|
|
(79 intermediate revisions by 4 users not shown) |
Line 1: |
Line 1: |
| {{TOCright}}
| | __NOTOC__ |
| ==Introduction==
| |
|
| |
|
| This Cybersecurity wiki provides a set of evolving resources on cybersecurity, broadly defined, and includes an '''[[Annotated Bibliography | Comprehensive Index]]''' on relevant articles and literature, which can be searched in a number of ways. Please see below.
| | {|align="center" style="text-align:center; background-color:white" class="wikitable" width="100%" |
| | !colspan="5"|Navigation |
| | |-align="center" valign="bottom" |
| | |style="width: 20%"|[[File:toc_icon.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Table_of_Contents]]<br><b>Table of Contents</b> |
| | |style="width: 20%"|[[File:All_articles3.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Cybersecurity_Annotated_Bibliography]]<br><b>List of All Articles</b> |
| | |style="width: 20%"|[[File:case_studies.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Category:Case_Studies]]<br><b>Case Studies</b> |
| | |style="width: 20%"|[[File:h2o_icon.svg|105x105px|link=http://h2odev.law.harvard.edu/playlists/633]]<br><b>Suggested Syllabi (H2O)</b> |
| | |style="width: 20%"|[[File:Help_icon4.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Help]]<br><b>How to Use this Wiki</b> |
| | |} |
|
| |
|
| This wiki is intended as a tool/resource for researchers, technologists, students, policy-makers and others who are interested in cybersecurity issues more broadly.
| | ==Introduction== |
| | | This Cybersecurity wiki provides a set of evolving resources on [[Cybersecurity_Overview|cybersecurity, broadly defined]], and includes an '''[[Cybersecurity_Annotated_Bibliography|annotated list]]''' of relevant articles and literature, which can be searched in a number of ways. Please [[#Navigation|see below]]. It is intended as a tool/resource for researchers, technologists, students, policy-makers and others who are interested in cybersecurity issues more broadly. For more information about this first phase of the project, including the team, methodology, and opportunities to contribute, please see [[About|About the Project]]. |
| ==Cybersecurity Overview== | |
| | |
| The term “Cybersecurity” encompasses a range of issues from [[Cybercrime]] to [[Cyberwar]]. These in turn embrace a diverse set of activities and interests.
| |
| | |
| Cybercrime, for example, can refer to a lone [[Keyword_Index_and_Glossary_of_Core_Ideas#Hacker | hacker]] breaking into a single computer or to an [[Keyword_Index_and_Glossary_of_Core_Ideas#Organized_Crime | organized network of computer criminals]] collecting thousands or millions of [[Keyword_Index_and_Glossary_of_Core_Ideas#Credit_Card_Fraud | credit card numbers]] and/or [[Keyword_Index_and_Glossary_of_Core_Ideas#Identity_Fraud.2FTheft | personal information records]] from multiple poorly protected corporate sources. Responses to cybercrime range from offering [[Incentives | incentives]] to individuals, manufacturers and/or corporations to protect against [[Keyword_Index_and_Glossary_of_Core_Ideas#Malware | malware]] and [[Keyword_Index_and_Glossary_of_Core_Ideas#Botnet | botnet attacks]] to decisions about [[Insurance | insurance]] and [[Risk_Management_and_Investment | risk management]].
| |
| | |
| [[Cyberwar| Cyberwarfare]] includes covert [[Espionage | espionage]] attacks against secure systems to collect sensitive [[Keyword_Index_and_Glossary_of_Core_Ideas#National_Security | national security]] information, distributed attacks against the [[Private_Critical_Infrastructure | civilian infrastructure]] to cause widespread failures of [[Electricity, Oil and Natural Gas | energy]] and/or [[Communications | communication systems]] or targeted attacks against [[Government_Networks_(.gov) | military targets]] with the intent to render offensive and defensive systems inoperable or to take control of systems with the ability to deliver [[Keyword_Index_and_Glossary_of_Core_Ideas#Kinetic_Attack | kinetic attacks]]. These attacks all create complicated questions of [[Attribution | attribution]] and [[International Law (including Laws of War) | law]], as the normal [[Keyword_Index_and_Glossary_of_Core_Ideas#Laws_of_War | laws of war]] are of questionable value when applied to threats delivered domestically from a anonymous source in a distant location. In addition, [[Deterrence| deterrence]], offensive actions and defensive response often become blurred in the cyber realm, requiring a fresh look at what policies such as “no first strike” mean in cyberspace.
