|
|
| (5 intermediate revisions by 3 users not shown) |
| Line 1: |
Line 1: |
| {{TOCright}}
| | __NOTOC__ |
|
| |
|
| ==Start at the [[Table of Contents]]== | | {|align="center" style="text-align:center; background-color:white" class="wikitable" width="100%" |
| | | !colspan="5"|Navigation |
| To get started immediately, visit the '''[[Table of Contents]]''' and click on a topic of interest.
| | |-align="center" valign="bottom" |
| | |style="width: 20%"|[[File:toc_icon.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Table_of_Contents]]<br><b>Table of Contents</b> |
| | |style="width: 20%"|[[File:All_articles3.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Cybersecurity_Annotated_Bibliography]]<br><b>List of All Articles</b> |
| | |style="width: 20%"|[[File:case_studies.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Category:Case_Studies]]<br><b>Case Studies</b> |
| | |style="width: 20%"|[[File:h2o_icon.svg|105x105px|link=http://h2odev.law.harvard.edu/playlists/633]]<br><b>Suggested Syllabi (H2O)</b> |
| | |style="width: 20%"|[[File:Help_icon4.svg|105x105px|link=http://cyber.law.harvard.edu/cybersecurity/Help]]<br><b>How to Use this Wiki</b> |
| | |} |
|
| |
|
| ==Introduction== | | ==Introduction== |
| | This Cybersecurity wiki provides a set of evolving resources on [[Cybersecurity_Overview|cybersecurity, broadly defined]], and includes an '''[[Cybersecurity_Annotated_Bibliography|annotated list]]''' of relevant articles and literature, which can be searched in a number of ways. Please [[#Navigation|see below]]. It is intended as a tool/resource for researchers, technologists, students, policy-makers and others who are interested in cybersecurity issues more broadly. For more information about this first phase of the project, including the team, methodology, and opportunities to contribute, please see [[About|About the Project]]. |
|
| |
|
| This Cybersecurity wiki provides a set of evolving resources on cybersecurity, broadly defined, and includes an '''[[Table of Contents | annotated list]]''' of relevant articles and literature, which can be searched in a number of ways. Please see below.
| | If you have feedback, comments, or suggested additional readings/resources, please contact: [mailto:cybersecurity-feedback@cyber.law.harvard.edu cybersecurity-feedback@cyber.law.harvard.edu].<br> |
| | |
| This wiki is intended as a tool/resource for researchers, technologists, students, policy-makers and others who are interested in cybersecurity issues more broadly. For more information about this first phase of the project, please see [http://cyber.law.harvard.edu/cybersecurity/Main_Page#About_the_Project About the Project].
| |
| | |
| ==Cybersecurity Overview==
| |
| | |
| The term “Cybersecurity” encompasses a range of issues from [[Cybercrime]] to [[Cyberwar]]. These in turn embrace a diverse set of activities and interests.
| |
| | |
| Cybercrime, for example, can refer to a lone [[Keyword_Index_and_Glossary_of_Core_Ideas#Hacker | hacker]] breaking into a single computer or to an [[Keyword_Index_and_Glossary_of_Core_Ideas#Organized_Crime | organized network of computer criminals]] collecting thousands or millions of [[Keyword_Index_and_Glossary_of_Core_Ideas#Credit_Card_Fraud | credit card numbers]] and/or [[Keyword_Index_and_Glossary_of_Core_Ideas#Identity_Fraud.2FTheft | personal information records]] from multiple poorly protected corporate sources. Responses to cybercrime range from offering [[Incentives | incentives]] to individuals, manufacturers and/or corporations to protect against [[Keyword_Index_and_Glossary_of_Core_Ideas#Malware | malware]] and [[Keyword_Index_and_Glossary_of_Core_Ideas#Botnet | botnet attacks]] to decisions about [[Insurance | insurance]] and [[Risk_Management_and_Investment | risk management]].
| |
| | |
| [[Cyberwar| Cyberwarfare]] includes covert [[Espionage | espionage]] attacks against secure systems to collect sensitive [[Keyword_Index_and_Glossary_of_Core_Ideas#National_Security | national security]] information, distributed attacks against the [[Private_Critical_Infrastructure | civilian infrastructure]] to cause widespread failures of [[Electricity, Oil and Natural Gas | energy]] and/or [[Communications | communication systems]] or targeted attacks against [[Government_Networks_(.gov) | military targets]] with the intent to render offensive and defensive systems inoperable or to take control of systems with the ability to deliver [[Keyword_Index_and_Glossary_of_Core_Ideas#Kinetic_Attack | kinetic attacks]]. These attacks all create complicated questions of [[Attribution | attribution]] and [[International Law (including Laws of War) | law]], as the normal [[Keyword_Index_and_Glossary_of_Core_Ideas#Laws_of_War | laws of war]] are of questionable value when applied to threats delivered domestically from a anonymous source in a distant location. In addition, [[Deterrence| deterrence]], offensive actions and defensive response often become blurred in the cyber realm, requiring a fresh look at what policies such as “no first strike” mean in cyberspace.
