research in information security and information warfare- the economics, warfare, policies, and...
TRANSCRIPT
Research in Information Security and
Information Warfare- The economics, warfare,
policies, and technical aspects on why Information
Security is so vital
By: Aaron Varrone
CIS 675 Information Systems Research
Dr. Richard McCarthy
Summer 2010
Quinnipiac University
V a r r o n e , P a g e | 2
ABSTRACT
These days, Information Security and Information Warfare are now looked upon as a
very important and vital concept among various military organizations. Since the
revolution of this concept in military science is viewed as a major reformation regarding
the technology utilized; military leaders believe that this technology and more
specifically, the information: gives an advantage in military training, strategy, tactics, and
organization, leaving no reason to believe otherwise on how technology impacts a
nation‟s army. In this research paper, we will examine a deeper understanding of
Information Security and Information Warfare; the economics, warfare, features, policies,
and even some common technical aspects on why Information Security is so vital to one,
to an organization, to a nation.
KEYWORDS:
Information Security
Information Warfare
Vulnerabilities
Malicious
Attacker
V a r r o n e , P a g e | 3
INTRODUCTION
Today, in almost any publication you read or discussion that you participate in, one can
read or hear the phrases containing the word “information” and “security”. Almost
everything these days have become of information character: processes, objects, and
occurrences, where we encounter such terms as information technologies (IT),
information environment, sphere and space, information support, information weapons
and equipment, electronic and information warfare. The term “security” is used so
widely that everyone in the world wants to have security, but there‟s one ramification
with this, as security is something that you don‟t realize its working until it fails, when
it‟s too late and the vulnerability has already transpired to you or to a nation. After all,
security is something that occurs between your ears, not something you hold in your
hands –Jeff Cooper.
In this research paper, the concepts of information security and information warfare are
described. After the reader understands these concepts and the history behind them, we
compare nations: the United States and China to be specific, to give us a better
understanding of how both nations handle information with completely different
prespectives and approaches. Afterall, these two countries are very different from each
other. Lastly, the paper is concluded with common technical aspects and even future
considerations that one looks for in this field to protect the confidentiality, intergrity, and
availaibility of one‟s data and information.
V a r r o n e , P a g e | 4
REVIEW OF LITERATURE
What is “Information”?
Scientists today define information as a fundamental uniform and eternal legal process,
involving the: relation, interaction, inter-preservation, and transmutation of energy,
movement, mass, and anti-mass on the basis of materialization and dematerialization in
micro and macrostructures of the Universe (Orlyanskiy, 2008). Additionally, information
is an element of the Universe around the world, the original cause, essence, source and
carrier of all phenomena and processes, all material particles and objects (Orlyanskiy,
2008).
What is “Information Security”?
Information security is defined as protecting information and information systems from
unauthorized access, use, disclosure, disruption, modification, or destruction in order to
provide: integrity- guarding against improper information, confidentiality- preserving
authorized restrictions on access and disclosure, and availability- ensuring timely and
reliable access to and use of information (United States Code: Title 44,3542, 2009). In
other words, information can render certain influences upon individual people or targeted
populations, therefore the effectiveness of this information is essential for one to secure.
What is “Information Warfare”?
In today‟s digital age, it is quite difficult to control the flow of others‟ data via the World
Wide Web. Control of such information can have substantial effects on an organization,
a military organization, or a government. While outright attacks against physical and
V a r r o n e , P a g e | 5
informational assets via the World Wide Web are extremely difficult to perform, there
continues to be a risk associated with anything that has a connection to the internet. As
technology and the web continue to grow, so does the exposure of more harm being done
on one‟s data and information. Although engaging in war with tangible effects via the
Internet is extremely difficult; individuals, organizations, and governments are constantly
attempting ways to devise and facilitate electronic conquest, where data and information
is compromised (Cassidy, 2009).
Princeton defines information warfare as information or information technology during a
time of crisis or conflict to achieve or promote specific objectives over a specific
adversary or adversaries (Princeton WordNet, 2010). In other words, Information
warfare is viewed upon as “actions” taken to affect enemy information and information
systems, while defending their own information and information systems. The term was
coined in China in 1985 by Shen Weiguang, a leading Chinese war theorist (Migunov,
2008).
Information has always played a supporting role where it can be of vital importance only
under other equal or comparable conditions, such as availability of weapons and troops,
and their possession by contending parties capable of applying them in an armed struggle.
