Protection/Security on Info Superhighway

PROTECTION AND SECURITY ON THE INFORMATION SUPERHIGHWAY
by Frederick B. Cohen

"From one of the world's leading experts on computer security: the risks of being online and
how to protect your information assets.

"The FBI estimates that each year as much as $5 billion is lost to computer crime. And,
incredibly, that's just the tip of the iceberg. Weaknesses in information systems have also
been exploited to gain the upper hand in negotiations, ruin reputations, win military conflicts
and even commit murder. Just how serious is the problem of information security and how
can it affect your life? How vulnerable is your organization's information system? And most
importantly, what can you do to protect yourself from the bandits, terrorists and cyberthugs
who roam the information superhighway?

"Now get the answers to these and other critical questions in the most penetrating and
broad-ranging investigation ever written on the problems of protection and security of the
information superhighway. Moving from one seemingly unbelievable case study to the next,
Frederick B. Cohen, one of the world's foremost experts on computer security:
- Explores the entire spectrum of communications systems, including the Internet,
cable television, microwave and satellite communications, electronic banking and trading,
and more
- Reveals the full magnitude of the problem of computer security in a world ever
more dependent on electronic information systems
- Examines the impact of faulty security on large and small businesses,
government,
the military and individuals
- Offers practical steps organizations and individuals can take to protect
themselves against security breaches."

= = = = =

CONTENTS

Chapter 1 Introduction and Overview
1.1 Preview
1.2 The National Information Infrastructure
Chapter 2 A Growing Dependency
2.1 Technology Marches on
2.2 Survival Dependencies
2.3 Personal and Business Dependency
2.4 National Survival Dependencies
2.5 Indirect Dependency
2.6 The Information Superhighway
Chapter 3 The Disrupters Are among Us
3.1 Computer Accidents
3.2 Intentional Events
3.3 A Classification of Disruptions
3.4 the Disrupters
3.5 Motivation
3.6 The Magnitude and Scope of the Problem
3.7 Adding it All up
Chapter 4 Asleep at the Switch
4.1 A History of Secrecy
4.2 Ignorance Is Not Bliss
4.3 The Birth of the Personal Computer
4.4 A Suppressed Technology
4.5 The Universities Fail Us
4.6 An Industry of Charlatans
4.7 Information Assurance Ignored
4.8 Current Disruption Defenses Depend on People
4.9 The Rest of the World Responds
Chapter 5 Protecting Your Information Assets
5.1 Information Protection
5.2 Infrastructures Are Different than Other Systems
5.3 A Piecemeal Approach
5.4 An Organizational Perspective
5.5 Some Sample Scenarios
5.6 Strategy and Tactics
5.7 The Cost of Protection
5.8 An Incremental Protection Process
Chapter 6 Protection Posture Case Studies
6.1 How to Do a Protection Posture Assessment
6.2 Case Study 1: a Ma and Pa Business
6.3 Case Study 2: a (Not-so) Small Business
6.4 Case Study 3: a Big Business
6.5 Case Study 4: a Military System
6.6 Case Study 5: the DoD and the Nation as a Whole
Chapter 7 Summary and Conclusions
Appendix A Details of the NII
A.1 Information Channels
A.2 The Evolution of the Information Infrastructure
A.3 The NII Today
A.4 Information Service Providers
A.5 Possible Futures
Appendix B Case Studies
B.1 Case Study 3: XYZ Corporation
B.2 Case Study 4: the Alma System
B.3 Case Study 5: the DoD and the Nation as a Whole
References
Glossary
Index

= = = = = =

ABOUT THE AUTHOR

"Dr. Frederick B. Cohen is world renowned for his ground-breaking work in protection for
information systems and networks. In 1974, he developed and prototyped the first timed
permutation lock based on musical patterns. In 1976, he developed protocols for secure
digital networks carrying voice, video, and data to be used in the next generation of
computer
networks. In 1981, he helped develop and prototype the first electronic cashwatch system for
implementing personal digital money systems. In 1984, he was the first author to publish
scientific work on transitive integrity corruption mechanisms and defenses against them, and
he coined the term computer virus at that time.

"Since 1984, Dr. Cohen has authored over 50 invited, refereed, and other scientific research
articles on mechanisms for enhancing integrity, availability, and privacy in information
systems and networks. He has authored seven graduate-level texts on information science,
several of which have been used to teach graduate students in universities. In 1989, he won
the prestigious international Information Technology Award for his scientific work on integrity
protection. He has developed several key technologies and products in use throughout the
world, and today, over half of all computers sold world wide contain integrity protection
mechanisms first published and prototyped by Dr. Cohen.

"As a nationally recognized authority on information infrastructure, Dr. Cohen regularly
provides consulting services for top management. His clients include many Fortune 500
companies, government agencies, universities, and professional corporations. He has
participated in corporate studies ranging from designing the next generation of cable
television and telephone systems, to securing global financial institutions as they attach to
the
National Information Infrastructure. He has taught graduate level courses at several
universities, implemented protection for office automation systems in several small
companies, and helped several public access Internet service providers.

"Beginning in 1984, Dr. Cohen performed significant research and analysis for U.S.
Government Agencies. In 1984, he performed studies in conjunction with a missile defense
program on the feasibility of attacking multilevel secure operating systems with computer
viruses. Throughout the late 1980s, Dr. Cohen participated in DoD sponsored conferences
and training and education programs to help raise awareness of vital infrastructure issues. In
the last several years, Dr. Cohen has performed significant work in the area of defensive
information warfare, including acting as a principal investigator on studies for the Defense
Information Systems Agency, the Office of the Secretary of Defense, and the U.S. Air Force.

"Dr. Cohen is also on the editorial boards of the IFIP TC-11 Journal Computers and Security,
the DPMA, IEEE, and ACM Computer Virus and Security Conference, and the
ACM/SigSAC
Annual Student Paper Review Board. He has reviewed scientific papers for IEEE, ACM,
IFIP, and other professional society publications, and has participated in other public service
activities throughout his career.

= = = = = =
1995, 301 pages Order #DR-181
= = = = = =

The Disaster Center Bookstore

MORE Information Security

Disaster Center Bookstore-a service of Rothstein Associates