«Workshop held 9-10 January 2008 in Arlington, VA Prepared for US Strategic Command Global Innovation and Strategy Center (USSTRATCOM/GISC) Prepared ...»
Optionally, input pickups using nano-technology may allow for tendon and muscular flex monitoring to simulate keyboard use as well as real-time line-of-sight tracking for mouse movement. The largest obstacle to eliminating viewing screens has been the vertigo affect users have experienced when using projected screen enhanced view goggles. Nanotechnology should allow for the creation of glasses or contact lenses that will provide visual computer interfaces at focal points, that will not cause nausea due to focus change.
Note: The implantation of subdermal interfaces will provide interesting opportunities for data security with respect to how access to information “feels”. It will become possible to make a user feel “uncomfortable” when accessing information they are not privileged to access as a means of deterrence.
While true artificial intelligence is still many decades in the future, rules based interaction with machines via embedded processors with wireless interfaces is likely within this decade.
The first instances of direct machine interfacing will most probably occur in medicine or warfare technology. Users (physicians guiding internal nano-bots to wound sites or commanders interacting with swarms of drones) will interface with machinery via direct query and command instead of via dials and ports. This will allow users to add intelligence to decision making processes from safe distances and query the ongoing status of operations without the slow serialization of polling. Certain large scale (whether the battlefield is a body or a country) deployments of semi-sentient devices will require human interaction in order to provide logistical and decision making capabilities.
Deterring VNSA in CyberspaceCreation of Cyber-relative Nation States
Cyberspace and the manner in which cybercitizens use and interact with digital fabrics will go through some radical and yet familiar changes as the perceived threat to nations is reflected in their Internet policies. In many ways early signs of cyber-nationalism are already making themselves apparent through the requests being made of ICANN, the agency in charge of
managing the naming structure of the Internet. There are several driving factors:
Nation State Security•
Currently, most infrastructures are relatively open, but the problems associated with terrorism, both physical and electronic will soon change the means by which cybercitizens access national infrastructures. It is extremely probable that a high profile data loss incident will occur at the 2008 Summer Olympics. This incident or one similar will create the level of pain necessary to jumpstart serious discussions concerning infrastructure control. Safeguards will be put into place that will function similarly to passports. This form of access validation and control will allow intelligence and national security agencies to better track domestic activities of Violent Non-State Actors (VNSAs) as they use electronic media. Past efforts in the creation of a global signature based on technology, such as X.500, will be revisited as a means of access and use validation. This namespace will then be used by ISPs to control and report on access to cyberspace.
Censorship and Content Control•
Many nations have already voiced their displeasure with the information which is readily published on the Internet and seeping into their cultures. What is deemed a matter of free speech or expression in one nation may be highly offensive to the population of others.
Pornographic material, capitalistic efforts, and implied propaganda are three areas that have drawn the most complaints. As a result, many nations will request control over the content entering and leaving their cyber-nation states through a variety of both electronic and manual methods.
While there are many viewpoints held regarding the sovereign rights of nations in cyberspace, given the lack of precedence, many will take it upon themselves to institute their own control mechanisms. This is already apparent and growing. The impact of these efforts will not be felt by the general populous as technology will outpace most control mechanisms implemented.
With the nationalization of cyberspace will come the opportunity to introduce the foundation for taxes and tariffs on electronic sales. Not the sale of physical goods electronically but the sale of electronic goods via the Internet, such as software and information. Currently there are no means by which to identify and hold accountable both the buyer and the seller, but national control of infrastructure boundaries will allow governments to institute banking laws which will lead to online sales tax.
Deterring VNSA in Cyberspace There are still obstacles present for charging tariffs such as alias websites but as a whole, taxation, especially in international transactions will become standard practice. The introduction of international Internet tariffs is only predicated by the need for the first nation to declare nation-based Internet boundaries. It is likely that this will begin with those nations who wish to censor Internet content, creating the necessity for electronic boundaries. This will cause other nations to respond accordingly, thus creating the conditions necessary for tariff implementation.
All of these factors will lead to the creation of cyber-borders. These borders will be policed as well, if not better than, their physical counterparts. These factors coupled with growing unease and the reality that all networks, both terrestrial and wireless, are under the ownership of companies who function within governing systems will lead to the creation of more control and monitoring on the part of the infrastructure providers.
Realizing Release-based Consumerism
Online transactions and the fear of personal identity theft will increase until mechanisms are put in place that will better control personal information misuse. It is unreasonable to expect that every online vendor will provide complete and full security for all customer data. There will continue to be data leaks which will lead to felonious data misuse.
While the theft of data cannot be fully thwarted, there are algorithms that can keep this stolen information from being used, regardless of place and time, within the bounds of use ethics. One such algorithm is that of Release-based Consumerism. Consumers who make a purchase, whether online or in-person, including thieves, will be required to authenticate the purchase via another media mechanism. Examples of these mechanisms may be cell phone, email, or even a significant other.
An example of appropriate credit use utilizing release-based consumerism, might consist of the
Example of valid transaction:
1. A consumer purchases a book online using their credit card or bank account.
2. The purchase is acknowledged by the retailer but not authorized until the consumer validates the desire to purchase via another form of prearranged communication, for example a text message.