The most powerful and precise weapons are based off of the information about enemy
target locations and about their own capabilities and prospective opportunities, in
addition to other conditions necessary to be taken into account for.
V a r r o n e , P a g e | 6
The figure below represents a general structure of parties involved in an Information
Warfare.
(Orlyanskiy, 2008)
With a heavy demand placed in recent years on investing into technology, the concept of
electronic and information warfare has been brought to military leaders all around the
globe where the focus of this technology is integrating with a military organization‟s
weapon system and equipment, globalization of information command and control
systems, and more comprehensive computerization tools (Shuntenko, 2008). Technology
has not only change the nature of warfare, however also shifts warfare into the
information and intelligence realm, which requires a new outlook at war.
V a r r o n e , P a g e | 7
Electronic and information warfare is a concept that was looked upon at a certain stage in
the development of weapons and military equipment, following the broad application of
discoveries and achievements in electronics in command and control systems. Radio
communications were not the only means of command and control, however a diversity
of other various electronic systems have become a vital part of many types of weapon
systems. The components of electronic and information warfare are as follows:
electronic intelligence, including radio communications, signals intelligence, thermal (IR)
intelligence, TV communications intelligence, laser intelligence, acoustic intelligence,
and radar intelligence, which is conducted by searching, detecting, and intercepting
various electronic emissions by analyzing radars‟ technical parameters and coordinates.
This type of intelligence is not only used to locate enemies and identify their intentions,
however also to prepare data and obtain essential electronic and information warfare that
the enemy may have (Shuntenko, 2008).
Information warfare is steered through the mass media, which ensures the delivery of the
information of each contending party to the selected targets. Such as, information
superiority can be treated as a more effective influence through information. In order for
one to gain an advantage, additional qualitative information is required as well as more
perfect ways of its delivery which is associated with the development of global
communication systems. Such as today, lots of countries are using the Internet with a
view of conducting information warfare. Hence the reason why American experts are
working in the field of informational and psychological influence with having certain
operative experience in computer networks of the enemy (Orlyanskiy, 2008).
V a r r o n e , P a g e | 8
The US Military Impact on Information Warfare
The United States Military policy is designed to achieve information superiority over the
enemy by manipulating applications of hi-tech mobilization and equipment systems
supported by a diversified infrastructure of: command, communication, management, and
intelligence systems, through the use of a large range of high accuracy weapons intended
to destroy specific targets (Migunov, 2008). America‟s primary goal is to destroy their
enemy‟s army control capabilities while maintaining information warfare-related actions
to support additional dynamic weapons. American military leaders are mainly focusing
on outperforming the enemy by staying inside its decision-making mechanism in which
they retain key information and not let anybody else know of this information that they
may have on somebody else.
Incident with a US Reconnaissance Aircraft
In the spring of 2001, an incident with a US reconnaissance aircraft occurred in Taiwan,
where the Americans showed their incapability to battle with an aggressive Chinese
information policy. China outplayed the USA strategically as their hackers attacked
various US Defense Department systems during the crisis, making the national
information security system of the U.S. to be extremely slow because of the attacks.
During this time as a result of the information warfare concept development, the term
“informatization war” appeared in China‟s military scientific press, defining the term as
the battlefield of seeking information by military forces with “information weapons” as
the main warfare device. These information weapons include devices and tools to cause
maximum losses to the opposing side during the information warfare by making
hazardous information impacts. Target areas include: information and technical systems,
V a r r o n e , P a g e | 9
manned information and technical systems, information and analytical systems, manned
information and analytical systems, information resources, public consciousness and
opinion formation systems based from mass media devices, and lastly human mentality,
such as psychological approaches (Migunov, 2008). Since then, America has
dramatically improved their information infrastructure by using the latest and greatest
technology: such as advanced encryption, security as a service-which we will discuss
later, advance network and malware defense programs, and advanced firewall and
intrusion-prevention technology.
A Different Approach to Information Warfare- China
China‟s information warfare theory was strongly influenced by Chinese military art
where the Chinese system of views on information warfare include unique images about
the war as a whole, which are based on the modern “People‟s War” concept, on thirty-six
schemes introduced by the great Sun Tzu, who will be introduced in the next paragraph,
on how to maintain war on operative, strategic, and tactical levels (Migunov, 2008). The
main theory behind this concept was focused on deceiving the opponent by receiving
confidential information, while searching for asymmetric advantages over the enemy.