| |
| | |
| Solutions to these problems will involve addressing questions of [[Economics_of_Cybersecurity | economics]], incentives, [[Regulation/Liability |law, legislation]], politics, [[Public-Private_Cooperation | government-private cooperation]] and [[International_Cooperation |international diplomacy]]. Government, industry, the military and the public must all play a role in deciding [[Keyword_Index_and_Glossary_of_Core_Ideas#Cyber_Security_as_a_Public_Good | how much cybersecurity is needed]] and who will pay for it. These stakeholders must also address the tradeoffs between [[Privacy | privacy]] and security that often arise in addressing cyber threats. Finally, there needs to be a way to [[Metrics | measure the threat]] and the protections put in place so that the players can make intelligent choices in allocating scare resources.
| |
| | |
| ==Key Resources==
| |
| | |
| '''Reader's Guide: "How to Use this Wiki"'''
| |
| | |
| Our '''[[Annotated Bibliography | Comprehensive Index]]''' presents and summarizes all of the resources we've collected by key issues and themes in Cybersecurity.
| |
| | |
| Because this bibliography encompasses such a wide range of cybersecurity issues, the most direct way to get started is to look through the detailed
| |
| '''[[Annotated Bibliography | Table of Contents]]''' and select '''Specific Issues or Themes''' of interest. For example, [[Cybercrime | "Issues->Cybercrime"]] or [[Financial Institutions and Networks |Security Targets->Private Critical Infrastructure->Financial Institutions and Networks]].
| |
| | |
| If you are interested in a broad topic area, however, you might choose to start your search from one of the '''[[Broad Topics]]'''. This allows you to search within the broad categories of '''[[Overview]]''', '''[[Threats_and_Actors | Threats and Actors]]''', '''[[Issues | Issues]]''', and '''[[Approaches | Approaches]]'''.
| |
| | |
| Alternately, you can access the readings that we've summarized by
| |
| '''Resource Type''', which includes '''[[Government Reports]]''', '''[[Industry Reports]]''' and '''[[Books]]'''.
| |
| | |
| For a more targeted review by '''Key Word''', please review our '''[[Keyword Index and Glossary of Core Ideas]]''', which will enable you to search definitions and references related to specific terms, from [[Keyword_Index_and_Glossary_of_Core_Ideas#Air-Gapped_Network| Air-Gapped Network]] to [[Keyword_Index_and_Glossary_of_Core_Ideas#Zero-Day_Exploit | Zero-Day Exploit]].
| |
| | |
| A comprehensive '''List of All Articles''' in the bibliography is available in the '''[[Comprehensive Index]]'''.
| |
| | |
| References may also be accessed in a standard bibliographic format ([http://www.bibtex.org/ BibTeX]) here: '''[http://cyber.law.harvard.edu/cybersecurity/Special:Bibliography Bibliography]'''.
| |
| | |
| ==Ongoing Work==
| |
| | |
| '''A Note on Methodology''': The materials featured in this wiki are just a starting point for our inquiry. They were selected as foundational documents on the recommendation of select researchers. During the next phase of the project, experts, policy-makers, academics, and others will be asked to review and evaluate the current collection and make recommendations for additional resources to include. We have also included a list of suggested materials for review and possible inclusion in the next phase of the project.
| |
| | |
| Additional articles for consideration are listed here: [[Suggested References to Add to Wiki]]
| |
| | |
| ==About the Project==
| |
|
| |
|
| This wiki is part of the [http://minerva.dtic.mil/ Minerva Initiative].
