Volume 13, Issue 5

Top 10 IT Priorities for Obama

VNUNet (01/19/09) Thomson, Iain; Nichols, Shaun

U.S. President Barack Obama has a number of IT issues to address, and Webcasting is one such priority, according to authors Iain Thomson and Shaun Nichols. Thomson says he is hopeful that the Internet will be used much more widely to broadcast government business, while Nichols stresses the need to retool the Digital Millennium Copyright Act to accommodate Web 2.0 and smart phones, to name just two variables that have changed the nature of the copyright issues the act was originally designed to handle. The authors say the president must pass laws to guarantee that privacy is respected where it is desired, with Nichols arguing for an overhaul and update to compliance rules, along with stronger enforcement. Another IT priority for Obama is how to manage the new wireless spectrum opened up by the cessation of over-the-air TV broadcasts in the United States. Thomson writes that "now that we are finally starting to see WiMax deployments there are going to be no excuses for not allowing everyone the chance to go online." Thomson and Nichols make the case that green technology is a solid business investment amplified by pressing issues about climate change and the need for greater energy efficiency. The authors agree that a major investment in broadband infrastructure is needed, with Nichols noting that such a move "could open the possibility of new business development to rural areas where property is cheap and jobs are hard to come by." Thomson says net neutrality will be the biggest technological issue for the Obama administration, and argues that such neutrality must be instituted as a statute as expediently as possible. Nichols says net neutrality is essential to preventing big businesses from receiving preferential treatment, to the detriment of any emerging online enterprise.

View Full Article | Return to Top

Networked Embedded System Middleware Speeds Up the Development of Innovative Systems

Fraunhofer Institute (01/20/09) Deeg, Alex

The Fraunhofer Institutes for Applied Information Technology and Secure Information Technology has developed context aware middleware that is designed to help in the manufacturing of intelligent environments. The institute's Hydra project developed a Networked Embedded System Middleware for Heterogeneous Physical Devices that will help manufacturers and system integrators in combining and connecting devices that can work together in cost-effective and flexible solutions. "A main issue in the Hydra project is networking a broad range of heterogeneous devices," says project coordinator Markus Eisenhauer. "The middleware makes it easy for developers to integrate additional devices and sensors into a distributed infrastructure. And it helps them take care of privacy and security requirements." The Hydra middleware supports several operating systems and programming languages, and can be used in a broad range of applications. To improve security, the middleware minimizes information exchange and the mechanisms needed for secure communication. To demonstrate its use, the researchers created a small model building equipped with sensors that send short messages to alert users to a technical defect. The model includes a situation in which a sensor detects humidity inside the house's heating system and alerts inhabitants by calling a mobile phone and orders an emergency repair request at a service company.

View Full Article | Return to Top

Worm Infects Millions of Computers Worldwide

New York Times (01/23/09) Markoff, John

A computer worm is infecting millions of computers in what could be the first part of a multi-stage attack. The worm, known as Conflicker or Downadup, has spread by exploiting a recently discovered Microsoft Windows vulnerability that involves guessing network passwords and using portable devices such as USBs to spread. Experts say the worm has led to the worst infection since the Slammer worm in January 2003, and it may have infected as many as 9 million PCs worldwide. Many computer users may not notice that their machines have been infected, and computer security researchers say they were waiting for infected computers to receive instructions so they can determine the intended purpose of the botnet. Infected computers may run programs in the background to send spam, infect other computers, or steal personal information. Microsoft released an emergency patch to eliminate the vulnerability in October, but the worm has continued to spread. Security researchers at the Qualys security firm estimate that about 30 percent of Windows-based computers attached to the Internet remain vulnerable because they have not been updated with the patch. "I don't know why people aren't more afraid of these programs," says Georgia Institute of Technology professor Merrick L. Furst. "This is like having a mole in your organization that can do things like send out any information it finds on machines it infects."

