The National Academies Press

Currently Skimming:

2 Some Basics of Computing and Communications Technology and Their Significance for Cybersecurity
Pages 18-28

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 18... ... . Computers do what the program tells them to do given particular input data, and if a computer exhibits a particular capability, it is because someone figured out how to break the task into a sequence of basic steps, that is, how to program it. Read the entire page →
From page 19... ... A programmer can explicitly record that association as additional encoded data, but that additional data can, in principle, be separated from the information of interest. This point matters in situations in which knowing the association between information and its originator is relevant to security, as might be the case if a law enforcement agency were trying to track down a cyber criminal. Read the entire page →
From page 20... ... With modern cryptographic techniques, each of the steps remains essentially the same, except that automated tools perform most of the work. Mathematical operations can scramble (encrypt) Read the entire page →
From page 21... ... to the relatively small networks operated by individual organizations, to regional Internet service providers, to much larger "backbone" networks that aggregate traffic from many small networks, carry such traffic over long distances, and exchange traffic with other backbone networks. Internally, the Internet has two types of elements: communication links, channels over which data travel from point to point; and routers, computers at the network's nodes that direct data arriving along incoming links to outgoing links that will take the data toward their destinations. Read the entire page →
From page 22... ... destination computers transmitting and receiving data and links and routers moving data through the Internet captures the essence of its original architectural design, but in truth it presents a somewhat oversimplified picture. Some of the more important adjustments to this picture are described in Box 2.1.) Read the entire page →
From page 23... ... are developed, deployed, and controlled by millions of different entities -- companies, individuals, government agencies, and so on. Each of these entities decides what it wants to do, and "puts it on the Internet." The physical infrastructure responsible for carrying packets is also controlled by a diverse group of telecommunications and Internet service providers that are a mix of public and private parties with interests -- monetary or otherwise -- in being able to carry data packets. Read the entire page →
From page 24... ... -- is managed and specified by the Internet Engineering Task Force (IETF; Box 2.3) Read the entire page →
From page 25... ... As long as the data packets are properly formed and adhere to the standard Internet Protocol, the application provider can be assured that the transport mechanisms will accept the data for forwarding to users of the application. Interpretation of those packets is the responsibility of programs on the receiver's end. Read the entire page →
From page 26... ... As such, the Internet's design philosophy makes no special provision for security services. Instead, the Internet operates under the assumption that any properly formed packet found on the network is legitimate; routers forward such packets to the appropriate address -- and don't do anything else. Read the entire page →
From page 27... ... Moreover, actions driven by the requirements of protocols necessarily slow down the speed at which packets can be forwarded to their destinations. And any mechanisms to enforce security mechanisms embedded in Internet protocols may themselves be vulnerable to compromise that may have wide-ranging effects. Read the entire page →
From page 28... ... For example, Web pages today usually include a pictorial image, which is downloaded from a remote computer onto the displaying computer. But if the portion of the Web browser that displays the image is flawed, and an adversary constructs the image to have a hostile program embedded within it, displaying the image can run the program. Read the entire page →

From page 18...

... . Computers do what the program tells them to do given particular input data, and if a computer exhibits a particular capability, it is because someone figured out how to break the task into a sequence of basic steps, that is, how to program it.

Read the entire page →

From page 19...

... A programmer can explicitly record that association as additional encoded data, but that additional data can, in principle, be separated from the information of interest. This point matters in situations in which knowing the association between information and its originator is relevant to security, as might be the case if a law enforcement agency were trying to track down a cyber criminal.

Read the entire page →

From page 20...

... With modern cryptographic techniques, each of the steps remains essentially the same, except that automated tools perform most of the work. Mathematical operations can scramble (encrypt)

Read the entire page →

From page 21...

... to the relatively small networks operated by individual organizations, to regional Internet service providers, to much larger "backbone" networks that aggregate traffic from many small networks, carry such traffic over long distances, and exchange traffic with other backbone networks. Internally, the Internet has two types of elements: communication links, channels over which data travel from point to point; and routers, computers at the network's nodes that direct data arriving along incoming links to outgoing links that will take the data toward their destinations.

Read the entire page →

From page 22...

... destination computers transmitting and receiving data and links and routers moving data through the Internet captures the essence of its original architectural design, but in truth it presents a somewhat oversimplified picture. Some of the more important adjustments to this picture are described in Box 2.1.)

Read the entire page →

From page 23...

... are developed, deployed, and controlled by millions of different entities -- companies, individuals, government agencies, and so on. Each of these entities decides what it wants to do, and "puts it on the Internet." The physical infrastructure responsible for carrying packets is also controlled by a diverse group of telecommunications and Internet service providers that are a mix of public and private parties with interests -- monetary or otherwise -- in being able to carry data packets.

Read the entire page →

From page 24...

... -- is managed and specified by the Internet Engineering Task Force (IETF; Box 2.3)

Read the entire page →

From page 25...

... As long as the data packets are properly formed and adhere to the standard Internet Protocol, the application provider can be assured that the transport mechanisms will accept the data for forwarding to users of the application. Interpretation of those packets is the responsibility of programs on the receiver's end.

Read the entire page →

From page 26...

... As such, the Internet's design philosophy makes no special provision for security services. Instead, the Internet operates under the assumption that any properly formed packet found on the network is legitimate; routers forward such packets to the appropriate address -- and don't do anything else.

Read the entire page →

From page 27...

... Moreover, actions driven by the requirements of protocols necessarily slow down the speed at which packets can be forwarded to their destinations. And any mechanisms to enforce security mechanisms embedded in Internet protocols may themselves be vulnerable to compromise that may have wide-ranging effects.

Read the entire page →

From page 28...

... For example, Web pages today usually include a pictorial image, which is downloaded from a remote computer onto the displaying computer. But if the portion of the Web browser that displays the image is flawed, and an adversary constructs the image to have a hostile program embedded within it, displaying the image can run the program.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

2 Some Basics of Computing and Communications Technology and Their Significance for Cybersecurity Pages 18-28

2 Some Basics of Computing and Communications Technology and Their Significance for Cybersecurity
Pages 18-28