IS3513 Information Assurance and Security. 6:00-7:15 PM Robert J. Kaufman Background Syllabus and Class Schedule Student Background Information Email robert.kaufman @utsa.edu. Student Background Information (email to me). Name Reliable email address IS/CS background
National Security Advisor
“We are talking about a collaborative partnership between the public and private sectors that is unprecedented in our history”
Kirtland AFB More Cyber-Security
Columbus AFB, MS
February 3: ASIMS detects intrusion at Andrews AFBSolar Sunrise
January 1998: tensions between the U.S., the UN, and Iraq are on the rise. Hussein has expelled the UN inspectors. UN discussing renewing military action.
February 4: AFCERT detects additional intrusions:
- Turned out to be 2 teenagers in California and their mentor in Israel
- Involved systems owned by the Air Force, Navy, NASA, DOE,
MIT and several others
- At least 47 FBI agents were involved in this case as well as
individuals from the OSI and members of the Israeli Ministry
- Exploited a known bug in Solaris, sniffed passwords
- 500 systems involved, thousands of passwords compromised.
CNN, 8,9,10 Feb 00
“Cyber-attacks batter Web heavyweights”
Carnegie Mellon, Apr 01
5 May 00
“FBI investigates 'ILOVEYOU' virus; millions of computers affected”
“Love Bug caused an estimated $8 billion in damage.” WP, 11 May 00
“War inKosovo cost the United States $6.7 billion.” UPI, 2 Feb 00
ADVISORY 01- 009 More Cyber-Security
Hack Attack: New Global Way Of War
Washington TimesApril 23, 2001, Front Page
“China Warns Of Hack Attack”
To date, Chinese hackers already have unlawfully defaced
a number of U.S. web sites, replacing existing
content with pro-Chinese or anti-U.S. rhetoric.
In addition, an Internet worm named "Lion"
is infecting computers and installing distributed
denial of service (DDOS) tools on various systems.
Collateral Damage May Soon Have A New Definition
988 More Cyber-Security
BlockedDISA VAAP Results
NSA – Executive Agent for Information Assurance
A comprehensive evaluation of the technical and non-technical security features of an AIS and other safeguards, made in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified security requirements.
A formal declaration by a designated approving authority (DAA) that an AIS is approved to operate in a particular security mode using a prescribed set ofsafeguards.
TCSEC: “Trusted Computer Security Evaluation—Orange Book”
Processes Requirements Categories
MAC I, II, III
Access Controls Accreditation Process DODI 5200.40 (1997)
Incident HandlingComputer Security Operational Model
Protection = Prevention
+ (Detection + Response)
• Accreditation Process DODI 5200.40 (1997)
HW & SW
EmanationTypes of Vulnerabilities
Source Accreditation Process DODI 5200.40 (1997)
poorly trained administrator
lazy or untrained employee
foreign intelligence agents