View Full Article | Return to Top

Overseas Tech Student Numbers Up

Australian IT (01/20/09) Bingemann, Mitchell

International demand for IT-related degrees continue to grow, and enrollments in IT-related fields has remained strong in Australia, with several universities recording significant increases. Queensland University of Technology (QUT) says it recorded a 65 percent increase in acceptances from international students looking to enroll in IT-related degrees this year. "Generally, when there are recessions, universities do well because people want to become more employable by attaining more knowledge and qualifications," says QUT science and technology dean Simon Kaplan. Griffith University School of Information and Communication Technology head Michael Blumenstein also expects to see a growth in foreign student enrollment. Local enrollment in IT-related courses also is strong at QUT and Griffith University. "When the economy was strong last year we experienced a 27 percent increase in IT enrollments," Blumenstein says. "At the very least we will maintain those numbers." However, James Thom, head of the Royal Melbourne Institute of Technology's School of Computer Science says the school is expecting a slight drop from 2008 enrollment figures. "There is still not enough students choosing IT as a career and once the economy picks up there will be a big shortage of IT graduates to take up the work," Thom says.

View Full Article | Return to Top

Crowd-Sourcing the World

Technology Review (01/21/09) Greene, Kate

Santa Fe Institute research fellow Nathan Eagle is launching txteagle, a project that will distribute tasks using cell phones in an effort to leverage an underused workforce in some of the poorest parts of the world. Eagle says using text messages or audio clips to distribute questions to participants in developing countries could make some tasks, such as translating documents into other languages or rating the local relevance of search results, more economical while providing a source of income for those in need. Nokia has partnered with Eagle on the txteagle project, which Eagle says will demonstrate how companies can benefit from this strategy. For example, Kenya has more than 60 fundamentally different languages. Nokia wants to provide phones to everyone in their native language, but has no idea how to translate words, such as "address book," into each language, which could be done by the phones' users. Another application could be audio transcription. By sending users a short audio message, and having them transcribe that message and send the transcription back as a text message, audio could be transcribed for about $3 an hour, which is 60 percent cheaper than current transcription rates.

View Full Article | Return to Top

How Google Is Making Us Smarter

Discover (01/15/09) Zimmer, Carl

Various articles have recently appeared that question whether blogs, text messaging, and the Internet are making people less intelligent. "As we come to rely on computers to mediate our understanding of the world, it is our own intelligence that flattens into artificial intelligence," wrote Nicholas Carr in a recent Atlantic article. However, others say that few of the threats and warnings addressed in these articles are based in fact. For example, English linguist David Crystal disputes the idea that texting is ruining people's spelling by arguing that texting actually improves literacy as it provides more opportunities to practice writing and reading. Other warnings are based on popular misconceptions of how the mind works. Some argue that the Internet and technology are blocking the natural world from reaching the mind, but in fact that mind appears to be adapted for reaching out and making the world, including technology, an extension of itself. Two philosophers, Andy Clark and David Chalmers, explain the idea of the expanding mind by providing two examples—a women capable of remembering the address of the Museum of Modern Art after hearing about a specific display, and a man with Alzheimer's who must look up the address in his notebook after hearing about the display. Clark and Chalmers argue that the woman's brain and the man's notebook, and now technology, are fundamentally the same. The woman is capable of recalling information offhand while the man uses his notebook, a part of his extended mind, to recall information.

View View Full Article | Return to Top

IT Professionals See Salary Increase But Job Security Remains Top Concern

eWeek (01/22/09) Ferguson, Scott

The average IT salary rose 4.6 percent to an average of $78,035 in 2008, and by more than 5 percent to an average of $87,257 for IT professionals working in the banking and financial services industry, according to Dice. IT professionals with an IT management title earned the most with an average of $111,998. The 2008-09 Annual Salary Survey found that salaries increased significantly in major technology centers such as New York, Silicon Valley, and Washington, D.C., as well as in nontraditional tech areas such as Charlotte, N.C., and St. Louis. Dice conducted the survey between August and November, and also asked more than 19,000 technology workers about their concerns heading into the new year. Updating their skills was cited by some 22 percent, followed by layoffs at 20 percent, lower salary increases at 14 percent, canceled projects at 12 percent, and an increased workload due to staffing cuts at 10 percent. Dice also says there was a 67 percent increase in new resumes posted to its site in the fourth quarter of 2008, but adds that most job searches were "passive."

View Full Article | Return to Top

Information Architecture for Digital Libraries

First Monday (12/08) Vol. 13, No. 12, Simon, Scott J.

