Chapter 1: Understanding Networks and Computers | Jack Goldsmith and a Berkman Center Cybersecurity Team | July 26, 2012

H2O

This is the old version of the H2O platform and is now read-only. This means you can view content but cannot create content. You can access the new platform at https://opencasebook.org. Thank you.

Chapter 1: Understanding Networks and Computers

by Jack Goldsmith and a Berkman Center Cybersecurity Team Show/Hide
Purpose: This chapter is designed to provide key background information the cyber environment, including the technological infrastructure of cyberspace and the technology involved in transferring information securely. It is divided into three units: the first covers the basic architecture and vulnerability of electronic systems; the second covers the design principles and building blocks of the Internet; the third introduces some vulnerabilities inherent to the cyber environment.
Concepts Covered: Operating systems, Applications, routers, packets, TCP/IP, DNS, dial-up and WiFi connections, undersea cables, satellites, wireless networks, encryption and authentication, critical infrastructure, cloud computing, man-in-the-middle attacks, and phishing scams. EDIT PLAYLIST INFORMATION DELETE PLAYLIST

Edit playlist item notes below to have a mix of public & private notes, or:

MAKE ALL NOTES PUBLIC (3/3 playlist item notes are public) MAKE ALL NOTES PRIVATE (0/3 playlist item notes are private)
  1. 1 Show/Hide More 1.1 Introduction to Computers and Computer Vulnerabilities
    Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
    Purpose: Provide a framework through which to examine issues pertaining to securing the electronic environment, such as hardware, software, and the supply chain.
  2. 2 Show/Hide More 1.2 Introduction to Internet Infrastructure
    Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
    Purpose: Provide an overview of network infrastructure, elements, and architecture philosophy.
    1. 2.1 Show/Hide More 1.2.1 Architecture Philosophy
      Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
      Many of the current security and vulnerability concerns associated with the Internet are the product of deliberate design philosophy and choices regarding functionality that characterized the early days of the Internet.
      1. 2.1.1 Show/Hide More David Clark, The Design Philosophy of the DARPA Internet Protocols, ACM SIGCOMM Computer Communication Review, 1988
        Journal Article, 8pg. This paper captures some of the early reasoning which shaped the Internet protocol suite, TCP/IP, when it was first developed by DARPA.
      2. 2.1.2 Show/Hide More Lawrence Lessig, Code 2.0, Ch. 4: Architectures of Control, 2006
        This chapter demonstrates how the architecture of the Internet shapes the way we use it and the possibilities of regulation—code is law. The original design was not concerned with control and pushed complexity to the edges of the network. The trade-off between security, control, privacy, and connectivity is decided, to a certain extent, at the architecture level.
      3. 2.1.3 Show/Hide More David G. Post, In Search of Jefferson’s Moose, Ch. 1: Chaos, 2009
        This book provides a conceptual framework through which newcomers can begin investigating the cyber-frontier. Rather than providing a technical understanding of the elements of the network, it poses some critical questions for understanding how cyberspace works and who makes the rules in cyberspace. This set of questions provides a useful framework to keep in mind while diving into the more technical sections.
    2. 2.2 Show/Hide More 1.2.2 Elements of the Network (ISPs, Routers, Protocols and packets view)
      Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
      This sub-section provides an overview on the network, the protocols it employs to transfer data, and the various ways computers connect to the Internet. Its purpose is to consider the different domains of cyberspace—systems, applications, and human—and provide an “under-the-hood” understanding of how they interact.
      1. 2.2.1 Show/Hide More David Clark, An Insider’s Guide to the Internet, 2004
        An overview of how the Internet works and why it works the way it does. It provides both a technical introduction and covers some of the design principles that guided the Internet’s initial architecture. The conclusion outlines some implications for policy makers resulting from design: different types of service providers cannot always see the parts of the information that is not relevant to them. That is, an ISP cannot always see the higher level information in the packets (for example, it may be encrypted.); the higher-level service provider (a Web server, for example) cannot see the routing information in the routers, and cannot determine what the topology and capacity of the Internet is. This article also includes a glossary with key terms.