Chinese experts speculative methodology to information warfare was based on the
advances of the ancient Chinese war strategist and philosopher, Sun Tzu, who was one of
the very first to generalize the experience of information impact on the enemy. In Tzu‟s
exposition, “Iskusstvo voiny”, which translates in English to “The Art of War”, he wrote
the following:
V a r r o n e , P a g e | 10
“In any war, as a rule, the best policy would involve the capture of a complete state for it
is much easier to destroy it. It is better to capture the adversary’s army rather than to
destroy it… It is not the top of art to gain one hundred victories in battles. To capture
the adversary without a battle—this is the crown of art.” (Migunov, 2008)
In this elucidation, Tzu explains the importance of having access to vital information
regarding the enemies and the importance of retaining disinformation techniques in order
to manipulate the enemy‟s state and actions. Tzu concluded, “If I show the adversary
some form, but I don’t possess this form, I will keep the integrity, but the adversary will
be divided into pieces.” (Migunov, 2008)
Behind the Information Warfare Concept
Today‟s information warfare concept started to develop in China in the late 1980s, where
information warfare was understood as the actions of political, economic, cultural, and
technological; designed to capture global information while creating a protective
information border around the country. Chinese theorists also include that the basic
elements of this concept consist of the following: theoretical intimidation, confrontation
of information potentials, competition of information strategies, army information
enhancements such as artificial intelligence, economic information aggression, cultural
information aggression, information war of minds, and psychology (Migunov, 2008).
A Breakdown of Information Warfare
Information warfare can be subdivided into „information-technical‟ and „information-
psychological„ wars. In an information-technical war, it is the information technology
V a r r o n e , P a g e | 11
systems, such as: communication systems, telecommunication systems, and radio-
electronic devices that are the main target areas. In an information-psychological war the
main targets are the mentalities of the political leaders and the population of the opposing
sides, such as public opinion formation systems and decision-making mechanisms.
Nowadays, China possesses a very powerful state-organized information warfare system
which allows Chinese authorities to apply forces and facilities when and where necessary.
The core of the system includes the network of Research Bureaus at the State Council of
the People‟s Republic of China and the System Analytical Center of the State Security
Ministry (Migunov, 2008).
The figure below represents an organizational view of how the Chinese Special Services
operate in an information warfare system.
(Migunov, 2008)
Concluding Information Warfare
V a r r o n e , P a g e | 12
In China, information warfare is viewed as a transition from the mechanical war of the
industrial society to the war of solutions and style of management, and the war of
knowledge and intelligence. To achieve this transition, the country is now developing the
concept of network forces, which are military divisions numbering up to a battalion
manpowered with high quality computer experts trained in state universities and
educational centers, where the main goal is to attract the active youth, from among
Internet users, as China is currently the biggest country among Internet users in the world
ahead of America with approximately 298 million people (CIA- The World Factbook,
2008).
Technical Aspects of Common Information Security Vulnerabilities
In this section, various technical aspects of common information security vulnerabilities
are examined. In today‟s world there could obviously be pages and pages, and even
books written on these technical aspects. Therefore, this paper will examine the most
common and prone attack methods.
Several Layers at Which Attacks can occur
First, let‟s examine the various layers at which attacks can occur:
Physical
Since most hostility is based off of using communication technology as a means of an
attack, aimed at physical assets of the target, such as: computer equipment, electronics, or
power generators; the physical layer represents only part of how a potential victim can be
attacked (Cassidy, 2009).
V a r r o n e , P a g e | 13
Syntactic & Semantic
Syntactic and Semantic demonstrates how an attacker doesn‟t have to demolish physical
assets when they can achieve the goals of warfare by feeding their enemy faulty
information (Cassidy, 2009). Hence the reason why reliable information is so vital for
good decision making for one. Without reliable information, poor logistical decisions are
realized.
Attack Modeling for Information Security & Survivability
Many system and programmer engineers rely on data failure to improve their design,
however the majority of the time, this is not the case as many in the field do not use data
that is compromised as a way to improve the security and sustainability of systems they
develop. A big reason on why they don‟t is because historically speaking, business and
governments have been reluctant to disclose information about an attack on their system
for the fear of public awareness and confidence; additionally organizations may fear that
other attackers would exploit the same or similar type of vulnerability in the future.