The libraries of the 21st century will be Web-based, but the technologies, standards, and architecture that future digital libraries will use are still being defined, writes University of South Florida information scientist Scott Simon. As defined by the Association of Research Libraries, digital libraries require multiple resources; transparent connections between the numerous digital libraries and information services; universal access to digital libraries and information services; and the inclusion of digital artifacts that cannot be represented or distributed in printed formats. There is a difference between a digital library that offers digital content exclusively and one that offers both digital and physical content. Information architecture is a deep-seated element in the design and development of digital libraries, and the framework of a digital library is constructed through the integration of functional, technical, and landscape architectures. Defining and documenting those structures is the chief responsibility of the information architect, and among the common characteristics of digital libraries is the provision of user needs. User needs determine the spectrum of services that the architecture is designed to deliver, and these services are subsequently enabled by standards. Standards facilitate communication between components and effect interoperability, and a great deal of architecture boasts several interdependent layers of standards that come together to support specialized functionality. Scalability of architectural elements is enabled by standards to satisfy increasing demand, and the standards also enable extensibility. Therefore, a core architecture can support many design changes and enhancements that would be impossible otherwise.

View Full Article | Return to Top

Phishing Warfare Against Armed Forces

by Sean Price

Introduction The problems with phishing persist. This scourge shows no sign of abating and will likely increase into the foreseeable future. [1] Warfighters are just as likely as any other group of individuals to be victims of a phishing attack. However, new types of phishing attacks may be used as surgical strike methods of exploiting weaknesses associated with phishing as an information warfare tactic. This article suggests that phishing Warfare Against Armed Forces (WAARF) will emerge as a new vector of information warfare. Phishing has primarily been a phenomenon used to steal privacy information from unwitting victims. The principle attack method involves an enticement that causes the victim to visit a malicious website purported to be authentic. At its core, phishing is a hightech form of social engineering. The attacker’s objective is to convince the victim to disclose privacy information or credentials that the attacker can use to conduct a financial fraud. According to Myers, [2] a phishing attack is generally characterized by a lure, hook, and catch— ff The Lure—The lure is an enticement delivered through email. The email contains a message encouraging the recipient to follow an included hypertext link. The hyperlink often masks a spoofed uniform resource locator (URL) of a legitimate website. ff The Hook—The hook is a malicious website designed to look and feel like a legitimate website. The authentic-looking website asks the victim to disclose privacy-related information, such as user identification and password. Often the hook is an obfuscated URL that is very close to one the victim finds legitimate and is really a site under the attacker’s control. [3] ff The Catch—The catch is when the originator of the phishing message uses the information collected from the hook to masquerade as the victim and conduct illegal financial transactions.

Phishing attacks are not new—the security community has known about them for some time. Unfortunately, people still succumb to these attacks. It is thought that a victim falls prey to phishing attacks because of the following reasons— ff An email is considered authentic; that is, a user is deceived into thinking an email is from an authentic or legitimate source. However, the email is often sent from an unrelated site, which can be gleaned from detailed header information in the email message. Unfortunately, email client software often hides this detailed information from the end user. Failure to verify this information can cause the user to believe the email is genuine when in fact it is not. The “From” field of the email is typically spoofed to appear to originate from a legitimate sender. ff The request seems legitimate. The recipient perceives the enticement of a phishing email to be valid. ff The website appears genuine. Clicking on a link in an email commonly spawns a new browser instance or causes the most recently activated instance to navigate to the associated URL.

Spear phishing is a directed type of attack that targets specific groups of people. With this attack, the phisher sends an email to group of people who are often in the same organization. Frequently, the phishing email is spoofed to appear to be from an actual member of the group. Phishing WAARF is considered a type of spear phishing. The important difference between the two is principally the objective of the attack. Spear phishing is conducted to perpetrate a fraud, whereas phishing WAARF is used to gain military intelligence, conduct espionage, or perform information warfare activities.

View Full Article | Return to Top

Cybercrooks Target Social Networks

Melissa Chua, CIO Asia

The distribution of malware on social networking sites first occurred in small amounts towards the end of 2007, but that trend appears to be on the rise.

