160 likes | 239 Views
IS IT POSSIBLE TO MAKE PEOPLE ACCEPT NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM? (INFORMATION SECURITY SCOPE) Ronald E. LaPorte University of Pittsburgh, Pittsburgh, PA, USA and Andrey Trufanov, Irkutsk State Technical University, Irkutsk, RF.
E N D
IS IT POSSIBLE TO MAKE PEOPLE ACCEPT NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM? (INFORMATION SECURITY SCOPE) Ronald E. LaPorte University of Pittsburgh, Pittsburgh, PA, USA and Andrey Trufanov, Irkutsk State Technical University, Irkutsk, RF NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
Conventional Information Exchange Stove Pipe Information Exchange (Inter-level) Government Business P2P B2B G2G Person ( Citizen) Information Society Level Computers Net 1. Information Society Computers, nets of computers, the Internet, e-mail, WWW, and mobiles the first phase of Information Society New history e- business, e-government and e- management, remote e-working Specific sector: ex. Music Production P2P, P2B, P2G, B2P, B2B , B2G, G2P, G2B , G2G. NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
2a. Comprehensive Global Interdisciplinary Information Exchange - in fighting against danger – nation critical structures A comprehensive World Society interactions: all the individuals become equal on the Earth while counteracting natural or artificial disasters. The National Strategy for Homeland Security in the US categorizes critical infrastructures into the following sectors: Agriculture, Food, Water, Public Health ( PH) , Emergency Services, Government, Defense Industrial Base, Information and Telecommunications, Energy, Transportation, Banking and Finance, Chemical Industry and Hazardous Materials, Postal and Shipping Why PH ?:Public health is the basis for all economic development for in its absence, there is no opportunity to focus on productive steps to improve the quality of life for a population Accidents and emergencies may be caused natural disasters technical failures personnel errors adversary attacks Diverse disciplines needs protection against accidents and emergencies through preventing and responding threats and recovering consequences NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
Information Society Level PCs WWW Supercourse, Supercourse 2… Information Society Level Computers Net Networking Comprehensive Global Information Exchange 2b. Comprehensive Global Interdisciplinary Information Ecxhange The watershed in implementation computers was encountered when PCs had been invented The watershed in implementation Nets was encountered when WWW had been proposed The watershed in implementation Networking Prevention was encountered when Supercourse had been created NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
2c. Comprehensive Global Interdisciplinary Information Exchange Some Questions: Is it enough to have national Department of Homeland Security which is responsible for preventing and responding to terrorist threats? Why networking ? Who will manage Networking ? Is there any threat that someone will take any Global Network ( similar to SC) as an instrument to reach his or her own prosperity and welfare ? Is SC to be a nuclei for a new civilization, new paradigm ? 2c.1 Networking Networking contemplates : effective, reliable and fruitful information exchange between diverse disciplines ( interdisciplinary Networking) , diverse management level ( inter-level Networking) and through over the world ( international Networking ). Conventional Networking: Reliable and Target Corporative P2P information exchange Interdisciplinary Networking: Implementation of Experience of Nuclear Industry, Information Security, Supercourse Inter-level Networking: G2P, G2B, B2P information exchange to solve prevention tasks more accurately and in time International Networking : Implementation of experience of excellence , that other nations have NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
2c. Comprehensive Global Interdisciplinary Information Exchange 2c.2 Networking on International Stage Pluses for implementation Networking : Restructuring of the National Economy, Modern ICT, Current European and the US experience , Educated Personnel Minuses for implementation Networking : Anti- networking - The Separation that created intentionally Execution of natural networking foundation - The Changing Economy , Management scheme based on family- friend interest structure. In National environment is very problematic to make work the theoretical networking schemes because of set of threats and obstacles. It is not technological problem it is a social one. NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
3a. Supercourse as a nuclei of a new paradigm to reorganize all the global safety system Global Health Network- Supercourse which has been created since 90-s of last century at Disease Monitoring and Telecommications WHO Collaborating Center, University of Pittsburgh and having begun as a university course to prevent infection diseases it should be assessed as key step in reorganizing all the global safety system.. The Supercourse infrastructure is simple, effective and trustworthy : Ron LaPorte’s estimation : The Supercourse trained 300,000-1,000,000 students “ Ideals survive through change. They die through inertia in the face of challenge “ ( PM Tony Blair to Euro MPs. June, 23, 2005:) Supercourse2, which is the next generation NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
3b. Supercourse as a nuclei of a new paradigm to reorganize all the global safety system An organizational tool Center of Excellence in Public Health Informatics inspires greatly as it includes: - creation of a system for creating, storing, accessing, integrating and manipulating information at various aggregate levels. This Extensible Public Health Information Collaboratory (EPIC) will allow synchronous and asynchronous collaboration among Public Health educators and will provide an information infrastructure to reflect the knowledge and sophistication of the user, will create an environment that bridges cultural and linguistic boundaries, and will link geographic information systems to public health needs. A digital library will bring sharing information across the public health silos However it implies more technological ( even on linguistics) than social aspects. There are a lot of some difficulties which impede realization of the idea and implementation of the latter which may be analyzed from Information Security ( InfoSec) Scope NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