      2. 2.2.2 Show/Hide More Elihu Zimet and Edward Skoudis, Cyberpower and National Security, Ch. 4: A Graphical Introduction to the Structural Elements of Cyberspace, eds. Kramer, Starr, and Wentz, 2009
        A graphical snapshot of the technological infrastructure, from routers to packets. This chapter provides a more conceptual understanding of the network and the transfer of data.
        Notes:
        Please note, there is a lot of overlap with the first section of Gralla’s <i>How the Internet Works</i>
      3. 2.2.3 Show/Hide More Preston Gralla, How the Internet Works, Ch. 1-10, 8th edition, 2007
        A technical, yet accessible illustrated overview of the main building blocks and connection types. The first section, Understanding the Internet’s Underlying Architecture, provides an overview of the Internet, and examines fundamental architectures, protocols, and general concepts. The second section, Connecting to the Internet, looks at the various ways computers can connect to the Internet, and has not been covered by other readings listed in this section. The main takeaway from this introduction is that connecting to the Internet will become increasingly easy—and will occur at increasingly higher speeds.
        Notes:
        For users on the Harvard network: available as an e-textbook through <a href="http://www.google.com/url?q=http%3A%2F%2Fproquest.safaribooksonline.com.ezp-prod1.hul.harvard.edu%2F0789736268%3Fuicode%3Dharvard&amp;sa=D&amp;sntz=1&amp;usg=AFQjCNF1M5MplTOw-aODoX16jxKox7Z8nQ">Hollis</a>.
      1. 2.3.1 Show/Hide More 1.2.3.a Cables
        Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
        About 99 percent of Internet traffic travels through undersea cables maintained by private providers. Securing and monitoring the cables raises questions regarding private/public cost-burden, territoriality, and international cooperation.
        1. 2.3.1.1 Show/Hide More Global Bandwidth Research Service, TeleGeography Submarine Cable Map, 2011
          This interactive map depicts active and planned submarine cable systems and their landing stations. It includes ownership data for each cable listed.
        1. 2.3.2.1 Show/Hide More Dave Lee, Sky-high Thinking for African Internet, BBC, Aug 6, 2012
          Satellite-powered broadband could be the answer to Africa's connectivity conundrum.
        2. 2.3.2.2 Show/Hide More BBC, Lybia Jamming ‘exposed Vulnerability’, Jan 13, 2006
          An incident involving Libya blocking a dissident radio station late last year highlighted the potentially devastating consequences of relying too much on satellites, a British MP has warned.
      2. 2.3.3 Show/Hide More 1.2.3.c Wireless Networks
        Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
        A variety of wireless technologies have been standardized and commercialized, but no single technology is considered the best because of different coverage and bandwidth limitations.
      1. 2.4.1 Show/Hide More 1.2.4.a Encryption (public and private keys, hash functions)
        Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
        Public key cryptography enables encryption and decryption of data transferred between two parties, the authentication of data’s origin, and indication of data tampering.
        1. 2.4.1.1 Show/Hide More Steven Levy, Crypto Ch. 3: Public Key, 2001
          This book traces the history of modern cryptography and how it transferred from being a tool employed by governments to a public service designed and consumed by private actors. Chapter 3 describes how researchers sought to answer the following question: how can you create a system where people who have never met can speak securely? The answer is a one-way authentication system, now popularized as public and private keys.
        2. 2.4.1.2 Show/Hide More Introduction to Public-Key Cryptography, Mozilla Developer Network, 2005
          Public-key cryptography and related standards and techniques underlie many commonly used security features, including signed and encrypted email, form signing, object signing, single sign-on, and the Secure Sockets Layer (SSL) protocol. This document introduces the basic concepts of public-key cryptography.
        3. 2.4.1.3 Show/Hide More D. Richard Kuhn et al., Introduction to Public Key Technology and the Federal PKI Infrastructure, NIST, 2001
          This detailed report provides an overview of Public Key Infrastructures functions and their potential applications as authentication technologies within federal agencies.
      2. 2.4.2 Show/Hide More 1.2.4.b SSL Certificates
        Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
