Martin R. Stytz

Software protection: security's last stand?

Given that application software protection is necessary, what form and function should it take? There are three principal forms of protection: watermarking, obfuscation, and application performance degradation. These techniques perform three main functions: detection of attempts to pirate, misuse, or tamper with software, protection of software against those attempts, and alteration of the software to ensure that its functionality degrades in an undetectable manner if protection fails. These defenses are required on hardware ranging from single processors to small computer clusters to traditional supercomputers to wide-area distributed computing.

Overview of cyber security: a crisis of prioritization

The Internet, originally a development of the USA government, opened to commercial traffic in the early 1990s. Since then, its growth internationally has been phenomenal. In several nations, the Internet is now fundamental for communication, and it has become basic to society, including supporting several aspects of the USA national critical information infrastructure. Because the Internet was built as all information-sharing network, security did not figure prominently in its original architecture. This deployment is beneficial but it has also brought serious risks.

Progress and prospects for the development of computer-generated actors for military simulation: part I-Introduction and background

The development of computer-generated synthetic environments, also calleddistributed virtual environments, for military simulation relies heavily upon computer-generated actors (CGAs) to provide accurate behaviors at reasonable cost so that the synthetic environments are useful, affordable, complex, and realistic. Unfortunately, the pace of synthetic environment development and the level of desired CGA performance continue to rise at a much faster rate than CGA capability improvements. This insatiable demand for realism in CGAs for synthetic environments arises from the growing understanding of the significant role that modeling and simulation can play in a variety of venues. These uses include training, analysis, procurement decisions, mission rehearsal, doctrine development, force-level and task-level training, information assurance, cyberwarfare, force structure analysis, sustainability analysis, life cycle costs analysis, material management, infrastructure analysis, and many others. In these and other uses of military synthetic environments, computer-generated actors play a central role because they have the potential to increase the realism of the environment while also reducing the cost of operating the environment. The progress made in addressing the technical challenges that must be overcome to realize effective and realistic CGAs for military simulation environments and the technical areas that should be the focus of future work are the subject of this series of papers, which survey the technologies and progress made in the construction and use of CGAs. In this, the first installment in the series of three papers, we introduce the topic of computer-generated actors and issues related to their performance and fidelity and other background information for this research area as related to military simulation. We also discuss CGA reasoning system techniques and architectures.

Progress and prospects for the development of computer generated actors for military simulation: part 3--The road ahead

The development of realistic computer-generated synthetic environments, also calleddistributed virtual environments, relies heavily upon computer-generated actors (CGAs) to provide accurate behaviors at reasonable cost so that the synthetic environments are useful, affordable, complex, and high fidelity. Unfortunately, the pace of synthetic environment development and the level of desired CGA performance continue to rise at a much faster rate than CGA capability improvements. This insatiable demand for realism in CGAs for synthetic environments arises from the growing understanding of the significant role that modeling and simulation can play in a variety of uses. These uses include training, analysis, procurement decisions, mission rehearsal, doctrine development, force-level and task-level training, information assurance, cyberwarfare, force structure analysis, sustainability analysis, life cycle costs analysis, material management, infrastructure analysis, and many other uses. In these and other uses of military synthetic environments, CGAs play a central role because they have the potential to increase the realism of the environment while also reducing the cost of operating the environment. The progress made in addressing the technical challenges that must be overcome to realize effective and realistic CGAs for military simulation environments and the technical areas that should be the focus of future work are the subject of this paper, which surveys the technologies and progress made in the construction and use of CGAs. In this, the third installment in the series of papers discussing CGAs, we conclude our discussion of CGA technologies by concluding the discussion of human behavior modeling for CGAs, and we present some suggested future research directions for CGA technologies.

The distributed mission training integrated threat environment system architecture and design

We describe the architecture, design, components, and functionality of the Distributed Mission Training Integrated Threat Environment (DMTITE) software. The DMTITE architecture and design support the development and run-time operation of computer-generated actors (CGAs) in distributed simulations. The architecture and design employ object-oriented techniques, component software, object frameworks, containerization, and rapid prototyping technologies. The DMTITE architecture and design consist of highly modular components where interdependencies are well defined and minimized. DMTITE is an open architecture and open design, and most component and framework code is open source. The DMTITE architecture and design have been implemented (including all system components and frameworks) and currently support a number of types of computer-generated actors. The DMTITE architecture, design, and implementation are capable of supporting multiple reasoning, vehicle dynamics, skill level, and migration requirements for any type of CGA.

Protecting personal privacy: hauling down the Jolly Roger

Internet piracy is a growing threat to organizations as their customers become increasingly unwilling to place their personal private information (PPI) at risk for the convenience of electronic transactions. The continued violations of data and private information indicate both that we need an approach to privacy protection that is resilient to piracy and that our current core approaches are flawed.