According to a report from MessageLabs Intelligence, which specializes in the analysis of messaging security issues and threats, a popular tactic in 2008 among cyber criminals involved the creation of fictitious accounts on social networking sites. These fake accounts were then used to post malicious links, which usually led to a phishing site, to legitimate users.

Scammers would then make use of the phished personal information, such as usernames and passwords, to gain access to legitimate accounts. This access would be used to post blog comments on their pages of their friends, and send messages from the phished accounts to other contacts. These messages usually contained spam, including links to spam sites such as online pharmacies.

"Web 2.0 offers endless opportunities to scammers for distributing their malwarefrom creating bogus social networking accounts to spoofed videosand in 2008, the threats targeting social networking environments became very real," said Richard Bowman, regional manager, MessageLabs South Asia.

View Full Article | Return to Top

How the Sumitomo Bank Hackers Failed

John E. Dunn, Techworld.com

The largest near-heist in banking history failed because the men accused of trying to carry it out didn't properly fill in a single field in an electronic transfer form.

This is one of the extraordinary details that have emerged in the trial of three men accused of having tried in September and October 2004 to rob Japan's Sumitomo Mitsui bank of an eye-watering £229 million ($318 million at today's exchange) from inside its office, in the City of London.

The three men directly involved — Kevin O'Donoghue, a bank security supervisor and two Belgian software experts, Jan Van Osselaer, 32 and Gilles Poelvoorde, 34 — admit their role in the attempted theft.

Far from using a sophisticated remote hacking scheme, the accused men chose a much simpler way of breaking into the bank's systems — they walked in the front door.

At the time, O'Donoghue was working at the bank's offices in a security capacity, and was able to allow the Belgians access to the building on several occasions. On the first visit they are believed to have installed keylogging programs on key PCs to record passwords and account names. During later visits, the men retrieved this information and then used it to attempt money transfers from Sumitomo customers, including Toshiba International, Sumitomo Chemical. Nomura Asset Management, and Mitsui OSK Lines.

View Full Article | Return to Top

Building Tomorrow's Scientists, Mathematicians Today

South Florida Sun-Sentinel (FL) (01/17/09) Qualman, Rick R.

Math and science must become more popular with young children if they are to take advantage of the employment opportunities as the world becomes smarter, writes Rick R. Qualman, IBM's senior state executive for Florida. The retirement of Baby Boomers already means that between 250,000 and 500,000 IT jobs could go unfilled over the next five years. Also, fewer students are enrolling in computer science programs, and test scores in math and science at the middle school level are below the national average. Florida schools will not be able to solve the problem on their own, considering the state's budget woes. "We, as parents, business professionals, and community leaders must also take action, encouraging young people to excel in math and science and supporting those who have expressed an interest in such careers with mentors and resources to help them stay on course and succeed," Qualman says. He says that starting Transition to Teaching programs would be a way for companies to prepare employees to become math or science teachers when they retire. "Our children can succeed in tomorrow's smart world—if they are prepared," Qualman says.

View Full Article | Return to Top

Advocates Worry Electronic Voting Allows Fraud

Medill Reports (01/21/09) Barker, Jeffery

Many election officials in the United States would like to see a return to paper-ballot voting, which they say is faster and more reliable that touch-screen voting. Illinois state representative Mike Boland wants to limit touch-screen machine use to handicapped voters, and is calling for stricter recount policies after witnessing problems in Ohio and other states. Current Illinois law requires an automatic recount of 5 percent of an election's vote. Boland and the Illinois Ballot Integrity Project (IBIP) want to raise the recount to 10 percent of the vote. Illinois precincts offer voters two options at the polls. Touch-screen machines provide voters with an ATM-like interface that voters press to make their choices and receive a grocery-style receipt. Voters can either confirm the receipt or vote again. Voters also have the option of voting on a traditional paper ballot that is read by an optical scanner. In DuPage county, most voters chose the optical scanner. IBIP's Robert Wilson says the organization opposes touch-screen voting because of its cost, inaccuracy, and security concerns. The IBIP is primarily concerned because there is no review of the software used in touch screen voting, says IBIP's Melisa Urda. Urda says the machine's software "is so porous that someone with a cell phone could hack into it."

View Full Article | Return to Top

Building a Better Spam-Blocking CAPTCHA

Computerworld (01/23/09) Vaughan-Nichols, Steven J.

