Reliability as an interdomain service
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
| Hi-index | 0.00 |
This dissertation examines the role of public policy in critical infrastructure protection. The task is approached through three separate but interdependent research questions: (1) Assessment of the vulnerability of networks and quantifying the criticality of network components; (2) How to best allocate scarce resources for network protection; (3) Diversity as a protection strategy and public policy. All three set of research questions are based on a shared research methodology and framework to analyze issues of critical infrastructure protection involving information networks. First the data is mapped and visualized then simulations are run with the data and finally analysis is done to provide policy recommendations and defense/investment strategies. The physical infrastructure mapping work is based on custom-built database of metropolitan fiber networks, long haul fiber networks, fiber lit buildings, colocation facilities, and central offices. Utilizing these database vulnerability heat mapping tools, criticality ranking tools, and system failure simulations are developed to test the robustness of critical information infrastructure networks. Some of the most difficult problems in critical infrastructure protection are determining what is truly critical in the infrastructure, quantifying what the effects of failure are, and sorting out methods of mitigation. The tools developed in this section of the dissertation take a first step at providing answers to these questions in regards to telecommunications infrastructure and its interdependency with other critical assets. Once vulnerabilities have been identified another difficult hurdle is deciding what policy response will be most effective in solving the problem. The second section of the dissertations approaches this problem by developing simulations to determine the costs effectiveness of implementing cybersecurity strategies and policies. The tool tests current cybersecurity policies using federal government RFP requirements and a similar initiative targeting the financial sector. At a more granular level the tool can test the cost effectiveness of a wide variety of cybersecurity defense strategies for various network configurations. Often times malicious attacks on networks cannot be predicted or defended against ahead of time—for instance the recent SQL worm diffused globally in less than 10 minutes. When indefensible attacks exist it is useful to develop strategies to mitigate such scenarios. Along these lines the dissertation investigates the role diversity can play as a defense mechanism or public policy initiative. Diversity as defense has applications at many levels ranging from competition policy to procurement regulations. The dissertation is sum approaches the issues of critical infrastructure protection from three different perspectives providing tools to analyze physical infrastructure, perform cost effectiveness analysis, and evaluates the possibility of diversity as a defense strategy. Each issue plays an important role in the current debate on critical infrastructure and they build upon each other to form a foundation for empirical and economic analysis of the role of public policy in critical infrastructure protection. The research findings are then put in the context of the question are private efficiencies resulting in public vulnerabilities.