|
|
 |
Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities (2009)
concludes that although cyberattack capabilities are an important asset for the United States, the current policy and legal framework for their use is ill-formed, undeveloped, and highly uncertain and that U.S. policy should be informed by an open and public national debate on technological, policy, legal, and ethical issues they pose.
|
|
 |
Toward a Safer and More Secure Cyberspace (2007)
explores the nature of online threats, considers some of the reasons why past research for improving cybersecurity has had less impact than anticipated, and offers a strategy for future research aimed at countering cyber attacks.
|
|
 |
Software for Dependable Systems: Sufficient Evidence? (2007)
discusses how the growing use and complexity of software necessitates a different approach to dependability and recommends an evidence-based approach to achieving greater dependability and confidence.
|
|
 |
Critical Information Infrastructure Protection and the Law: An Overview of Key Issues (2003)
discusses antitrust, FOIA, and liability as factors in protecting critical information infrastructure, given technical and economic conditions.
|
|
 |
Who Goes There? Authentication Through the Lens of Privacy (2003)
describes and examines issues, concepts, and techniques for authentication from the perspective of how they implicate privacy-and how adverse impacts on privacy might be contained.
|
|
 |
Cybersecurity Today and Tomorrow: Pay Now or Pay Later (2002)
recaps highlights from past CSTB security reports with a focus on basic principles and practical guidance.
|
|
 |
IDs -- Not That Easy: Questions About Nationwide Identity Systems (2002)
outlines challenging policy, process, and technological issues presented by nationwide identity systems.
|
|
 |
Trust in Cyberspace (1999)
provides an assessment of the state of the art procedures for building trustworthy networked information systems; proposes directions for research in computer and network security, software technology, and system architecture; and assesses current technical and market trends in order to better inform public policy as to where progress is likely and where incentives could help.
|
|
 |
Realizing the Potential of C4I: Fundamental Challenges (1999)
addresses the intersecting arenas of security, interoperability, and DOD culture and processes as they relate to challenges in command, control, communications, computers, and intelligence.
|
|
 |
Cryptography's Role in Securing the Information Society (1996)
describes the growing importance of encryption, relating government interests to interests in the spread and control of encryption, and recommends policy changes.
|
|
 |
Computers at Risk: Safe Computing in the Information Age (1991)
an enduring primer for information security, explains key concepts and terms, outlines the technology and procedures that give rise to and can alleviate security problems, relates security to complementary concerns such as privacy and safety, and describes the private and public sector institutional contexts.
|
|