4 . InfoSec Scope to make people accept the new paradigm of Networking Information Security: Accessibility, Confidentiality and Integrity 7 principles – of InfoSec System building : Taking into account all possible and interconnecting threats, Continuity, Complexity, Optimization , Flexibility, Simplicity, Openness Taking into account all possible and interconnecting threats On the way to implement Supercourse into the “whole” society the team will encounter another threats which are different to those of thorough academic ones Interdisciplinary InfoSec diverse contradictions as those for Big and Small Corporations, for Military and Universities should be taken into account Continuity Networking as InfoSec is not a single and isolated action – it is a continuous and aimed process. Otherwise: Renovation of a system makes that vulnerable. Updating : The idea to contact each of the authors of the lectures every two years and ask them for the updated versions of their best lectures matches this very principle The problem of constant contacting – not technological only but psychological as well NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
InfoSec Scope: essential steps • dispelling myths • implementing codes of practice described in ISO 17799 • To make myths be gone : • Myth 1 : Networking in Academic Society is on appropriate stage • Myth 2: Networking is a technical issue. • Policies are not technical manuals. Networking is about people • Myth 3: If you build it, they will come. • Right after you post the new Networking policy in the Internet, you notice all the users can think about is the extra work you have proposed to them. The process of writing policies is a group activity. Bringing users into the loop early makes them stakeholders in the policies and ambassadors to the rest of the networking sector . Peers who believe in the need for Networking carry a lot more weight with users than the "professional paranoids" of Networking NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
InfoSec Scope: essential steps • Codes of practice if follow ISO 17799 : • 1. TERMS AND DEFINITIONS • it is of special value to work on Glossary of terms and definitions. • Initially the Supercourse was developed as Multilanguage tool • 2 IMPLEMENTATION AND SECURITY POLICY • One of the principal Qs on InfoSec: whose proprietary is the Information Resources and Processes Eternal problem of balance Secrecy and Openness – the result of contradictions between Proprietaries . • 3 ORGANIZATIONAL IMPLEMENTATION AND SECURITY • Bringing users into the loop early makes them stakeholders in the policies and ambassadors to the rest of the organization. • 4 ASSET CLASSIFICATION AND CONTROL • 5 PERSONNEL IMPLEMENTATION AND SECURITY • It makes a great difference which people are engaged in the process. • if it is another team no doubt the Supercourse will be developed otherwise. NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
InfoSec Scope: essential steps • Codes of practice if follow ISO 17799 : • 6 PHYSICAL AND ENVIRONMENTAL IMPLEMENTATION AND SECURITY • 7 COMMUNICATIONS AND OPERATIONS MANAGEMENT • 8 ACCESS CONTROL • 9 SYSTEMS DEVELOPMENT AND MAINTENANCE • 10 BUSINESS CONTINUITY MANAGEMENT • 11 COMPLIANCE (ON IMPLEMENTATION AND SECURITY) . 6a. InfoSec Scope: essential issues Personalization and real-time adaptation Users: A personalized system builds a model of the goals, preferences and knowledge of each individual user, and uses this model to guide interaction with the user. Not only the system should be adaptive but users are to be prepared: To make them think collaboratively, to attract them into collaborative activity. It is of some sense to seek for people who are ready to accept the SC and Network Prevention Paradigm. Adversaries: While personalization and real-time adaptation not only users but adversaries as well should be taken into account. Theoretically Personalization by collecting information about the users and adversaries and fusing it into coherent user and adversary models is good . But the construction of the models might be a difficult task which is feasible for group of experts in diverse disciplines NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
6b. InfoSec Scope: essential issues Network Prevention must be secured itself to be a trustworthy entity A key factor that will determine the success of Networking is the associated security and privacy issues. Access Control Secure Interoperation and Secure Collaborative Workspace Privacy Protection InfoSec and Privacy protection is an integral part of any mission in the US but sometimes is difficult to understand in other countries Security Provision: Form it Attractive for Societies and enforce that by Law instruments Neutralize Adversaries Implement Aggressive Dissemination Principal Channels : Discipline of Prevention, ICT, Information Security, Law, Library Sciences NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
6c. InfoSec Scope: essential issues Information security approaches for the decision of problems of any Critical Infrastructure Instruments to prevent accidents in any Critical Infrastructure may be classified Just the same way as in InfoSec : Ethical, Legislative, Organizational, Physical ( technical facilities and equipment ), Technical ( hardware and software ), Math NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
7. Conclusion Information Security Techniques with their great ISO17799 ideology will help to formulate Information Policy, to clarify threats and barriers, to name adversaries and competitors, to provide continuity. Through Librarian Sciences and Technologies : - to disseminate the idea. Librarian Sciences and Technologies will support dissemination of information severely and give it a solid base. In the spirit of Supercourse, networking tools are to be realized through a series of capable and sophisticated open-source software that are intuitive for practitioners to use. The software should be suitable to move data to A digital library that will bring sharing information across the silos . Through Legal Tools : - to persuade diverse societies that the idea is true; - to overcome bureaucratic and juridical barriers; - to elaborate Codes of practice with taking into account InfoSec, Ethics and Law aspects - here will be the base for interdisciplinary and intercultural bridge. Implementation has to be realized aggressively through practice, research, and academic (education, training and awareness ) NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM
THANK YOU ! Ronald E. LaPorte University of Pittsburgh, Pittsburgh, PA, USA super1+@pitt.edu Andrey Trufanov, Irkutsk State Technical University, Irkutsk, RF troufan@istu.edu NETWORK PREVENTION AS A PARADIGM OF GLOBAL SAFETY SYSTEM