        Many of the online authentication mechanisms that enable transactions rely on faith in the Secure Sockets Layer protocol and Certificate Authorities. Growing evidence suggests that this mechanism is highly vulnerable, and there has been much discussion surrounding alternatives.
        1. 2.4.2.1 Show/Hide More Introduction to SSL, Mozilla Developer Network, 2005
          The Secure Sockets Layer (SSL) protocol has been universally accepted on the World Wide Web for authenticated and encrypted communication between clients and servers. This article introduces key concepts and also touches upon potential threats such as Man-in-the-Middle Attacks.
        2. 2.4.2.2 Show/Hide More 1.2.4.b.ii Moxie Marlinspike on SSL and Authenticity
          Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
          Marlinspike has released several follow-up materials which are useful for an updated view of the ongoing debate.
          1. 2.4.2.2.1 Show/Hide More Moxie Marlinspike, BlackHat USA 2011: SSL and the Future of Authenticity, 2011
            A talk given as a follow-up to the blog post above, recommended viewing: 0:00-23:34.
          2. 2.4.2.2.2 Show/Hide More Moxie Marlinspike, New Tricks For Defeating SSL In Practice, BlackHat DC, 2009
            Slides demonstrating some uncovered weaknesses of SSL.
          3. 2.4.2.2.3 Show/Hide More Moxie Marlinspike, SSL and the Future of Authenticity, Thoughtcrime Blog, 2011
            This brief blog post defines the core issues with the Certificate Authorities mechanism SSL relies on, primarily via the missing quality of trust agility; it also critically examines suggested alternatives such as DNSSEC.
        3. 2.4.2.3 Show/Hide More Gregg Keizer, Hackers Stole Google SSL Certificate, Dutch Firm Admits, Computerworld, Aug 30, 2011
          This article demonstrates some of the potential issues with exploiting SSL weaknesses.
  3. 3 Show/Hide More 1.3 Sources of Network Vulnerability
    Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
    Purpose: This unit provides an overview of points of vulnerability, exploring how different aspects of the cyber environment are particularly exposed to attack, and how vulnerability may be defined.
      1. 3.1.1 Show/Hide More Martin C. Libicki, Cyberdeterrence and Cyberwar: Ch. 2: A Conceptual Framework, RAND, 2009
        This chapter outlines three layers of cyberspace: physical, syntactic, and semantic, through which to consider vulnerabilities in cyberspace. It briefly addresses external and internal threats, paying particular attention to the problem of insiders and supply chain concerns.
    1. 3.2 Show/Hide More 1.3.2 Critical Infrastructure
      Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
      The reliance on critical infrastructure, such as the power grid, electronic information systems, and the increased interoperability of these systems makes them more susceptible to cyber threats.
      1. 3.2.1 Show/Hide More William D. O’Neil, Cyberpower and National Security Ch. 5: Cyberspace and Infrastructure, eds. Kramer, Starr, and Wentz, 2009
        This chapter addresses the issue of cyber attacks to electric infrastructure and any form of attack to cyber infrastructure. It provides a brief historical review of infrastructure attacks as well as an outline of threats and possible responses.
    2. 3.3 Show/Hide More 1.3.3 DNS and Man-in-the-Middle Attacks
      Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
      The DNS translates domain names into IP addresses. There is a whole family of vulnerabilities in which the DNS on one’s computer can be fooled in accepting different IP addresses for a given domain, allowing adversaries to extract information under the pretence of a trusted site. Such vulnerabilities including cache poisoning, packet sniffing, and session hijacking. In a similar fashion, Man-in-the-Middle attacks can cause users to disclose sensitive information without being aware of a third-party’s involvement in the transfer of data.
      1. 3.3.1 Show/Hide More Bruce Schneier, Lessons from the DNS Bug: Patching Isn’t Enough, Wired, Jul 23, 2008
        This article discusses a DNS bug discovered in 2008 and argues that designing systems with a security mindset would account for vulnerabilities before they surface, rather than the retroactive engineering of patches.
      2. 3.3.2 Show/Hide More Callegati, F., Man-in-the-Middle Attack to the HTTPS Protocol, Security & Privacy, IEEE, 2009
        The man-in-the-middle attack exploits the fact that the HTTPS server (a protocol which guarantees privacy and security in transactions) sends a certificate with its public key to the Web browser. If this certificate isn’t trustworthy, the entire communication path is vulnerable. This article demonstrates how attackers can successfully intercept the data transfer and corrupt the safety of the communication.
