About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

3 Harv. Nat'l Sec. J. 1 (2011-2012)

handle is hein.journals/harvardnsj3 and id is 1 raw text is: Harvard National Security Journal / Vol. 3 ARTICLE Can It Really Work? Problems with Extending EINSTEIN 3 to Critical Infrastructure Steven M. Bellovin,* Scott 0. Bradner,** Whitfield Diffie,*** Susan Landau,**** andJennifer Rexford***** Abstract In an effort to protect its computer systems from malevolent actors, the U.S. government has developed a series of intrusion-detection and intrusion- prevention systems aimed at monitoring and screening traffic between the internet and government systems. With EINSTEIN 3, the government now may seek to do the same for private critical infrastructure networks. This article considers the practical considerations associated with EINSTEIN 3 that indicate the program is not likely to be effective. Considering differences in scale, the inability to dictate hardware and software choices to private parties, and the different regulatory framework for government action in the private sector, this Article discusses why the government may be unable to effectively implement EINSTEIN 3 across the private networks serving critical infrastructure. Looking at what EINSTEIN aims to protect, what it is capable of protecting, and how I The authors would like to thank Matt Blaze, David Clark, andJohn Treichler for various insights and suggestions in the writing of this paper, and would also like to acknowledge useful conversations with Sandy Bacik, Vint Cerf, Tahir El Gamal, and Vern Paxson. A shorter version of this paper appeared as As Simple as Possible-ButNot M/ore So, COMMUNICATIONS OF THE ACM 30 (2011), available at http: //cacm.acm.org/ magazines/ 2011/ 8 /114952-as-simple-as-possible-but-not-more- so/fulltext. Professor, Department of Computer Science., Columbia University. University Technology Security Officer., Harvard University. Vice President for Information Security., ICANN and Visiting Scholar., Center for International Security and Cooperation., Stanford University. Written while Elizabeth S. and Richard M. Cashin Fellow, Radcliffe Institute for Advanced Study, Harvard University (2010-2011); currently Visiting Scholar, Department of Computer Science, Harvard University. * Professor, Department of Computer Science., Princeton University. 1I

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most