From: John Young <jya@pipeline.com>
Date: Wed, 8 Jan 1997 20:18:26 -0800 (PST)
To: cypherpunks@toad.com
Subject: IW-D Report
Message-ID: <1.5.4.32.19970109041402.00693dd4@pop.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


We've digtized the 200-page "Information Warfare-
Defense" report by the Defense Science Board.

  http://jya.com/iwd.htm  

It's quite informative about large-scale planning
for coping with the threats of information age --
encryption among many other political, economic,
technical and legal issues. There is overlap with
the NRC cryptography report on prospects for
technological fixes to security, but this report
envisions a much more comprehensive plan. 
(William Ware served on both panels; Stewart 
Baker on the IW-D.)

Comparison to threat models of the Center for Disease 
Control, FEMA and the National Drug Intelligence Center
is provocative (Appendix D).

Well worth reading for a preview of the next century's 
opportunities for wealth, power and infamy.

-----

REPORT OF THE DEFENSE SCIENCE BOARD TASK FORCE    
ON INFORMATION WARFARE - DEFENSE (IW-D) 

November 1996

TABLE OF CONTENTS

EXECUTIVE SUMMARY

1.0 INTRODUCTION

2.0 ENVIRONMENT

    2.1 Growing Dependency, Growing Risk   
    2.2 Information Warfare   
    2.3 The Infrastructure   
    2.4 Threat

3.0 OBSERVATIONS

4.0 WHAT SHOULD WE DEFEND?

5.0 HOW SHOULD WE DEFEND?

    5.1 Procedures, Processes and Mechanisms   
    5.2 Strategy

6.0 RECOMMENDATIONS

    6.1 Designate an Accountable IW Focal Point   
    6.2 Organize for IW-D
        6.2.1 Establish a Center for Intelligence Indications 
              and Warning, Current Intelligence, and Threat 
              Assessments     
        6.2.2 Establish a Center for IW-D Operations     
        6.2.3 Establish a Center for IW-D Planning and 
              Coordination     
        6.2.4 Establish a Joint Office for System, Network and 
              Infrastructure Design     
        6.2.5 Establish a Red Team for Independent Assessments

    6.3 Increase Awareness   
    6.4 Assess Infrastructure Dependencies and Vulnerabilities   
    6.5 Define Threat Conditions and Responses   
    6.6 Assess IW-D Readiness   
    6.7 "Raise the Bar" with High Pay-Off, Low-Cost Items   
    6.8 Establish and Maintain a Minimum Essential Information 
        Infrastructure   
    6.9 Focus the R&D   
    6.10 Staff for Success   
    6.11 Resolve the Legal Issues   
    6.12 Participate Fully in Critical Infrastructure Protection   
    6.13 Provide the Resources

7.0 SUMMARY

APPENDIX A: Threat Assessment

APPENDIX B: National Intelligence Exploitation Architecture

APPENDIX C: A Taxonomy for Information Warfare?

APPENDIX D: Organizational Models
  D.1 Centers for Disease Control and Prevention   
  D.2 Federal Emergency Management Agency Federal Response 
      Plan   
  D.3 National Drug Intelligence Center

APPENDIX E: Think Pieces
  E.1 Information Infrastructure Assurance Principles   
  E.2 "Raise the Bar" Exercise

APPENDIX F: Technology Issues

APPENDIX G: List of Acronyms

APPENDIX H: Glossary