(Moore, Ellison, & Linger, 2001)
Although organizations have been reluctant to disclose such information on their systems,
data that has been compromised has become more widely available over the past decade.
Main reasons for this includes media coverage and public interest awareness on the
Internet, and non-profit organizations forming to help protect government and business
information systems free from internet-based attacks. For instance, organizations such as
the Computer Emergency Response Team (CERT) which was formed in 1988 by the
V a r r o n e , P a g e | 14
National Security Agency (NSA) to help combat the risk of threats that may come into an
organization‟s or government agency‟s information system (Schneider, 2010).
Common Types of Attacks
There are many ways to deliberately access confidential and restricted information and
data from a system. Therefore, an attack pattern is looked upon and examined to further
understand the following:
The overall goal of the attack
Every hacker (attacker) has an initiative in mind and goal for committing an attack.
Whether it‟s an act to gain money and sell important data and information or a malicious
attempt to do harm to another, there‟s always a rationale behind the attack.
A list of preconditions of the attack
Preconditions include assumptions that are made about the attacker or the state of the
organization that are necessary for an attack to be successful, such as: the access,
knowledge, resources, and skills that the attacker must possess in order to carry out the
attack.
The steps for carrying out the attack
An attack does not just happen. There are steps to every attack. The first and last step
will always be the most generic and non technical to even in some cases where an
elementary student can understand, such as how the attacker received such access to the
system (first step) and how the attacker left the system (last step), with the very technical
and most difficult steps being thrown in the middle.
V a r r o n e , P a g e | 15
A list of post conditions of the attack
Post conditions include knowledge gained by the attacker and changes (if there were any)
which were made to the organization‟s system.
(Moore, Ellison, & Linger, 2001)
Buffer Overflow Attack
A Buffer Overflow Attack is one way for an attacker to exploit malicious code onto a
system. Buffer overflow occurs when a process or program tries to store more data in a
buffer, which is a temporary place for storage, than it was intended to hold. Buffers are
created with a restricted set amount of data, when extra information is stored in this
restricted set amount, the data has to go somewhere which can lead to overflowing,
corruption, and or even overwriting the valid data that is stored. While overflowing can
occur through a programming error, the primary source of an overflow is usually caused
from a type of security attack on data integrity. In this type of attack, the extra data
usually contains malicious code designed to trigger specific actions, such as changing
configurations and disclosing confidential information. Most experts agree that Buffer
overflow attacks have arisen in recent years because of poor programming practices
(SearchSecurity.com Definitions, 2007).
Goal: The primary goal of a Buffer Overflow Attack is to exploit a program‟s
vulnerability by performing a type of malicious activity on a targeted system.
Precondition: The attacker can execute certain processes and programs on the system
Attack: The attack consists of the following:
1) Identify executable programs on the system that is susceptible to this type of
vulnerability
V a r r o n e , P a g e | 16
2) Identify the code that will perform the malicious activity when it executes with
program‟s privileges
3) Construct the input value that will force the code to be in the program‟s address
space
4) Executes the program and behaves in a way the malicious code was
instructionally written to do
Post condition: The targeted system executes the malicious function.
(Moore, Ellison, & Linger, 2001)
Below is a flowchart representing how a Buffer Overflow Attack is carried out.
(Moore, Ellison, & Linger, 2001)
Exploiting the Buffer
When a buffer overflow occurs, the memory typically causes the targeted application to
crash because it does not know how to handle the extra data. However in an attack; an
attack can manipulate the buffer overflow in such a way where they can create their own
system commands by converting them to very low-level byte code, and send them to the
program in a proper format where they can be executed. At this point, the code that is
executed is complied under the context of the user‟s original vulnerable application
which means that if the program is run by a system administrator, the injected code can
also run under the same privileges as the system administrator (Sanders, 2009).
V a r r o n e , P a g e | 17
Depending on the size of the buffer, the attacker can inject various types of codes to carry
out malicious activities. The most common type of injection is a known as shellcode,
where a user has the ability to take complete control over the system. An example of a
shellcode attack in a Microsoft Windows system written in C and Assembly languages is
shown below.
(Sanders, 2009)
Preventing Buffer Overflow Vulnerabilities
The best way to prevent the exploitation of a buffer overflow vulnerability is for
programmers to review their code ensuring the code is indeed secure. One caveat with
this is that reviewing line after line of code requires a significant amount of man hours to
maintain the integrity of the program code.