3. The consumer responds to the transaction request via the second communication in one of
3.1. Approval, after which the purchase takes place
3.2. Denial, after which the purchase is denied, logged, and depending on certain criteria authorities may be contacted.
Example of invalid transaction:
1. A consumers data is stolen and used to buy gas at a station (or an item online)
2. The real owner of consumer data receives an email requesting validation
3. The consumer, knowing they have not made the purchase denies the transaction. No gas purchase is allowed and the thief arrested.
Deterring VNSA in CyberspaceThe role of Deterrence in Homeland Security
All of the previously detailed advancements in cyberism will aid a nation’s ability to provide homeland security from both a physical and cyber standpoint. Many of the aforementioned solutions will increase the amount of information governments will have access to as they seek to detail the efforts of non-state violent actors. Changes in cyber-nationalism and consumerism will provide more visibility into the flow of finance and the use of infrastructure by all cybercitizens. Those who seek to restrict visibility into these financial aspects will, by nature, raise suspicion. There is no doubt that information gleaned from electronic surveillance will increase national security efforts. Increasing the capabilities of these advancements will hinge on the ability of the government and industry to work together towards mutual security goals.
One of the problems with current efforts to correlate and model the actions of VNSAs in cyberspace is that many of the collection points were designed after implementation. This has made correlation, in particular, a very labor and computation intensive operation fraught with the potential for many false positives. If changes in cyberism are to be used effectively, data collection and correlation should be designed into new systems before deployment. Without inherent design, much of the useful data used in cyberspace will remain elusive allowing VNSAs to continue to function in plain sight without fear of retribution. If disparate systems are designed to provide the basis for data analysis, the time in which it takes to recognize related data flow will be significantly reduced.
In addition to the tangential benefits which will arise as a result of advancements not specifically aimed at cyber-deterrence, there are also explicit efforts that have yet to be proposed but are feasible given the state of technology.
Tracking Cyber-Miscreants using Digital Dye Marking Perhaps the largest problem area national cyber-security efforts will face over the next decade is the protection and retention of data, in any form. Over 90% of the information used by the top financial institutions on a daily basis is unmanaged and unmarked. The misuse and theft of this information on a large scale is virtually assured given the lagging state of the security industry in data loss protection and e-discovery. This technology void combined with the exponential growth of mobile computing ensures national security issues on an ongoing basis. Current retention policies (full disk encryption, device control etc) are only effective for data at rest and are generally ineffective for data in use.
Potential does exist for the use of digital dye marking, similar to the dye-bag technology currently used in the banking industry, as a means of both deterring and tracking the use of improperly obtained data. Significant benefit can be realized by embedding trackable data into current and future information. Digital data used for tracking can be changed frequently and across multiple sources creating a significant level of doubt in the mind of would be data thieves.
Knowledge of what data is real and which is acting as a tracking mechanism is kept by the information owner or by a third party. The owner of the information, when using marked data in internal processes, can disregard this data. Those using stolen data will not know whether using this information, will expose them to tracking efforts or not. Similarly those who would procure Deterring VNSA in Cyberspace stolen data will be similarly disincentivized to buy or trade misappropriated information if the fear of being discovered is looming.
An interesting factor in using digital dye marking is the need for publicizing either the use or the results. The deterrence is truly effective when the cybercriminals are made to realize the potential outcomes, namely prosecution by law enforcement with severe penalty. There are two opportunities for deterrence clearly presented through the use of marked data. One would be to use the digital markers as a means of tracking VNSAs without their knowledge. A second would be to publicize the prosecution of caught criminals as a means of creating fear and uncertainty in the cyberspace community. In either case, the embedding of tracking data in information stores will better facilitate the capture of data thieves and simultaneously increase deterrence.
The Use of Social Networking to Reduce Extremism
The age of cyberism has produced the capacity to extend social networks beyond the boundaries and limits of one’s own immediate contacts or geography. It is now common for social and business networks consisting of individuals who have never physically met but still maintain close ties. These social networks are fostered and supported by the expanse of the Internet and the ready access to the tools necessary to find others of like interest.
The capacity to develop relationships and continue to foster them over long distances represent a unique opportunity to establish relations which may contain the seeds of moderation. It is through moderation and familiarity that the words of extremists are beaten back to the fringes of society and become drowned out in the drum of discussion that beats throughout the deep central populous.
It is harder to imagine extremist words driving wedges between those who converse and support each other on a regular basis, either in person or remotely. The social networks of the world and the capacity to provide all with “connectivity” fosters familiarity, making it far harder for extremist words of derision to take root. Humans are not prone to shooting their friends or blowing up those who befriend them.
The more the Internet is promoted and the more local actors interact with foreign actors, the wider, deeper and more accepted the voice of the main stream becomes. The ability to experience foreign cultures without leaving the boundaries of one’s own town/city creates familiarity. Familiarity creates tolerance. Tolerance is the enemy of extremism. As nations work together around the world, opportunities arise to bring social networking to all corners of the world. These social networks can be used to reinforce familiarity and extend understanding.
Deterrence can take many forms and cyberspace is not always a battlefield. It can also be a playground and a learning ground.