| | If you have feedback, comments, or suggested additional readings/resources, please contact: [mailto:cybersecurity-feedback@cyber.law.harvard.edu cybersecurity-feedback@cyber.law.harvard.edu].<br> |
|
| |
|
| The resources have been assembled by a team at the [http://cyber.law.harvard.edu/ Berkman Center for Internet & Society]. Contributors include: [http://cyber.law.harvard.edu/people/dabrams David Abrams], Jacob Albert, [http://cyber.law.harvard.edu/people/ugasser Urs Gasser], [http://cyber.law.harvard.edu/people/jgoldsmith Jack Goldsmith], Shane Matthews, Caroline Nolan, and Felix Treguer.
| | Prior to suggesting material for inclusion in the wiki, please consult the [[Submitting Feedback]] page. |
|
| |
|
| If you have feedback, comments, or suggested additional readings/resources, please contact Caroline Nolan: cnolan@cyber.law.harvard.edu
| | ==Navigation== |
| | ===Table of Contents=== |
| | The quickest way to get started is by using the [[Table of Contents]] as a guide to searching articles by type or category. Some of the articles have wiki entries which include a synopsis, full bibliographic information, and additional relevant notes. |
|
| |
|
| ==Templates and Wiki Tools== | | ===List of All Articles=== |
| | You might also wish to consult the [[Cybersecurity Annotated Bibliography|list of all articles]] and use the [[Help#How_to_Use_the_Filter|filtering tool]] to receive customized search results by type, category, or a free text search term. |
|
| |
|
| [[TemplateForSources | Template for Sources]] | | ===Case Studies=== |
| | The [[:Category:Case Studies|Case Studies]] page presents a list of selected case studies with short summaries and links to related literature such as news articles and investigative reports. |
|
| |
|
| [[Guidelines for adding Bibliography entries]] | | ===Selected Syllabi (H2O)=== |
| | The [http://h2odev.law.harvard.edu/playlists/633 Suggested Syllabi] section uses the [http://cyber.law.harvard.edu/research/h2o H2O] platform to feature a selection of playlists for instruction. H2O is a Web-based platform for creating, editing, organizing, consuming, and sharing course materials. Using [http://cyber.law.harvard.edu/research/h2o H2O], professors may freely develop and collate course materials by selecting modules from a wide — and growing — repository and edit those modules to the sections that are most relevant to their particular pedagogy and approach. |
|
| |
|
| Wiki [http://meta.wikimedia.org/wiki/Help:Contents User's Guide] | | ===How to Use this Wiki=== |
| | For a full explanation of how to browse the wiki, please consult the [[Help]] page. |
Navigation
|
Table of Contents
|
List of All Articles
|
Case Studies
|
Suggested Syllabi (H2O)
|
How to Use this Wiki
|
Introduction
This Cybersecurity wiki provides a set of evolving resources on cybersecurity, broadly defined, and includes an annotated list of relevant articles and literature, which can be searched in a number of ways. Please see below. It is intended as a tool/resource for researchers, technologists, students, policy-makers and others who are interested in cybersecurity issues more broadly. For more information about this first phase of the project, including the team, methodology, and opportunities to contribute, please see About the Project.
If you have feedback, comments, or suggested additional readings/resources, please contact: cybersecurity-feedback@cyber.law.harvard.edu.
Prior to suggesting material for inclusion in the wiki, please consult the Submitting Feedback page.
Navigation
Table of Contents
The quickest way to get started is by using the Table of Contents as a guide to searching articles by type or category. Some of the articles have wiki entries which include a synopsis, full bibliographic information, and additional relevant notes.
List of All Articles
You might also wish to consult the list of all articles and use the filtering tool to receive customized search results by type, category, or a free text search term.
Case Studies
The Case Studies page presents a list of selected case studies with short summaries and links to related literature such as news articles and investigative reports.
Selected Syllabi (H2O)
The Suggested Syllabi section uses the H2O platform to feature a selection of playlists for instruction. H2O is a Web-based platform for creating, editing, organizing, consuming, and sharing course materials. Using H2O, professors may freely develop and collate course materials by selecting modules from a wide — and growing — repository and edit those modules to the sections that are most relevant to their particular pedagogy and approach.
How to Use this Wiki
For a full explanation of how to browse the wiki, please consult the Help page.