Surviving Information Warfare Attacks

The past few years have seen governmental, military, and commercial organizations widely adopt Web-based commercial technologies because of their convenience, ease of use, and ability to take advantage of rapid advances in the commercial market. With this increasing reliance on internetworked computer resources comes an increasing vulnerability to information warfare. In today's heavily networked environment, safety demands protection from both obvious and subtle intrusions that can delete or corrupt vital data. Traditionally, information systems security focuses primarily on prevention: putting controls and mechanisms in place that protect confidentiality, integrity, and availability by stopping users from doing bad things. Moreover, most mechanisms are powerless against misbehavior by legitimate users who perform functions for which they are authorized. The paper discusses traditional approaches and their limitations.

[1]  Peter G. Neumann,et al.  Computer-related risks , 1994 .

[2]  Anish Arora,et al.  Designing masking fault-tolerance via nonmasking fault-tolerance , 1995, Proceedings. 14th Symposium on Reliable Distributed Systems.

[3]  John P. McDermott,et al.  Storage Jamming , 1995, DBSec.

[4]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[5]  Hermann Kopetz,et al.  Fault tolerance, principles and practice , 1990 .

[6]  AroraAnish,et al.  Designing Masking Fault-Tolerance via Nonmasking Fault-Tolerance , 1998 .

[7]  Bev Littlewood,et al.  Predictably Dependable Computing Systems , 2012, ESPRIT Basic Research Series.

[8]  Sushil Jajodia,et al.  Surviving information warfare attacks on databases , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[9]  Andreas Reuter,et al.  Transaction Processing: Concepts and Techniques , 1992 .

[10]  John P. McDermott,et al.  Towards a model of storage jamming , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.