusetts Institute of Technology JOHN R. KREICK, Sanders, a Lockheed Martin Company MARSHA I. LESTER, University of Pennsylvania M. ELISABETH PATÉ-CORNELL, Stanford University NICHOLAS P. SAMIOS, Brookhaven National Laboratory CHANG-LIN TIEN, University of California at Berkeley NORMAN METZGER, Executive Director v Copyright © National Academy of Sciences. All rights reserved. Trust in Cyberspace http://www.nap.edu/catalog/6161.html The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the fur- therance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce Alberts is president of the National Academy of Sciences. The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engi- neers. Dr. William A. Wulf is president of the National Academy of Engineering. The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibil- ity given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Kenneth I. Shine is president of the Institute of Medicine. The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences