Is It Possible to Make People Accept Network Prevention as a Paradigm of Global Safety System? 

(Information Security Scope)

 

Ronald E. LAPORTE a, Andrey TRUFANOV b

a University of Pittsburgh, Pittsburgh, PA, USA

b Irkutsk State Technical University, Irkutsk, RF

 

Abstract.  Global Health Network- Supercourse   has been assessed as the specimen of new phase of Information   Society. Having begun as a university course to prevent infection diseases it may be considered as a new paradigm  to reorganize all the global safety system. The  difficulties which impede realization of the idea and implementation of the latter are analyzed from Information Security Scope: meeting to 7 principles  of InfoSec system building; dispelling myths ; implementing codes of practice described in ISO 17799. Interdisciplinary triangle of Information Security, Library Sciences and Law is proposed  to promote Network Prevention  idea to Global scale. 

 

Keywords. Network Prevention, New Paradigm, Global Safety System, Information Security Scope

 

Introduction

 

Modern Life , Modern Information Society remains vulnerable to conventional and contemporary threats. Old and new diseases jeopardize our lives. Earthquakes and hurricanes severely damages all living infrastructures,  Terrorists attack innocent citizens. Otherwise History has had a series of examples when new knowledge and technologies applied successfully to overcome natural an man-made disasters ( .invention of penicillin, tomography , satellite monitoring of the weather ).In the new Society of Information the source of ICT to elaborate new safety schemes is not exhausted. Computers,  nets of computers, the Internet, e-mail, WWW, and mobiles we may define as the contents of  the first phase of Information Society or Knowledge Society. That times were characterized primarily by  pier to pier ( P2P ) – plane as a plate, saucer, shallow pan or plash -connection and communication within thin isolated social layer  .

It is fair to say that we live in the next phase that comprises such processes as e- business, e-government and e- management, remote e-working that involves bulk masses (mostly of the same country ) into the information interactions :    within one discipline ( one silo ).  It is of some sense to dramatize that with stove pipe ( vertical ) data exchange.  As a rule the exchange is well structured  and mainly hierarchically . That reflects hierarchy of management and the structure of material, financial and information flows . That reflects hierarchy of consciousness or hierarchical attitude as well.

 

1. Comprehensive Global  Interdisciplinary Information Exchange

 

However , a comprehensive World Society interactions take place when it concerns not specific sectors but all the individuals which become equal on the Earth while counteracting natural or artificial disasters. Global Health Network- Supercourse  [1] which has been created at the Disease Monitoring and Telecommications WHO Collaborating Center, University of Pittsburgh since  90-s of last century  should be assessed as the specimen of coming phase of Knowledge  Society. Having begun as a university course to prevent infection diseases it may be considered as a new paradigm  to reorganize all the global safety system. It implies Interdisciplinary and International – Interdisciplinary and International – cross – silos : multi-dimension comprehensive Global  information exchange .  A comprehensive  Global  interactions are defined clearly when all the individuals become equal on the Earth while counteracting natural or artificial disasters. High priority Industries and disciplines which are most “critical” in terms of national-level public health and safety, governance, economic and national security, and public confidence we identify as critical  infrastructures.

The National Strategy for Homeland Security in the US categorizes critical infrastructures into the following sectors [2]: Agriculture, Food, Water, Public Health ( PH) , Emergency Services, Government, Defense Industrial Base, Information and Telecommunications, Energy, Transportation, Banking and Finance, Chemical Industry and Hazardous Materials, Postal and Shipping. It is obvious why PH is in this list :  Public health is the basis for all economic development for in its absence, there is no opportunity to focus on productive steps to improve the quality of life for a population.

Diverse disciplines needs protection against accidents and emergencies  through preventing and  responding threats  and recovering consequences.

Accidents and emergencies may be caused by diverse threats: natural disasters, technical failures , personnel errors , and adversary  attacks .

The history observe 2  crucial events- watersheds in times of Information Society  which made mankind accept new paradigms of being. The first one  was on  attitude to computers  when PCs had been invented. The second one was on dissemination of Computer Nets  when WWW had  been proposed and promoted P2P and stove-pipe one silos information exchange. .Is the creation of the Supercouse  the third one  on  Networking ?  The question might be differentiated to the following ones :

Is it enough to have national  Department of Homeland Security which is responsible for preventing and responding to terrorist threats? Why networking ? Who will manage Networking ?  Is there any threat that someone will take any Global Network ( similar to SC) as an instrument to reach his or her  own prosperity and welfare ? Is SC to be a nuclei  of a new paradigm for a new civilization  ?

Some characters of Networking  will be useful to clarify the answers.

Networking contemplates : effective, reliable and fruitful information exchange  between  diverse disciplines ( interdisciplinary Networking) , diverse management level ( inter-level Networking) and through over the world ( international Networking ).

Conventional Networking: Reliable and Target Corporative P2P information exchange .

Interdisciplinary Networking:  Implementation of Experience of  Nuclear Industry, Information Security, Supercourse.

Inter-level Networking: Government to Citizen, Government to Business, Business to Citizen  information exchange to solve prevention tasks more accurately and in time.

International Networking : Implementation of experience of excellence , that other nations have.

What is for and what is against Networking on International Stage.

The Pluses for implementation Networking may be listed as : Restructuring of the National Economy, