9 May 1998
[Willis Ware is Chairman of the Computer System Security and Privacy Board] To: jya@pipeline.com Subject: DOCUMENT ON NATIONAL INFORMATION INFRASTRUCTURE Date: Fri, 08 May 98 10:18:11 PDT From: "Willis H. Ware" <willis@rand.org> John: In view of your recent message that contained commentary about germ attacks and anticipated government reaction to the infrastructure issue, may I call your attention to the following new document. Under a RAND contract with OSTP (via NSF) that supports a project known as the Critical Technologies Institute, I completed early in the year and have just published (via RAND) a short (35 page) discussion entitled: The Cyber-Posture of the National Information Infrastructure It sets forth my views on the critical infrastructure issue, and does not challenge or conflict with the Commission report but rather supplements it with new constructs and points of view. Among other things, I included an overview of the history of infosec R&D as the basis for thinking about the R&D needs of the infrastructure. There is also a set of seven getting-started understand-the-issue actions that the government could undertake promptly. This will be available in hard copy in the coming week, but meanwhile its full text is at: http://www.rand.org/publications/MR/MR976/mr976.pdf [HTML version: http://jya.com/mr976.htm] Comments on my piece are welcome because the topic is going to stay on my mind. ====================== FYI - in case you would want to reference these sources or use them. There is quite a collection of documents (on many topics) at the RAND external web page at: http://www.rand.org/PUBS/index.html and http://www.rand.org/publications/electronic/ plus some classics at: http://www.rand.org/publications/classics/ Included in the last URL is the complete set of Paul Baran's documents from the mid-60s that layout (what we now know as) packet-switching. Willis H. Ware RAND Santa Monica, CA