The Political Quagmire
What information do you want to share?
Demographic: address, age, race, height, weight, etc.
Financial: How much do you make? What is your debt?
- Dating Status: Single, married, "married, but acting single"
- Buying Habits: Impulse buying, smart shopper
- What do you buy: clothes, foods, medications
How do you want to protect your personal information? Limit access
by law or by personal choice? If you want to choose, who should
provide the necessary security (corporations or government)?
What about criminals (thieves, drug dealers, rapists)? Should law
enforcement have access to their personal data, or should personal
privacy override all other concerns?
In essence, it is a tough balancing act between security and privacy.
Back to module 5.
These are the corporate concerns:
- Staying in business, maintaining the competitive edge.
- Securing the competitive edge - protecting trade/corporate secrets.
- Protection from the disgruntled employee.
- Protection from fly-by-night hacking mischief.
- Maintain open connection with customers.
- Gain information on competition - stay ahead.
How Does Your Company Want to Protect Information?
- Have government legislate a solution, or
- Choose from commercially available security solutions.
In essence, it is a tough balancing act between government action
Back to module 5.
The Department of Justice Perspective
The task: How to provide the best law enforcement to the American
The challenge: How to track, capture, and prosecute criminals.
What kind of crime are we talking about?
- Sex offenders (rapists, kidnappers, child pornography, etc.).
- Organized crime (credit card fraud, money laundering, drug trafficking).
- Spies seeking both national and corporate secrets.
- Radical groups (hate crime).
- National powers trying to destabilize America's political, economic,
and industrial base.
The Technical Challenge
America has always trusted/controlled the process by which law
enforcement officers obtain critical evidence, i.e. wire tapping.
The Constitution protects against unauthorized search and seizure.
This is always a court order.
- Provide the public with cryptographically weak protection. The
government would be willing to disclose that this protection can
- Provide the public with a cryptographically strong solution
and forgo law enforcement.
- Compromise. Have manufacturers that provide the cryptographic
products which embrace a key escrow like system. Specifically,
any key sold would be made of two cryptographically dependent
parts. The manufacturer maintains one part and the independent
party, known as the information insurer, would hold the second
part. Only under court order could both parts be re-united to
form the customer's key. Back to module
The Department of Defense Perspective
DoD Concerns - How To Fight and Defend Against War in the Information
Infrastructure (political, industrial, economic) has always been
considered military targets during conflict. Therefore, our military
has always considered:
- How to defend the American homeland.
- How to maintain the tactical/strategic advantage against America's
What does information technology introduce to warfare?
- It defies concept of a theater of operations. Cyberspace is
- What constitutes war, and when are we at war?
- The attacking nation can hide within cyberspace.
- Small countries, with little effort, can challenge our nation,
eg. Somalia, Haiti.
Note: America, because of its dependence upon computer control,
is the most vulnerable of all other nations.
Information Warfare - What Are We Really Talking About?
- The ability to manage American perception in such a way that
our foreign policy cannot be achieved. The Somalia example comes
- The ability to steal American industrial secrets and ultimately
crush (bankrupt) American industry.
- In times of conflict, the ability to disrupt our nations air
traffic control, power distribution, petroleum production, and
- To destabilize America financially - devalue the dollar and
reduce the net income of Americans.
America's political, economic, industrial, and social infrastructure
are at risk!
Is there really a difference? After all, war is war.
Our military has always been able to provide a shield between
the enemy and the American public (except for Pearl Harbor).
Military strategists have always taught that victory is more
easily achieved when the public will is defeated. Information
warfare offers that capability to our potential adversaries.
So, what does DoD need in the information age?
Just as our nation pulled together when faced with a cold war
threat, there needs to be a new era of cooperation between DoD,
Justice, Commerce, Industry, and the people of our nation.
As a nation, we must:
- Recognize the threat.
- Provide cooperative solutions.
- Encourage national policy that fairly balances the needs of
the many with the needs of the individual.
In essence, it is a tough balancing act between maintaining the
status quo and sharing knowledge and skills.
Back to module 5.
The Commerce Perspective
Commerce's objective is to provide a national environment that
is conducive to economic growth. The benefits offered by the information
revolution are tremendous. Likewise, the threats to industry are
The information revolution challenges the concept of patent and
Our nation's industries are having their trade secrets stolen
on a daily basis. Protection is needed. This begs the question,
who is best suited to provide security advice and products? Government
or private industry?
Clearly, government agencies have the advantage in understanding
and defeating the threat posed by the information age, but what
are the drawbacks to having government provide the security solution?
Note: Some members of Congress want to eliminate the Department
of Commerce. Within this tutorial Commerce refers to whatever
entity exists as an interface between government and commercial
The problems of having government-provided security products:
- Government does not offer an economical means of production.
- Government does not operate in an economically competitive
- There is little public trust associated with government products.
Has Big Brother designed it?
So, what is the problem of having industry provide the solution?
- Although industry offers the best technical talent, they have
limited expertise in this arena. For example, NSA has been breaking
and making codes since WW II.
- Industry-derived solutions will be economically motivated.
Security may be degraded for financial reasons.
So, What should America do?
Have government and industry work together!
- Government provides technical guidance to industry.
- Government (from intelligence assets) provides feedback to
industry as to what is being compromised. This includes feedback
on what is working and what is not.
- Government provides information on the exact nature of the
- Industry manufactures security products.
- Industry provides a solution to the Justice Dept's dilemma
of protecting criminal activity.
A graphical, three-tier perspective:
|Information critical to the US
Government designed and produced
|Interface between high and low level info
Commercially manufactured IAW gov specs
|Information systems for private use
Commercially developed with no design restrictions
Back to module 5.