Fortunately for programmers and users, there are other ways to combat this type of attack.
Such as Microsoft‟s widely known feature in their operating systems known as Data
Execution Prevention (DEP), which is a security attribute to prevent an application from
executing code in a non-executable area of memory. DEP can be configured both in
V a r r o n e , P a g e | 18
hardware-based devices and software-based devices (Sanders, 2009). The figure below
represents a software-based DEP configuration.
(Sanders, 2009)
The figure below represents the results of when DEP automatically detects the execution
of code from a non-executable area and blocks the code from carrying out its intended
task.
(Sanders, 2009)
V a r r o n e , P a g e | 19
Unexpected Operator Attack
The Buffer Overflow Attack is one way for an attacker to exploit malicious content
without intent and user input from a user. An example of a more general class of attacks
are referred to as Input Validation Attacks, where perhaps if the application required
validated user input, perhaps the program wouldn‟t be vulnerable to the attack. Similar to
a Buffer Overflow Attack and considered to be in the same class, is the Unexpected
Operator Attack which is when an unforeseen exploit attack occurs where the attacker
can execute various types of malicious functions. As oppose to being vulnerable to
excessively long input values, programs susceptible to the unexpected operator
vulnerability do not expect that certain operators will be included in the input. For
instance, an application can expect that a file name will be passed as input, therefore that
application can use the data contained in the file for some purpose. The vulnerability in
this application is exploited when an attacker attaches the input file name with a
command composition operator and a malicious command (Moore, Ellison, & Linger,
2001).
Goal: The primary goal of this attack is to find unexpected operator vulnerabilities so that
malicious functions can take place.
Precondition: Attacker executes certain applications on the target system.
Attack: The attack consists of the following:
1. Identify executable applications the target system vulnerable and prone to the
unexpected operator vulnerability
2. Identify unexpected operator that allows composing system calls
3. Identify system calls that would perform malicious function when executed with
application‟s elevated privileges
4. Create unexpected input by composing legal input value with system call
commands using the unexpected operator
5. Execute application on the target system with unexpected input
V a r r o n e , P a g e | 20
Post condition: Target system executes the malicious function.
(Moore, Ellison, & Linger, 2001)
The figure below represents an Unexpected Operator attack. “Program P” is the
application that is prone to this attack.
(Moore, Ellison, & Linger, 2001)
Other Common Attack Patterns
Attack patterns exists at a variety of levels and do not automatically lead to a direct
compromise of information or denial of service. Attacks may simply provide the attacker
with information that they need in order to achieve a goal. Such as, finding out the
access controls that are enforced by a firewall, which is essential information because
once control is taken over the firewall, it makes it that much easier to access one‟s data
and information. This is known as an Access Control Discovery and IP Address
Discovery attack (Moore, Ellison, & Linger, 2001).
Access Control Discovery and IP Address Discovery Attack
Goal: The primary goal of this attack is to identify firewall access controls.
Precondition: Attacker must know the firewall IP address
Attack: The attack consists of the following:
1. Search for specific default listening ports
2. Scan all ports across the network for any listening ports
V a r r o n e , P a g e | 21
3. Scan ports stealthily for listening ports
OR
1. Randomize the scan on the target
2. Randomize the scan of the source
3. Scan without touching the targeted host
Post condition: Attacker knows firewall access controls
(Moore, Ellison, & Linger, 2001)
The figure below diagrams an attacker in “Internet Land” accessing a system behind an
organization‟s (The Org Enclave) firewall.
(Moore, Ellison, & Linger, 2001)
Attack Trees
Very intelligent attackers will attempt to exploit every vulnerability in every application
known to man by retaining an attack library that provides a set of attack profiles to be
initiated on their target systems. This is why it‟s imperative for developers, system, and
security engineers to examine an attack tree, which is basically a flowchart representing if
an attack goes through or not. Once vulnerabilities are found; the developer, system,
and/or security engineer can go back and apply patches to where these exposures
occurred (Moore, Ellison, & Linger, 2001).
The figure below represents an attack tree process.
V a r r o n e , P a g e | 22
(Moore, Ellison, & Linger, 2001)
TODAY & THE NEAR FUTURE- VIRTURALIZATION SECURITY
Much of today, organizations are taking advantage of other technologies out there such as
virtualization, a wave of the future model where cloud computing and software as a
service (SaaS) concepts are widely utilized. Cloud computing is defined as services and
applications that are stored in another location, typically a third-party provider, where
these operations take place over the internet (Sloan, 2009). Therefore, security in the
virtualized world is becoming more imperative than ever before.
