Group 6 Presentation

1
Group 6 Presentation

• Ruhull Bhuiyan
• Daniel Kestranek
• Darya Kishinevskaya
• Bradley Sickles
• Brian Smith
• Qiming Zou

2
Information Warfare

• Information warfare is the use and management of
  information in pursuit of a competitive advantage
  over an opponent.

3
1 Executive Order issued by President Clinton
on July 15, 1996
4
Information Warfare

• IW Weapons
• Malicious software
• Chipping
• Back doors
• Electromagnetic pulse weapons
• Destructive microbes
• Van Eck radiation
• Cryptology
• Spoofing/Authentication

5
Information Warfare

• Video morphing
• Psychological operations
• Attacks on the banking system
• Disruption of air traffic control
• Denial of service
• Stand-off and close-in sensors
• Decision support
• http//www.maxwell.af.mil/au/awc/awcgate/iw-army/m
  od6.htm

6
Information Operations

• To succeed, it is necessary for U.S. forces to
  gain and maintain information superiority.
• To influence, disrupt, corrupt or usurp
  adversarial human and automated decision making
  while protecting our own.
• Information Operations
• Joint Publication 3-13
• 13 February 2006

7
Information Operations

• As of 13 Jan 06 JP 3-13, the Joint Doctrine for
  Information Operations removed the term
  information warfare and replaced it with the more
  civilized concept of Information Operations (IO).
• Free Government Information
• http//freegovinfo.info/node/841

8
Information Operations

• Run by the Chairmen of the Joint Chiefs of Staff
  and the Department of Defense.

9
Information Operations

• 5 Major Capabilities
• Psychological Operations (PSYOP)
• Military Deception (MILDEC)
• Operations Security (OPSEC)
• Electronic Warfare (EW)
• Computer Network Operations (CNO)

10
Information Operations

• Military Functions
• Public Affairs (PA)
• Civil Military Operations (CMO)
• Defense Support to Public Diplomacy

11
Information Operations

• Dimensions
• Physical
• Informational
• Cognitive

12
Information Security

• Definition
• Process of protecting data from unauthorized
  access, use, disclosure, destruction,
  modification, or disruption.
• (44 U.S.C 3542 (b)(1)(2006))

13
Information Security

• Closely related to information assurance in that
  they share the same goals, but differs in methods
  used and areas of concentration.

14
Information Security

• Three concepts form the principle of information
  security
• confidentiality
• Integrity
• Availability
• The three main concepts are known as the CIA
  Triad.

15
Information Security

• Relative Laws
• Family Educational Rights and Privacy Act
  protects privacy of student education records.
• Gramm-Leach-Bliley Act (1999) protects privacy
  and security of private financial info.
• Sarbanes-Oxley Act (2002) requires publicly
  traded companies to assess effectiveness of
  internal controls and have independent auditors
  attest to their claims.

16
Information Assurance

• Measures that protect and defend information and
  information systems by ensuring their
  availability, integrity, authentication,
  confidentiality, and nonrepudiation. These
  measures include providing for restoration of
  information systems by incorporating protection,
  detection, and reaction capabilities.
• National Information Assurance Glossary

17
Information Assurance

• Five Attributes of Information Assurance
• Availability Decreased by DoS, spamming,
  viruses
• Integrity System design and maintenance
• Authentication How protocols are implemented
• Confidentiality Security of the data, transfer
  process
• Non-repudiation
• Non-repudiation of origin
• Non-repudiation of submission
• Non-repudiation of delivery

18
Information Assurance

• Goals
• Providing better information solutions
• Preventing future attacks
• Manage information integrity
• Minimize negative consequences

19
Information Assurance

• IA is closely related to information security
• Emphasizes on strategic risk management instead
  of tools and tactics.
• Advance Information Assurance Handbook (CERT)

20
Information Assurance

• IA also focus on
• Privacy/Secrecy
• Compliance
• Audits
• Operation continuity
• Disaster recovery

21
Information Assurance

• Organizations
• National Security Agency (NSA)
• Department of Defense (DoD)
• Designated Accreditation Authority (DAA)
• National Information Assurance Partnership (NIAP)
• National Institute of Standards and Technology
  (NIST)

22
Thank You

• Any Questions?