Malware designers and spammers have become increasingly adept at tricking Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) security systems on Web sites. Spammers and crackers have created programs capable of defeating CAPTCHAs, and have released cracking software to enable anyone to beat them. These programs use optical character recognition (OCR) software to sort through a CAPTCHA's squiggly text. If a program fails, it tries again, exploiting the fact that some CAPTCHAs do not present new text to users who fail the first time. Carnegie Mellon University (CMU) computer scientists are now working to redesign CAPTCHAs to create a more secure system. The first redesign, known as reCAPTCHA, uses the Google Books Project and the Internet Archive to find words that the two projects' OCR systems were unable to recognize. Human users are asked to identify these words to sign up for Web sites, helping complete the two projects' digitalization of older books in the process. CMU researchers also are exploring image-based CAPTCHAs. The ESP-PIX system requires users to pick a word that describes four objects in an image, and the SQ-PIX system asks users to choose one image from a group of three and trace the outline of the object within the image. However, the researchers say these systems still have some flaws, since people can easily create abnormal descriptions or lack the dexterity to accurately trace an image onscreen.

View Full Article | Return to Top

Shoe Phone Offers Medical Device Potential

Flinders University (01/23/09)

A computer scientist at Australia's Flinders University has developed a shoe phone. Paul Gardner-Stephen built the shoe phone as a theater prop, but he believes the device could be used to deliver health-related information to home nursing caregivers or senior-care facilities. The bioinformatics expert says the shoe is a good place to put the electronics needed to store and relay medical data such as pulse, blood pressure, and blood oxygenation. The shoe also can take advantage of the large forces that are conducted as a person stands and walks, and energy can be harvested for charging the device during regular activity. "A shoe-based device would not only be easy to wear, it could run significantly longer between battery charges," Gardner-Stephen says. "The shoe-based platform makes it possible to detect shocks and orientation changes resulting from, for example, a fall."

View Full Article | Return to Top

Software Improves and Predicts Outcome of Lifesaving Children's Heart Surgery in 3D

Georgia Institute of Technology (01/23/09)

Georgia Tech College of Computing School of Interactive Computing researchers have developed Surgem, software that enables pediatric cardiac surgeons to manipulate a three-dimensional (3D) model of a patient's actual heart to explore surgical options. The researchers say that Surgem can significantly increase the likelihood that children with complex abnormalities will have quicker recoveries and a better quality of life. "We designed a sophisticated graphic interface where the operator holds a 3D tracker in each hand to rotate, pull, and twist the digital model of the patient's anatomy," says professor Jarek Rossignac. "It takes surgeons only minutes to master the program, because interacting with 3D shapes by holding a tool in each hand is what they do every day." The technology creates a 3D model of a patient's heart using data from MRI scans. Surgeons can use Surgem to obtain a detailed look at the patient's heart functions and to design surgical procedures for the best post-operative performance. Computational fluid dynamic analysis can simulate the heart's post-operative behavior to help the surgeon determine which option will be the most effective for the patient. Pediatric cardiologists and surgeons have been refining Surgem and the process used to analyze surgical options.

View Full Article | Return to Top

Semantic Delivery

Technology Review (01/23/09) Naone, Erica

Stanford University researchers are developing Semantic Email Addressing (SEAmail), an email system that enables users to direct a message to people who fulfill certain criteria without knowing their email addresses or even their names. Stanford University professor Michael Genesereth says email addresses are an artificial way of directing messages to the right people. "You want to send messages to people or roles, not to strings of characters," Genesereth says. SEAmail can direct mail be simply typing in a person's name or addressing a message to a group of users with a description, such as "all professors who graduated from Harvard University since 1960." SEAmail addresses messages similarly to how search queries are structured. The user can either enter a person's name or a set of logical requirements. The system is limited by how much information it has on potential recipients. SEAmail requires detailed data on the people sending messages to one another, including interests and other defining categories. Genesereth's team is researching ways to combine existing databases without affecting how they are already being used. However, getting good data for SEAmail from the Internet is significantly harder than it is within an organization. Genesereth says that although semantic standards can enable systems to extract information about people from Web pages, outdated information could degrade the quality of the SEAmail system.

