GLOBAL connectivity is a given. Every country in the world has some electronic capability that links it to vast worldwide communications networks. Information, in quantities unimaginable and in places unheard of, is instantaneously accessible merely by touching a few keys on a computer keyboard. The entire contents of the Library of Congress are a mere speck in the ocean of information available at our fingertips.
Our daily lives are inextricably tied to computers and communications networks. Financial institutions transfer trillions of dollars daily; much of the world's commerce is conducted electronically, including the trading of millions of shares of stock daily by stock markets in every major financial capital; transportation systems use global positioning satellites for guidance; electric power generation and distribution are computer-controlled; medical services, including intricate surgical procedures, are computerized; and industry uses automated assembly lines. The list goes on and on. With much help from networked computers and communications systems, we are fast becoming one global community, with all the attendant implications of alliances, cooperation, courtesy, dependence, restraint, and-perhaps most important-trust.|
Imagine the chaos that could result from an extended disruption of networked services or in any one of those services-in fact, in any small subset of one of those services. We have had a few noteworthy examples-wake-up calls if you like-of the results of a short-term disruption: the East Coast power blackout a few years ago, the telephone outage in the Chicago region, the more recent shutdown of the power grid in the Northwest.
As early as 1979, the Department of Energy and Lawrence Livermore recognized the importance of protecting our unclassified computing environments from improper use, access, or disruption. While the focus in those early days was on protecting local computing installations, it was a relatively easy transition from that effort into a more universal, wide-ranging program that addresses the security implications of localized computing in the larger context of global connectivity. A number of computer security events in the late 1980s-notably the East German hacker incident discovered at Lawrence Berkeley National Laboratory and chronicled in Clifford Stoll's The Cuckoo's Egg and the Internet "worm" incident-helped focus the need for protection products and furthered the cause of computer security research efforts throughout the world.
The Computer Security Technology Center at Lawrence Livermore was established to identify and develop computer and network protection methodologies and products that could help ensure the integrity and security of DOE computing resources. Products of the center have evolved over the years to keep pace with rapidly changing computing technologies. The following article describes a collection of products and services that DOE and its contractor community are using to help protect the vital computer systems and interconnecting networks that provide the computational underpinnings for Department of Energy programs.
The nation's growing dependence on computers and the networks that interconnect them places us at great risk. Threats range from simple annoyances, such as unsolicited advertising via e-mail, to much more sinister possibilities, such as intentional disruption by an adversary. The research efforts of the Computer Security Technology Center are vital to the future well-being of the global computer community of which we are a part.
--David Cooper, Associate Director, Computations