      3. 3.3.3 Show/Hide More Seth Schoen, The Message of Firesheep:”Baaaad Websites, Implement Sitewide HTTPS Now!”, EFF, Oct 29, 2010
        Firesheep, a software taking advantage of packet sniffing and cookie stealing to hijack sessions on websites such as Facebook and Paypal while using the same network as the victim’s, has caused much discussion regarding the need to implement HTTPS universally across session-based platforms.
    3. 3.4 Show/Hide More 1.3.4 Could Computing
      Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
      In recent years, many computer and Internet functions have moved from users’ computers to remote servers that make up a “cloud” of data and processing power. The increasing prevalence of cloud-based services, including a federal policy to transition to the cloud, raises several concerns regarding data.
      1. 3.4.1 Show/Hide More Chris Clayton, Standard Cloud Taxonomies and Windows Azure, MSDN, 2011
        Cloud solutions come in three main taxonomies: infrastructure as service, platform as service, and software as service. This article reviews the strengths and weaknesses of each taxonomy, demonstrating the trade-off between control, agility, and cost-efficiency.
      2. 3.4.2 Show/Hide More Harvard Law National Security Research Group, Cloud Computing and National Security Law, 2010
        This report presents a definition of cloud computing, examining both its benefits and drawbacks. Second, it examines legal challenges posed by cloud computing, with particular attention to implications of cloud computing for U.S. law enforcement and national security agencies. Third, it outlines several recommendations for legislative responses to this new technology.
    4. 3.5 Show/Hide More 1.3.5 User-based Vulnerabilities
      Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
      Some vulnerabilities do not rely on specific technical hacks, but simply on the susceptibility of individual users.
      1. 3.5.1 Show/Hide More 1.3.5.a Phishing
        Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
        Phishing is the process of enticing people into visiting fraudulent websites and persuading them to enter identity information such as usernames, passwords, addresses, social security numbers, personal identification numbers and anything else that can be made to appear to be plausible.
        1. 3.5.1.1 Show/Hide More David Goldman, Massive Gmail Phishing Attack Hits Top U.S. Officials, CNN Money, Jun 1, 2011
          In the summer of 2011, a major phishing scam originating from China targeted hundreds of personal Gmail accounts, including government officials.
        2. 3.5.1.2 Show/Hide More Tyler Moore and Richard Clayton, Examining the Impact of Website Take-down on Phishing, APWG eCrime Researchers Summit, 2007
          This article examines take-down times of phishing websites and estimates the cost of a phishing scam in face of the defenders’ efforts to eliminate the attack. It outlines a model of the mechanics of a phishing attack, concluding that by the time phishing sites are removed, damage has already been done: many responses have been received and the attackers are moving on to new sites.
      2. 3.5.2 Show/Hide More 1.3.5.b Insiders
        Original Creator: Jack Goldsmith and a Berkman Center Cybersecurity Team
        A rogue employee presents risks similar to those of a feckless user in the periphery of an open system, as computer systems are now designed in a distributed way that would not allow an individual to cause much damage without being traced.
        1. 3.5.2.1 Show/Hide More US Secret Service, Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector, CERT, 2004
          This report examines the threat posed by insiders, that is, individuals who were, or previously had been, authorized to use the information systems they eventually employed to perpetrate harm, with a primary focus on the banking and finance sector. This piece explores the risk from a behavioral and technological perspective.
        1. 3.6.1.1 Show/Hide More Michael Sechrist, Cyberspace in Deep Water, Harvard Kennedy School, 2010
          This policy analysis argues for a public-private partnership in establishing industry best practices for the protection of undersea cables. It provides a light technical overview of how cables work and their significance as part of the ICT infrastructure.
Close

Playlist Information

May 21, 2013

cybersecurity

Author Stats

Jack Goldsmith and a Berkman Center Cybersecurity Team

Other Playlists by Jack Goldsmith and a Berkman Center Cybersecurity Team

Find Items

Search below to find items, then drag and drop items onto playlists you own. To add items to nested playlists, you must first expand those playlists.

SEARCH
Leitura Garamond Futura Verdana Proxima Nova Dagny Web
small medium large extra-large