| |
| | |
| Solutions to these problems will involve addressing questions of [[Economics_of_Cybersecurity | economics]], incentives, [[Regulation/Liability |law, legislation]], politics, [[Public-Private_Cooperation | government-private cooperation]] and [[International_Cooperation |international diplomacy]]. Government, industry, the military and the public must all play a role in deciding [[Keyword_Index_and_Glossary_of_Core_Ideas#Cyber_Security_as_a_Public_Good | how much cybersecurity is needed]] and who will pay for it. These stakeholders must also address the tradeoffs between [[Privacy | privacy]] and security that often arise in addressing cyber threats. Finally, there needs to be a way to [[Metrics | measure the threat]] and the protections put in place so that the players can make intelligent choices in allocating scare resources.
| |
| | |
| ==Key Resources - How to Use this Wiki==
| |
| | |
| ===Navigating Through the [[Table of Contents]]===
| |
| Because this bibliography encompasses such a wide range of cybersecurity issues, the most direct way to get started is to look through the detailed '''[[Table of Contents]]''' and select '''Specific Issues or Themes''' of interest. For example, [[Cybercrime | Cybercrime]] or [[Financial Institutions and Networks |Financial Institutions and Networks]]. At the top of each topic page within the Table of Contents is a "bread crumb" trail showing the path through the Table of Contents to that page. This trail not only shows you how the current page topic fits into the overall structure of the bibliography, each level in this trail is individually selectable allowing you to move up one or more levels to broaden your search. For example, if you are looking at the ''[[Table of Contents | TOC->]][[Issues | Issues->]][[Economics of Cybersecurity | Economics of Cybersecurity->]][[Incentives]]'' page, you can click on the [[Issues | Issues->]] link to see references addressing all the cybersecurity Issues topics.
| |
| | |
| At the bottom of each topic page is a list of subcategories leading deeper into the Table of Contents from the current topic. This allows you to drill down to pages with greater specificity. For example, if the current page is ''[[Table of Contents | TOC->]][[Issues | Issues->]][[Economics of Cybersecurity | Economics of Cybersecurity->]]'' (shown in the bread crumb trail at the top of the page), the bottom of the page will offer links to the five subcategories of the '''Economics of Cybersecurity''' including:
| |
| | |
| *''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Risk Management and Investment]]''
| |
| *''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Incentives]]''
| |
| *''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Insurance]]''
| |
| *''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Behavioral Economics]]''
| |
| *''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Market Failure]]''
| |
| | |
| ===Choose a [[Broad Topics | Broad Topic Area]] to Explore===
| |
| If you are interested in beginning with a broad topic area, however, you might choose to start your search from one of the '''[[Broad Topics]]'''. This allows you to search within the broad categories of '''[[Overview]]''', '''[[Resource by Type]]''', '''[[Threats_and_Actors | Threats and Actors]]''', '''[[Issues | Issues]]''', and '''[[Approaches | Approaches]]'''. | |
| | |
| ===Select an [[Overview | Overview Document]]===
| |
| Alternately, you can access one of the '''[[Overview]]''' readings or one of the selected readings that we've summarized by
| |
| '''[[Resource by Type | Resource Type]]''', which includes '''[[Government Reports and Documents]]''', '''[[Independent Reports]]''', '''[[Industry Reports]]''' and '''[[Books]]'''.
| |
| | |
| ===Access the [[Keyword Index and Glossary of Core Ideas | Keyword Index]]===
| |
| For a more targeted review by '''Key Word''', please review our '''[[Keyword Index and Glossary of Core Ideas]]''', which will enable you to search definitions and references related to specific terms, from [[Keyword_Index_and_Glossary_of_Core_Ideas#Air-Gapped_Network| Air-Gapped Network]] to [[Keyword_Index_and_Glossary_of_Core_Ideas#Zero-Day_Exploit | Zero-Day Exploit]].
| |
| | |
| ===See a [[Cybersecurity Annotated Bibliography| List of All Articles]]===
| |
| An alphabetized '''List of All Articles''' in the bibliography is available in the '''[[Cybersecurity Annotated Bibliography]]'''.
| |
| | |
| ===Export References in Standard BibTex Format===
| |
| References may also be accessed and exported in a standard bibliographic format ([http://www.bibtex.org/ BibTeX]) here: '''[http://cyber.law.harvard.edu/cybersecurity/Special:Bibliography Bibliography]'''.
| |
| | |
| ==Ongoing Work==
| |
| | |
| '''A Note on Methodology''': The materials featured in this wiki are just a starting point for our inquiry; the collected articles are dated through 2011. They were selected as foundational documents on the recommendation of select researchers, and we look forward to building upon them with more recent publications. During the next phase of the project, experts, policy-makers, academics, and others will be asked to review and evaluate the current collection and make recommendations for additional resources to include. We have also included a list of suggested materials for review and possible inclusion in the next phase of the project.
