Đang chuẩn bị liên kết để tải về tài liệu:
Network security: Protecting our critical infrastructures

Not shown in Fig. 1 are some elements of the network that complicate security efforts. There may be a corporate firewall or network address translation (NAT) features that will require communication between the building services staff and IT staff, but will also provide greater protection against IT threats. There may be other external connections from a trusted network that bypass the SR, i.e. a modem connection. Also not shown are physical security implementation details. Are the controllers in secure locations? Is there a security policy that governs operator access to the system (passwords, keys), mainte- nance procedures, presence of tamper. | Network security Protecting our critical infrastructures This paper was prepared by Professor Seymour E. Goodman Pam Hassebroek and Professor Hans Klein Georgia Institute of Technology United States . Network Security Protecting our critical infrastructures forms part of the Visions of the Information Society project managed by Lara Srivastava lara.srivastava@itu.int Policy Analyst in the Strategy and Policy Unit of the International Telecommunication Union ITU . More information can be found at http www.itu.int visions. The views expressed in this report are those of the authors and do not necessarily reflect the opinion of ITU or its membership. Table of contents 1 Introduction The nature of the problem.1 1.1 Cyberspace is complex.1 1.2 Cyberspace is vulnerable.1 2 Strategic defence options.2 2.1 Preventing an attack.3 2.2 Thwarting an attack.4 2.3 Limiting damage during a successful attack.5 2.4 Reconstituting after an attack.5 2.5 Improving defender performance.6 3 Forms of international cooperation.6 3.1 International standards.6 3.1.1 The standards development process.7 3.1.2 Open source security standards.7 3.1.3 Incentives to establish security standards.8 3.1.4 International alliance for security standards.9 3.2 Information sharing.10 3.2.1 International cooperative efforts.10 3.2.2 Clearinghouse initiatives.11 3.3 Halting cyber attacks in progress.12 3.4 Harmonizing legal systems.12 3.5 Providing assistance to developing nations.13 4 Finding a suitable framework for international cooperation.13 4.1 An ideal model.13 4.2 Necessary characteristics of an approximate real-world construction.14 4.3 International cooperation initiatives.16 4.3.1 Cyberspace initiatives.16 4.3.2 Initiative s in other domains.16 4.3.3 Problems with cooperation initiatives for cyberspace.16 4.3.4 Problems in a partially private approach .17 5 Concluding remarks.18 .