Problems with extending EINSTEIN 3 to Critical Infrastructure

Problems with extending EINSTEIN 3 to Critical Infrastructure

In an effort to protect its computer systems from malevolent actors, the U.S. government has developed a series of intrusion-detection and intrusion-prevention systems aimed at monitoring and screening traffic between the internet and government systems.
With EINSTEIN 3, the government now may seek to do the same for private critical infrastructure networks.

This recent article of the "Harvard National Security Journal" considers the practical considerations associated with EINSTEIN 3 that indicate the program is not likely to be effective. Considering differences in scale, the inability to dictate hardware and software choices to private parties, and the different regulatory framework for government action in the private sector, this Article discusses why the government may be unable to effectively implement EINSTEIN 3 across the private networks serving critical infrastructure. Looking at what EINSTEIN aims to protect, what it is capable of protecting, and how privacy considerations affect possible solutions, this Article provides suggestions as to how to amend the EINSTEIN program to better protect critical infrastructure.

Read all the article here:
http://harvardnsj.org/wp-content/uploads/2012/01/Vol.-3_Bellovin_Bradner_Diffie_Landau_Rexford.pdf

lunedì 9 gennaio 2012
social:

Sei iscritto alla members area? Fai il login, oppure iscriviti.










Misura antispam: Quanto fa più 3?