Today’s information systems are vulnerable to Information Warfare attacks. Absent a constant vigilance and administration, any secure system will become more vulerable over time. Client/server architechures, remote accesses, trusted networks, and heterogeneous environments exacerbate the problem. This report discusses an on-going research and development project to develop a software architecture for a vulnerablity assessment, responsibilities, communicating with a centralized computer.

High Power Electromagnetic Pulse generation techniques and High Power Microwave technology have matured to the point where practical E-bombs (Electromagnetic bombs) are becoming technically feasible, with new applications in both Strategic and Tactical Information Warfare. The development of conventional E-bomb devices allows their use in non-nuclear confrontations. This paper discusses aspects of the technology base, weapon delivery techniques and proposes a doctrinal foundation for the use of such devices in warhead and bomb applications

The Defense Information Systems Security Program (DISSP) was initiated at the request of the Assistant Secretary of Defense (Command, Communications and Intelligence). The Defense Information Systems Agency (DISA) and the National Security Agency (NSA) agree to cooperate in achieving eight security objectives. These objectives were in the areas of: Security policy Architecture Standards and Protocols Accreditation Procedures Technology Transition Planning Organizational Improvement Products and Services Availability Accordingly, a DISSP Office was established and among its responsibilities was the development of the Department of Defense (DoD) Goal Security Architecture (DGSA). The DISSP has since become a part of the Center for Information System Security (CISS) in DISA. The CISS assists DoD organizations in the transition of exsisting systems, and in the development of new systems in accordance with the DGSA. Concurrent with the develpment of the DGSA, efforts were underway within the DISA to define information system archtectures for the Defense Information System (DIS). These efforts focused under the Technical Architecture Framework for Information Management (TAFIM). The TAFIM is intended to be generic and sufficiently flexible in its definition so that specific systems may be developed or modified to satisfy mission goals. The TAFIM is thereby a “goal information system architecture” and has, as Volume 6, incorporated teh DGSA as its “goal security archtecture”.

For the 1996 Summer Study, JASON was asked to come up with ideas that DARPA might issue to the world as Grand Challenges-ideas needing substantial technological innovation, requiring years to bring to fruition, but not simply massive engineering projects, which would have real impact on the future. We quote from the informal guidance JASON received from DARPA: “The idea is to come up with a problem that is especially concise in description and especially rich in challenge. It should have a certain frivolity so as not to be too applied but ye not silly. For instance, the mechanical hummingbird is a good example…In each case the solution requires as much clevernes as science..these challenges (should) also yield value far beyond the solution of the specific problem. These should not be like high-performance computing or human genome or going to the moon or cure for HIV. Those are initiatives-big, important, multidisciplinary..directed effort problems.” In this report, we discuss briefly a number of ideas for Grand Challenges, in some cases going into a moderate amount of detail. We cannot furnish the actual solutions; if we could, the ideas would not qualify as the kind of challenge we seek. But what we now know and given a certain amount of cleverness, insight, and hard work.

Profitablility of organizations is ultimately dependent on the effectiveness with which they exchange, gather, process, retrieve, link, control, share, manage, and above all, protect their data and information. All these processes, however require that the right informations be made available to the right person or persons at the right place and at the right time. Costly lessons learnt with regard to information security controls introduced over the past number of years made it abundantly clear that it was vital, especially in commercial evironment, circumspectly and descreetly to apply counter-measures for the protection of information…

Should an organization inform law-enforcement officials when it discovers evidence of unauthorized activity in its information systems processing operations? Deciding how to answer that question depends on some considerations. Information systems security professionals should address the issue before to decide how to resolve it arises. Building in law-enforcement agency personnel can create problems for the organization. A criminal investigationmy drap on for some time. During this time, much of the organization’s information systems security resources could be tied up in responding to requests for information, helping with teh investigation, and then appearing in court. However, not informing the appropriate law- enforcement officials may lead to other types of problems for the organization. These problems could include civil or criminal litigation, denial by its insurers of recompense for incurred losses, and the imposition of penalties for breach of statutory requirments.

The Information systems Security Association (ISSA)-sponsored Committee to Develop Generally Accepted Systems Security Principles (GSSP) solicits your comments on the attached GSSP Exposure Draft 2.0. An earlier Exposure Draft (1.0) was circulated over 4,000 individuals. Comments received were tabulated and addressed individually by a GSSP Committee (GSSPC) working group last fall, resulting in this Exposure Draft 2.0, which was voted out of committee for comment at the GSSPC metting held October 13, 1995, co-located with the National Information Systems Security Conference (formerly the NCSC), hosted by NIST and NSA, in Baltimore, MD.

We propose an intrusion detection approach based on predefined attack scenarios and using a genetic algorithm. This paper presents a simplified vision of the security audit trail analysis problem and some experiments (on simulated users and attacks) showing the validity of this approach. It proposes future work for building a prototype usable in a real environment

This paper presents a technique for deriving audit requirements from security policy, with examples for informal specifications. Augmenting these requirements with a system model allows an analyst to determine specific functions within the system that must be audited. We demonstrate the effectiveness of this technique by deriving audit criteria for the Network File System, and show that the results would detect numerous well-known attacks upon implementations of that protocol.

An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system will not endanger confidentiality, integrity and availability. This approach is suitable for distributed systems, because distribution enables isolation of elements so that an intrusion gives physical access to only a part of the system. By intrusion, we mean not only computer break-ins by non-registered people, but also attemps by registered users to exceed or to abuse their privileges. In particular, possible malice of security administrators is taken into account. This paper describes how some functions of distributed systems can be designed to tolerate intrusions, in particular security functions such as user authentication and authorization, and application functions such as file management.

Despite recent improvements in analytic techniques for attacking the Data Encryption Standards (DES), exhaustive key search remains the most practical and efficient attack. Key search is becoming alarmingly practical. We show how to build an exhaustive DES key search machine for $ 1 million that can find a key in 3.5 hours on average. The design for such a machine is described in detail for the purpose of assessing the resistance of DES to an exhaustive attack. This design is based on mature technology to avoid making guesses about future capabilities. With this approach, DES keys can be found one to two orders of magnitude faster than other recetnly proposed designs. The basic machine design can be adapted to attack the standard DES modes of operation for a small penalty in running time. The issues of development cost and machine reliability are examined as well. In light of this work, it would be prudent in many applications to use DES in a triple-encryption mode.

This document, which is in two volumes, presents the Software Engineering Institute (SEI) strategy and one-year implementation plan for calendar year (CY) 1996, together with the SEI five-year program plan. It is submitted in response to the Contract Data Requirements list item A001. Volume 1 describes the five-year strategic plan, and Volume 2 describes the one-year tactical plan. This document is, in essence, a proposal. It describes the strategic directions and offers detailed options for the coming year. Until the proposed options are selected and budgeted allocations are approved by the sponsor, the SEI can not commit to specific work or supporting schedules.

This document, which is in two volumes, presents the Software Engineering Institute (SEI) strategy and one-year implementation plan for calendar year (CY) 1996, together with the SEI five-year program plan. It is submitted in response to the Contract Data Requirements list item A001. Volume 1 describes the five-year strategic plan, and Volume 2 describes the one-year tactical plan. This document is, in essence, a proposal. It describes the strategic directions and offers detailed options for the coming year. Until the proposed options are selected and budgeted allocations are approved by the sponsor, the SEI can not commit to specific work or supporting schedules.