|
Alvin
Toffler, in his book Powershift, writes, “Knowledge, violence,
and wealth, and the relationships between them, define power and
society.” The September 11 terrorist attacks on the United States
stunningly illustrate how the nature of power and our society
is affected by technology in general and information technology
specifically. The World Trade Center and the Pentagon—the symbols
and centers of America’s economic and military strength, respectively—were
both rammed by Boeing jetliners—examples of America’s dominance
in commercial aviation. All of this was visible on a stage seen
by the entire world in real-time, thanks to television and video
cameras with real-time viewer interaction made possible by cell
phones, pagers, e-mail, and the Internet. In the immediate aftermath,
we saw thousands dead, a plunging stock market, and a whole nation
disrupted by shock, anger, sadness, and fear—a fear that, in an
instant, the relative safety we had taken for granted was now
irrevocably shattered. How could so few affect so many and so
much? Would we, could we, ever feel safe again?
Our technologically interconnected society
supports the phenomenon that a few can significantly impact many.
A 1965 finding known to computer gurus as Moore’s Law explains
how increasing the number of transistors could double the power
and speed of computer chips every 18 months. This is why last
year’s Pentium processor is half price now and the newest models
are twice as powerful. These advances make it feasible and economical
for computers to be everywhere—from our desktops and pockets to
our power plants and car brakes. Virtually anything can and is
connected to everything else via computer and telecommunication
networks. This is how a failure in a seemingly small and isolated
component can cause failure across an entire system. Remember
the 1965 blackout of New York City? That collapse of the Northeast
power grid started with the failure of a single small electrical
relay in Niagara Falls. The fact is our technological prowess
has outstripped our ability to predict accurately what a complex
system will do in all situations. Our interconnectedness and the
complexity of our systems leave us vulnerable to unanticipated
failures and to deliberate attacks. Systems now must be engineered
with security in mind as well as safety and correctness.
|
Recognizing the increased vulnerability of such critical
infrastructures as telecommunications, power, banking, and emergency
services, President Bill Clinton ordered the creation of the President’s
Commission on Critical Infrastructure Protection in 1996. The commission’s
purpose was to form a national strategy for protecting America’s
critical infrastructure from physical and cyber-attacks (www.ciao.gov.
One of the commission’s recommendations contained in its 1997 report,
Critical Foundations—Protecting America’s Infrastructures, was increasing
research in information assurance, or ways to assure the correctness,
safety, availability, and security of information and information
systems. Since the report was issued, the National Infrastructure
Protection Center under the FBI has been created to deter, detect,
assess, and respond to physical and cyber-attacks on our critical
infrastructure (www.nipc.gov).
The National Academy of Sciences conducted hearings on the trustworthiness
of information systems and has published its findings in a book,
Trust in Cyberspace (www.nap.edu/html/trust).
New research programs in assurance are in place at such government
agencies as the National Science Foundation and the Air Force Research
Laboratory in Rome, New York.
Several SU professors are directly involved
in efforts to counter cyber-crime and cyber-terrorism. For example,
several of us are actively researching the technical aspects of
information warfare, and I am a co-chair of the Tools and Technology
Committee of the National Institute of Justice’s Electronic Crime
Partnership Initiative. SU’s Center for Systems Assurance earned
the University the distinction of being a National Security Agency
Center of Excellence in Information Assurance Education (csa.syr.edu.
The CASE (Computer Applications and Software Engineering) Center
at SU is recognized by the New York State Office of Science, Technology,
and Academic Research (NYSTAR) as an Enhanced Center for Advanced
Technology in Information Assurance (case.syr.edu).
|