Progress and prospects for the development of computer-generated actors for military simulation: part 2-reasoning system architectures and human behavior modeling

The development of computer-generated synthetic environments, also calleddistributed virtual environments (DVEs), relies heavily upon computer-generated actors (CGAs) to provide accurate behaviors at reasonable cost so that the synthetic environments are useful, affordable, complex, and realistic. Unfortunately, the pace of synthetic environment development and the level of desired CGA performance continue to rise at a much faster rate than CGA capability improvements. This insatiable demand for realism in CGAs for synthetic environments arises from the growing understanding of the significant role that modeling and simulation can play in a variety of uses. These uses include training, analysis, procurement decisions, mission rehearsal, doctrine development, force-level and task-level training, information assurance, cyberwarfare, force structure analysis, sustainability analysis, life cycle costs analysis, material management, infrastructure analysis, and many other uses. In these and other uses of military synthetic environments, computergenerated actors play a central role because they have the potential to increase the realism of the environment while also reducing the cost of operating the environment. The progress made in addressing the technical challenges that must be overcome to realize effective and realistic CGAs for military simulation environments and the technical areas that should be the focus of future work are the subject of this series of papers, which surveys the technologies and progress made in the construction and use of CGAs. In this, the second installment of three papers in the series, we present a discussion of CGA software architectures and a discussion of approaches to human behavior modeling.

Under the Black Hat

A review of How to Break Software Security, by James A. Whittaker and Herbert H. Thompson

How Secure Is Your Wireless Network? Safeguarding Your Wi-Fi LAN [Book Review]

explanation of wireless technology. It helps the uninitiated grasp the concepts of wireless network technology, IEEE 802.11’s technical and security issues, and some of the core community’s more arcane practices, such as “war driving.” This term comes from the hobby of searching for wireless networks by moving around a city, or even a building, scanning for wireless network transmissions. The book provides a broad overview of the wireless networking landscape and its unique security challenges. The chapter devoted to Wired Equivalency Privacy vulnerabilities discusses WEP’s capabilities, operation, and limitations, and serves to motivate later discussions of security improvements for wireless networking. Two chapters dedicated to wireless security issues give thorough overviews of current security measures’ shortcomings and the manner in which emerging networking technologies will address them. The chapter on 802.1X is especially noteworthy; it clearly explains the motivation for the standard and describes its ability to address security issues, while also comparing competing standards and the full range of security options. I particularly liked the author’s emphasis on the need for placing the wireless access point outside the firewall to maximize the installation’s security baseline. Barken also devotes a chapter to wireless networks in the home and enterprise. The book is an easy read, thanks to the clarity of the writing and the author’s evident expertise. I also appreciated the chapter summaries for their overviews of the key technical issues each chapter addressed. The hands-on projects give the reader an understanding of the security challenges posed by real-world wireless networks. The book does suffer from the lack of a glossary; each chapter contains multiple acronyms and having a ready reference to their definitions in one location would be helpful. This book would be good as a primary text for a college course in wireless networking if the instructor were willing to supplement the text with additional problems and projects. It’s an excellent supplementary text for any course in wireless networking. People wanting to come to grips with wireless networking on their own would be hard pressed to find a better introductory book. BookReviews

The role of the unified modeling language and the extensible markup language in computer-generated actor behavior evaluation

In spite of numerous efforts undertaken to develop processes and procedures for the test and evaluation of the performance and accuracy of computer-generated actors (CGAs), much remains to be done before we can confidently field CGAs that reliably provide a desired suite of behaviors. While it currently appears to be impossible to completely validate CGA behaviors, we believe that an experiment-based approach to CGA behavior evaluation can provide a high degree of confidence in the accuracy of the CGA behaviors and that, as a result, CGA behaviors can confidently be considered to be acceptable within the bounds of the testing and assessments related to its intended use. Clearly, exhaustive testing of all possible CGA behaviors is not feasible since exhaustive testing of CGA behaviors would be an even more computationally complex task than software testing; exhaustive software testing has proven to be impossible for any but the most trivial software. Therefore, our approach to addressing the CGA behavior test and evaluation challenge is based upon the use of the Unified Modeling Language (UML) and the eXtensible Markup Language (XML) to capture and describe the desired CGA behaviors. UML provides the capability to document the desired behavior from a number of perspectives and XML allows us to augment the UML documentation in a standard, open manner. The paper is organized as follows. Section One will contain an introduction to motivate our research and a discussion of the challenges that must be addressed to properly model human behavior and then test and evaluate CGA human behavior models. Section Two will contain a discussion of the relevant background technologies for our work. Section Three contains the discussion of our approach to CGA behavior testing, assessment, and evaluation and how we believe that UML and XML should be used for CGA behavior testing documentation. Section Four contains a summary and suggestions for further research.