Cover image for Securing the U.S. defense information infrastructure : a proposed approach
Securing the U.S. defense information infrastructure : a proposed approach
Anderson, Robert H. (Robert Helms), 1939-
Publication Information:
Santa Monica, Calif. : RAND, 1999.
Physical Description:
xxx, 158 pages : illustrations (some color) ; 23 cm
Format :


Call Number
Material Type
Home Location
Item Holds
UB247 .S425 1999 Adult Non-Fiction Central Closed Stacks-Non circulating

On Order



It is widely believed, and increasingly documented, that the United States is vulnerable to various types of information warfare attacks. Threats range from nuisance attacks by hackers to those potentially putting national security at risk. The latter might include attacks on essential U.S. information systems in a major regional crisis or theater war. The purpose might be to deter (or coerce) a U.S. intervention, to degrade U.S. power projection capabilities, to punish the United States or its allies, or to undermine the support of the American public for the conflict. Critical command-and-control and intelligence systems are designed to be robust and secure under attack. However, their survivability cannot be taken for granted, and they depend on a diverse, primarily civilian and commercial, information infrastructure (consisting of the Internet and the public telephone network, among other elements). As the diversity and potential seriousness of threats to the U.S. information infrastructure have become apparent, national-security planners and analysts have begun to think of ways to counter such threats--to increase the infrastructure's availability for essential functions. The authors analyze the concept of a minimum essential information infrastructure (MEII) in light of the characteristics of the national information infrastructure and the nature of the threat. They suggest that it is useful to think of the MEII as a process rather than a hardened stand-alone structure, and they provide a methodology and a tool to support the implementation of that process by military units and other organizations.

Table of Contents

Prefacep. iii
Figuresp. ix
Tablesp. xi
Summaryp. xiii
Acknowledgmentsp. xxi
Acronyms and Abbreviationsp. xxiii
Glossaryp. xxvii
Chapter 1 Introductionp. 1
Chapter 2 The Information Warfare Threat and the Meii Responsep. 5
Chapter 3 Vulnerabilitiesp. 17
Chapter 4 Responsive Security Techniquesp. 47
Chapter 5 Identifying Security Techniquesp. 63
Chapter 6 Distribution of Research Effortp. 77
Chapter 7 Recommendationsp. 83
Appendix A Historical Note on the U.S. Minimum Essential Emergency Communications Network (Meecn)p. 87
Appendix B How Threats Relevant to an Meii Differ from Hacker Nuisance Attacksp. 89
Appendix C Biological Analogies for Information System Survivabilityp. 91
Appendix D Prioritization in Information Systemsp. 99
Appendix E On Deceptionp. 107
Appendix F Mapping Security Solution Techniques to Vulnerabilitiesp. 113
Appendix G Information Assurance Research Projects Examinedp. 143
Referencesp. 153