View Full Article | Return to Top

New Insight Into How Bees See

Monash University (01/23/09) Blair, Samantha

Monash University bee researcher Adrian Dyer has made a discovery that could lead to improved facial-recognition systems: honeybees can learn to recognize human faces even when seen from different angles. "What we have shown is that the bee brain, which contains less than 1 million neurons, is actually very good at learning to master complex tasks," he says. "Computer and imaging technology programmers who are working on solving complex visual recognition tasks using minimal hardware resources will find this research useful." Dyer says bees use a mechanism of interpolating or image averaging previously seen views to recognize faces from new angles. His study found that the highly constrained neural resources of bees, which have brains only 0.01 percent the size of a human brain, have evolved so that they can process complex visual recognition tasks. "The relationships between different components of the object often dramatically change when viewed from different angles, but it is amazing to find the bees' brains have evolved clever mechanisms for problem solving which may help develop improved models for [artificial intelligence] face-recognition systems," Dyer says.

View Full Article | Return to Top

Guarding the Cybercastle in 2020

by Todd McDonald, Bert Peterson, Dan Karrels, Todd Andel, and Rick Raines

Abstract
Monitoring and defending current and future US Air Force (USAF) networks will require a synergy of emerging technologies and some degree of novelty in both acquisition and operational art. In this article, we examine possibilities for future distributed defensive architectures and consider them in light of security and trust. As we consider current research efforts devoted to information and network security, we catch a brief glimpse at what the future cyber defense landscape, or “Cybercastle,” may look like.

Disclaimer
The views expressed in this article are those of the authors and do not reflect the official policy or position of the US Air Force, Department of Defense, or US Government.

Introduction
Many of the commercial systems found in the developed and developing world depend on computers and communication networks for the ability to conduct enterprise activities. Similarly, the Department of Defense (DoD) has overlaid major operational capabilities on information networks that support command, control, and communications (C3) at various levels. In 2005, the USAF officially recognized the criticality of the information domain as a strategic warfighting resource and redefined its mission statement to include “deliver sovereign options for the defense of the United States of America and its global interests—to fly and fight in Air, Space, and Cyberspace”. [1] Secretary of the Air Force Michael W. Wynne subsequently reinforced this vision with the creation of a Cyberspace Command (AFCYBER). [2] The DoD has recently refocused its formal definition of cyber as “a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers,” consistent with presidential cyber security policy. [3] In any current military understanding, cyber defense squarely encompasses computers (embedded and standalone) and their interconnectivity.

Currently, we are seeing a flood of threats to the electronic infrastructure of governments around the world, including our own. As we consider the landscape of the USAF network infrastructure over the next decade, we may also consider possibilities for defending that infrastructure in a holistic, secure, and trusted manner. It makes sense as well that whatever revolutionary changes we may ultimately consider, the entire panorama of the defense industrial base (DIB) and our national commercial interests are envisioned. The Cybercastle, in this view, encompasses (but is not limited to) portions of the Internet that support military and high-encryption systems, DoD intranets, external information systems, wireless/radio communications systems, and infrastructure control systems using Supervisory Control and Data Acquisition (SCADA) systems.

Today, nearly 10% of all Internet nodes belong (unknowingly) to a malicious multi-agent system whose owner waits for a high bidder to make use of its services. As Internet usage worldwide continues to grow, and with average users unaware of their vulnerability to assimilation into a malicious C3 network, the next decade promises huge challenges directly rooted in cyber-network defense and protection. To deal with the possibilities for cyberterrorism in the ongoing Global War on Terrorism (GWOT) or possible malicious attacks of nation-state actors against the Cybercastle, we turn our attention to high-level goals for building defensive systems. What will the castle look like a decade from now? How strong will its walls be, or how strong do we need the walls to be in light of the veracity of those on the other side of the moat? What is a wall or a moat in cyberspace, given that threats can also come from inside the network? We discuss thoughts on these topics and give some insight on what technological advances or prices will most likely be paid to ensure the Cybercastle’s resilience.