V a r r o n e , P a g e | 23
To start, common virtualization terms must be understood before discussing how to
protect these virtual systems:
Hypervisor- This is how virtualization is made possible. Hypervisor provides the
abstraction layer between the real system and the virtual one in which an operating
system software maps out to a “virtual” processor, memory, storage, input/output, such as
a network, to the real processor, memory, storage, input/out of the system.
Virtualization- Virtualization is the process of abstracting computer applications, services,
and operating systems from the hardware on which they run onto a virtual machine image
which is installed on a guest operating system however is running from a host operating
system.
Host operating system- Is the operating system that is running an instance of a virtual
machine.
Guest operating system- Is the actual virtual image of the operating system that is
installed and running on the host operating system.
Virtual Machine Image (VMI)- Is a pre-built copy of memory and storage contents of a
particular machine which contains the host operating system.
Security layer- Security functions embedded within the hypervisor layers that provide
common service to all VMs on the hardware platform which are logically isolated from
the guest operating system.
Security as a Service- a utility-based security service that connects to all security layers
of a cloud. In addition, one or more operation centers are attached to the cloud.
(Sloan, 2009)
V a r r o n e , P a g e | 24
Security architecture in a Virtual World
Firewalls: In a virtual world, firewalls are likely to be delivered as a VMI, running in its
own processing compartment. There could be room for a traditional hardware firewall at
the base of each datacenter cabinet to regulate flow into and out of the cabinet as well as
the outside boundaries of each cloud in which these firewalls become linked in a grid
with a dedicated out of band firewall management channel. This allows virtual
compartments for customer distributed-processing services and traffic segregation where
each processing stack becomes a repeatable unit of the architecture.
Intrusion Detection & Prevention Systems (IDS/IPS): IDS/IPS can be incorporated into
software applications in the security layer utilizing features such as: full traffic analysis,
attack detection, and response control capability.
(Sloan, 2009)
A virtualized environment allows for various and unique possibilities for prevention
responses, such as closing an attacked VM in three ways:
1) The original minus the attack traffic, which allows business to continue.
2) A forensic image to allow the attack to be investigated.
3) A honeypot to retain and divert the interest of the attack in which fake data is
substituted for real data.
(Sloan, 2009)
Anti-Virus (AV): Anti-Virus has always run in context with the computer allowing for the
possibility of malicious code to disable AV protection and prevent possible remediation
or removal of the malicious code. Therefore in a virtual world, more and more Anti-
Virus vendors are relying on Cloud Computing scanning, where scheduled and real-time
scans are initiated from another virtual machine.
V a r r o n e , P a g e | 25
Encryption: The problem of providing affordable protection for private encryption keys
was resolved by adding a Trusted Platform Module (TPM) to the operating system
architecture allowing universal, end-to-end data protection in PC networks by the use of
Public Key Infrastructures (PKI) and Asymmetric Key Cryptography (AKC). Cloud
computing cannot break the model to require the transport of keys around the network,
however the TPM can deliberately be used to provide trust connections from connection
to connection. Therefore, allowing this to be adopted in a cloud model and allowing
establishments of virtual private networks (VPN) to protect data on the fly.
Patch Management: With cloud computing, it‟s possible to simplify the problem of patch
management. Many platform level patches can be applied to all images currently running,
however by including a patch management service within the management or security
layers, it‟s possible to push the patches out automatically. Additionally, it is also possible
to clone the individual environment first and test the patch before it ever goes live.
Additional Security Services: Additional potential security services that could be added
to the security layer and be delivered as Security as a Service include offload
functionality and complexity from business applications, such as the use of Application
Programming Interface (API), which allows functions to be accessed by other
applications. Other services may include: proxy services, such as web content, URL, and
SPAM filtering, user registration, authentication, authorization, password management,
and secure single-sign on systems. (Sloan, 2009)
This figure below represents how security would take place in a cloud computing
environment:
V a r r o n e , P a g e | 26
(Sloan, 2009)
METHODOLOGY
The methodology used during this research includes an observation method for gathering
data and factual information. For instance: examining case studies done between China
and the United States, scientists definition and theories behind the concept of information,
experts definition and theories behind the concept of information warfare, technical
components such as common attack patterns, and the future of information security-
virtualization.