| |
| | |
| Additional articles for consideration are listed here: [[Suggested References to Add to Wiki]]
| |
| | |
| ==About the Project==
| |
| | |
| The development of this wiki is supported by the [http://minerva.dtic.mil/ Minerva Initiative].
| |
| | |
| The resources have been assembled by a team at the [http://cyber.law.harvard.edu/ Berkman Center for Internet & Society], under the guidance of [http://cyber.law.harvard.edu/people/jgoldsmith Jack Goldsmith]. Please see [http://www.lawfareblog.com/ Jack's blog] for up-to-date coverage of national security and cybersecurity news, issues, and analysis.
| |
| | |
| Contributors include: [http://cyber.law.harvard.edu/people/dabrams David Abrams], Jacob Albert, [http://cyber.law.harvard.edu/people/ugasser Urs Gasser], Shane Matthews, Caroline Nolan, David O'Brien, and Felix Treguer.
| |
| | |
| If you have feedback, comments, or suggested additional readings/resources, please contact: [[cybersecurity-feedback@cyber.law.harvard.edu]].
| |
| | |
| Please note that the wiki is currently closed to external editors as we finalize the content and underlying structure of the Literature Review. During Spring-Summer of 2012, we will provide additional opportunities for users to weigh in, contribute to, and comment on the wiki content. We will also update the initial collection of articles with more recent writings, and based on feedback and recommendations from external reviewers and others.
| |
|
| |
|
| ==Templates and Wiki Tools==
| | Prior to suggesting material for inclusion in the wiki, please consult the [[Submitting Feedback]] page. |
|
| |
|
| [[Adding a Reference | How to Add a New Reference to this Wiki]] | | ==Navigation== |
| | ===Table of Contents=== |
| | The quickest way to get started is by using the [[Table of Contents]] as a guide to searching articles by type or category. Some of the articles have wiki entries which include a synopsis, full bibliographic information, and additional relevant notes. |
|
| |
|
| [[TemplateForSources | Template for Sources]] | | ===List of All Articles=== |
| | You might also wish to consult the [[Cybersecurity Annotated Bibliography|list of all articles]] and use the [[Help#How_to_Use_the_Filter|filtering tool]] to receive customized search results by type, category, or a free text search term. |
|
| |
|
| [[Guidelines for adding Bibliography entries]] | | ===Case Studies=== |
| | The [[:Category:Case Studies|Case Studies]] page presents a list of selected case studies with short summaries and links to related literature such as news articles and investigative reports. |
|
| |
|
| [[List of Keyword links to copy into reference pages | Keyword Links]] | | ===Selected Syllabi (H2O)=== |
| | The [http://h2odev.law.harvard.edu/playlists/633 Suggested Syllabi] section uses the [http://cyber.law.harvard.edu/research/h2o H2O] platform to feature a selection of playlists for instruction. H2O is a Web-based platform for creating, editing, organizing, consuming, and sharing course materials. Using [http://cyber.law.harvard.edu/research/h2o H2O], professors may freely develop and collate course materials by selecting modules from a wide — and growing — repository and edit those modules to the sections that are most relevant to their particular pedagogy and approach. |
|
| |
|
| Wiki [http://meta.wikimedia.org/wiki/Help:Contents User's Guide] | | ===How to Use this Wiki=== |
| | For a full explanation of how to browse the wiki, please consult the [[Help]] page. |
| Navigation
|
Table of Contents
|
List of All Articles
|
Case Studies
|
Suggested Syllabi (H2O)
|
How to Use this Wiki
|
Introduction
This Cybersecurity wiki provides a set of evolving resources on cybersecurity, broadly defined, and includes an annotated list of relevant articles and literature, which can be searched in a number of ways. Please see below. It is intended as a tool/resource for researchers, technologists, students, policy-makers and others who are interested in cybersecurity issues more broadly. For more information about this first phase of the project, including the team, methodology, and opportunities to contribute, please see About the Project.
If you have feedback, comments, or suggested additional readings/resources, please contact: cybersecurity-feedback@cyber.law.harvard.edu.
Prior to suggesting material for inclusion in the wiki, please consult the Submitting Feedback page.
Navigation
Table of Contents
The quickest way to get started is by using the Table of Contents as a guide to searching articles by type or category. Some of the articles have wiki entries which include a synopsis, full bibliographic information, and additional relevant notes.
List of All Articles
You might also wish to consult the list of all articles and use the filtering tool to receive customized search results by type, category, or a free text search term.
Case Studies
The Case Studies page presents a list of selected case studies with short summaries and links to related literature such as news articles and investigative reports.
Selected Syllabi (H2O)
The Suggested Syllabi section uses the H2O platform to feature a selection of playlists for instruction. H2O is a Web-based platform for creating, editing, organizing, consuming, and sharing course materials. Using H2O, professors may freely develop and collate course materials by selecting modules from a wide — and growing — repository and edit those modules to the sections that are most relevant to their particular pedagogy and approach.
How to Use this Wiki
For a full explanation of how to browse the wiki, please consult the Help page.