National Academies Press: OpenBook

Computers at Risk: Safe Computing in the Information Age (1991)

Chapter:C Emergency Response Teams

« Previous: B Selected Topics in Computer Security Technology
Suggested Citation:"C Emergency Response Teams." National Research Council. 1991. Computers at Risk: Safe Computing in the Information Age. Washington, DC: The National Academies Press. doi: 10.17226/1581.
×

Appendix C Emergency Response Teams

In the aftermath of the Internet worm incident has come a flurry of attempts to anticipate the next occurrences of a virus, propagating Trojan horse, or other widespread attack. As a result, several emergency response teams offering 24-hour service have been established, including the following:

  • The Computer Emergency Response Team (CERT): Formed by the Defense Advanced Research Projects Agency and centered at the Software Engineering Institute at Carnegie Mellon University, CERT provides access to technical experts around the country. CERT is intended to provide both incident-prevention and incident-response services. It was an outgrowth of the November 1988 Internet worm incident, which was managed and resolved by an informal network of Internet users and administrators. CERT was established to provide the capability for a more systematic and structured response; in particular, it is intended to facilitate communication during system emergencies. Another role that has evolved is communication with vendors about software weaknesses or vulnerabilities that have emerged through practical experience with attacks on systems. CERT draws on the computer system user and development communities, and it also coordinates with the National Institute of Standards and Technology and the National Security Agency. It sponsors workshops to involve its constituents in defining its role and to share information about perceived problems and issues (Scherlis et al., 1990).

  • The Defense Data Network (DDN) Security Coordination Center (SSC): Created by the Defense Communications Agency at SRI International to serve the (unclassified) DDN community as a clearinghouse for host and user security problems and fixes, the SSC expands on the

Suggested Citation:"C Emergency Response Teams." National Research Council. 1991. Computers at Risk: Safe Computing in the Information Age. Washington, DC: The National Academies Press. doi: 10.17226/1581.
×

functions provided by SRI through the Network Information Center (NIC) that has served Milnet users but was not set up to address security problems. Interestingly, the SSC was launched after DARPA's CERT in recognition of the fact that there was no central clearing-house to coordinate and disseminate security-related fixes to Milnet users (DCA, 1989).

  • The Computer Incident Advisory Capability (CIAC): This capability was established by Lawrence Livermore National Laboratory to provide CERT-type services for classified and unclassified computing within the Department of Energy (DOE). The scale of DOE computer operations and attendant risks provided a strong motivation for an agency-specific mechanism; the DOE community has over 100,000 computers located at over 70 classified and unclassified sites. Like the Defense Communications Agency, DOE saw that a "central capability for analyzing events, coordinating technical solutions, ensuring that necessary information is conveyed to those who need such information, and training others to deal with computer security incidents is essential." DOE was able to draw on an established research capability in the computer security arena, at Lawrence Livermore National Laboratory (Schultz, 1990).

Because of the rapidity with which computer pest programs can spread both within the United States and worldwide, it is vital that such efforts be well informed, coordinated with one another, and ready to mobilize rapidly in emergencies. Note that none of these systems has yet been tested with a full-scale emergency on the scale of the Internet worm.

Suggested Citation:"C Emergency Response Teams." National Research Council. 1991. Computers at Risk: Safe Computing in the Information Age. Washington, DC: The National Academies Press. doi: 10.17226/1581.
×
Page276
Suggested Citation:"C Emergency Response Teams." National Research Council. 1991. Computers at Risk: Safe Computing in the Information Age. Washington, DC: The National Academies Press. doi: 10.17226/1581.
×
Page277
Next: D Models for GSSP »
Computers at Risk: Safe Computing in the Information Age Get This Book
×
Buy Paperback | $85.00
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Computers at Risk presents a comprehensive agenda for developing nationwide policies and practices for computer security. Specific recommendations are provided for industry and for government agencies engaged in computer security activities.

The volume also outlines problems and opportunities in computer security research, recommends ways to improve the research infrastructure, and suggests topics for investigators.

The book explores the diversity of the field, the need to engineer countermeasures based on speculation of what experts think computer attackers may do next, why the technology community has failed to respond to the need for enhanced security systems, how innovators could be encouraged to bring more options to the marketplace, and balancing the importance of security against the right of privacy.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!