RESULTS
The results were analyzed by the following:
1. Information gathered by the observation method were collected and reviewed
2. This data was coded with the following themes: the concept and definition of
information, the concept and definition of Information Security, the concept and
V a r r o n e , P a g e | 27
definition of Information Warfare, the United States perspective of Information
Warfare, China‟s perspective of Information Warfare, technical aspects of
common information security vulnerabilities- such as attack models and common
attacks, lastly the future of information security- virtualization.
3. These themes were layered and interconnected to the following:
Information Security and Information Warfare
The concepts of what information warfare means to two different nations
Technical Aspects of Information Security Vulnerabilities
4. Once these themes were identified and grouped accordingly, the presentation of
findings were established
5. Lastly, the themes were supported by multiple sources and reviewed
CONCLUSION
Information is everywhere. As scientists would describe, almost everything these days
have become of information character: objects, occurrences, and processes. After all,
information is the knowledge required in order to accomplish a certain task. Hence the
reason why securing of this information is so essential, especially for organizations,
military organizations, and nations. With this said, a whole new perspective of
information security is examined, information warfare. This concept which may be new
to most, has been around for approximately thirty-years and essentially has become the
future of war, where many nations and their military organizations are preparing for the
next steps in case of a war. As technical characteristics were examined more closely, this
gives us a better understanding of what attackers look for, what attackers want, and why
V a r r o n e , P a g e | 28
they want this vital information where these days terrorism can be launched with one
click of a button.
FUTURE WORK
Future work considerations include examining under developed nations where they lack
in a fundamental economy and therefore lack in the use and innovation of technology.
Although China has a very different approach to America, many other countries in
today‟s world cannot compete with these nations technology, therefore causing these
other countries to lie, cheat, and steal their way through these other systems which may
include: bribery, theft, and intimidation, in order to maintain a strong and free-standing
nation. While these countries cannot develop and utilized high accuracy weapons of
mass destruction, they indeed can still stay in the game by performing basic information
warfare notions, such as: computer network attacks, information and economic operations,
high precision impacts, and directed actions; which can lead to a national security
advantage, economic advantage, financial benefits, policy and political influence which
all of these can be considered by most experts as instruments capable of increasing a
nation‟s power.
V a r r o n e , P a g e | 29
REFERENCES
SearchSecurity.com Definitions. (2007, June). Retrieved August 2, 2010, from
SearchSecurity.com:
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci549024,00.html
CIA- The World Factbook. (2008). Retrieved August 14, 2010, from Central Intelligence
Agency (CIA): https://www.cia.gov/library/publications/the-world-
factbook/geos/ch.html
United States Code: Title 44,3542. (2009, January). Retrieved July 29, 2010, from
Cornell University Law School: http://www.law.cornell.edu/uscode/44/3542.html
Princeton WordNet. (2010, July). Retrieved August 8, 2010, from Princeton:
http://wordnetweb.princeton.edu/perl/webwn?s=information%20warfare
Cassidy, R. (2009). War in the information age. Parameters, 117.
Dlamini, M., Eloff, J., & Eloff, M. (2009, May-June). Information Security: The Moving
Target. Computers & Security, 28(3-4), 189-198.
Gordon, L. A., & Martin, L. P. (2002, November). The economics of information security
investment. ACM Transactions on Information and System Security (TISSEC),
5(4), 438-457.
Migunov, A. (2008). Trends of China's strategy in Information Warfare. Military Thought,
142.
Moore, A. P., Ellison, R. J., & Linger, R. C. (2001). Attack Modeling for Information
Security and Survivability. Carnegie Mellon University. Pittsburgh: Software
Engineering Institute.
Orlyanskiy, V. (2008). Information weapons and information warfare: realities and
speculations. Military Thought, 181.
Sanders, C. (2009, October 28). WindowSecurity Buffer Overflows. Retrieved August 15,
2010, from WindowSecurity.com:
http://www.windowsecurity.com/articles/Buffer-Overflows-Data-Execution-
Prevention-You.html
Schneider, G. P. (2010). Electronic Commerce. Boston: Course Technology Cengage
Learning.
Shuntenko. (2008, July-Sept). The concept of electronic warfare. Military Thought, 6,
161.
V a r r o n e , P a g e | 30
Sloan, K. (2009). Security in a virtualised world. Network Security, 2009(8), 15-18.