View Full Article | Return to Top

Defining the GIG Core

by Julie Tarr and Tony DeSimone

Abstract
This article defines numerous concepts associated with the GIG and discusses two architectural options for constructing the core of the GIG: striped core and black core. In all cases, we assume that traffic flows are protected in the core using Internet Protocol Security (IPSec) or similar protocols. A striped network simplifies the interconnection of core component by making traffic visible at the interconnection point, whereas decrypting and re-encrypting to allow interconnection of core components complicate the end-to-end problem of IPSec gateway discovery, network routing, and quality of service. Decrypting at intermediate nodes also compromises the protection of traffic afforded by end-to-end IPSec encryption. We demonstrate that a black core offers greater flexibility in exploiting network connectivity than a striped core.

Introduction
The Global Information Grid (GIG) is a large, complex undertaking that is intended to integrate virtually all information systems, services, and applications in the US Department of Defense (DoD) into one seamless, reliable, and secure network. To achieve the GIG vision of ubiquitous and reliable communications, the GIG will need to support mobility, security, and survivability over a core network infrastructure that is built from network components that various services and organizations have procured and manage.

The network infrastructure is fundamental to the vision for future military operations and communications. [1,2] The capabilities needed for this future information grid (e.g., mobility, security, and survivability) impose significant requirements on the network. This article discusses the architectural options in constructing the network, including the protection of traffic traversing the core, the interconnection of core components, and implications for quality of service and routing.

Needs and Challenges
The GIG will be diverse in not only the necessary technologies for supporting GIG capabilities but also the range of operational environments. This diversity is inherent to the missions. Future warfighters will require information at the edge, delivered over tactical wireless networks. The information includes local and regional communications, along with reachback over satellite to resources in data centers attached to high-speed terrestrial networks. Bandwidth of systems providing connectivity in this environment could span six orders of magnitude, from forward-deployed tactical systems at a few kilobits per second (kb/s) to fiber networks and attached resources at 10 Gigabits per second (Gb/s).

Further, the GIG is not a single program; rather, it is a construct for driving the development of multiple programs. The network infrastructure will be built from components of various services and organizations. Technologies will be diverse, policies will limit what can be communicated across network interfaces and operations that bring together various services, and organizations add complexity in the interconnection of the networks.

Network Core
The GIG network infrastructure will be an Internet Protocol (IP) based “network of networks” composed of network components that are controlled and managed by various organizations or services. Each core component will be administered separately. The network core components are also composed of various transport mediums (e.g., fiber, wireless, and satellite links). The performance characteristics of each network core component may vary widely. The network infrastructure also requires interconnection to the Internet.

Because the network infrastructure is IP based, we assume that IPSec [3,4,5] devices will be used to protect information across the core of the network. IPSec establishes security associations (SA) between each pair of communicating entities.

View Full Article | Return to Top

SANS Ouch Newsletter: 1. Consumer Awareness: Spyware Q & A

Q: What is spyware?
A: Spyware is malicious software installed on your computer without your knowledge or consent that monitors or controls your computer use. It may be used to send you pop-up ads, redirect your computer to websites, monitor your Internet surfing, or record your keystrokes, which could lead to the theft of your personal information.
Q: How can I tell if my computer is infected with spyware?
A: Your computer may be infected with spyware if:
- It slows down, malfunctions, or displays repeated error messages
- It won't shut down or restart
- It serves up a lot of pop-up ads, or displays them when you're not surfing the web
- It displays web pages or programs you didn't intend to use, or sends emails you didn't write.
Other signs include:
- Your browser takes you to sites other than those you type into the address box - Your home page changes suddenly or repeatedly - New and unexpected toolbars - New and unexpected icons in the system tray (at the lower right corner of your screen) - Keys don’t work (for example, the “Tab” key that might not work when you try to move to the next field in a webform) - Random error messages
Q: What should I do if I think my computer is infected?
A: Stop shopping, banking, and other online activities that involve usernames, passwords, or other sensitive information. Spyware could be sending your personal information to identity thieves. Write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem. Your notes will help you give an accurate description to the technician. At the office, report the problem to your IT help desk, network administrator, or information security officer. At home, if your computer is covered by a warranty that offers technical support, contact the manufacturer, your Internet Service Provider (Comcast, AT&T, Time Warner, Verizon, Qwest, Earthlink, etc.), or a trusted computer consultant.
More information: http://www.onguardonline.gov/topics/computer-security.aspx

View Full Article | Return to Top

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License