The mechanical principles that protect personal belongings inside a high school locker may hold the key to guarding digital assets. Creators of a miniature combination lock, which consists of six gears that together are the size of a shirt button, believe the device guarantees that systems can be shielded from invasions with a one-in-a-million chance that an intruder can break the code.
The greatest threat to U.S. security may come from internal software or hardware trapdoors lying dormant in the nation's critical infrastructure. The digital equivalent of Cold War moles, these hidden threats would serve as access points for criminals, terrorists or hostile governments to extort money, impel foreign policy appeasement or ultimately launch crippling information attacks on the United States.
Researchers at the Department of Energy's Sandia National Laboratories have developed a new encryption device that promises the security and bandwidth accommodation necessary to scramble various types of data at speeds unmatched by many other encryption technologies.
Researchers are developing a programming language that enables different computer intrusion detection and response applications to communicate with each other, offering users a more complete defense against cyberattacks. The goal of the common intrusion detection framework is to allow interoperability among the variety of security components that reside on a single network.
Researchers at Sandia National Laboratories are developing an architecture to eliminate threats to thin-client computer networks. These networks rely on applications servers to drive desktop workstations. Coupling security elements that will evolve from their work with commercial technology, the scientists hope to create a computing environment that offers increased flexibility and accessibility for network users without compromising security.
Future military cyberspace security may require next-generation network management and intrusion detection systems that combine both short-term sensor information and long-term knowledge databases to provide decision-support systems and cyberspace command and control. Sophisticated computer hardware and software would identify a myriad of objects against a noise-saturated environment. Cyberspace command and control systems would track the objects, calculate the velocity, estimate the projected threats, and furnish other critical decision-support functions.
To protect information systems from security breeches, organizations increasingly are embracing a comprehensive strategy that relies on both technology and enforced policies. Meanwhile, the legal system has been hard pressed to keep pace with information system protection issues, leaving many questions unanswered about how far businesses may go to protect their systems.
Uncertainty surrounding a patchwork of commercial information security products hurriedly placed in use on U.S. Defense Department computers and networks is reshaping policy. Successful test and evaluation of these products in specified laboratories will soon become a prerequisite for procurement by military services and defense agencies.
As evaluation policy emerges, the National Security Agency (NSA) is embarking separately on a major long-term program to modernize the inventory of high-grade cryptographic devices. The new cryptography will exploit technology to keep pace with modern communications as bandwidth applications change.
The adoption of networked systems and the prevalence of Internet use have created the potential for unauthorized access to critical data. U.S. Defense Department officials believe that uncontrolled Internet connections pose a significant and unacceptable threat to all of their information systems and operations. Ensuring secure transmissions and the authenticity of data while allowing users to connect from remote locations requires high levels of security.
The convergence of telephone and Internet protocol networks holds great promise, according to industry experts, leading vendors and the press. However, an increasingly converged network also increases the risk factor associated with securing voice and other real-time communication streams. These risks are not limited to Internet-protocol-based networks; traditional time division multiplexing networks also are vulnerable.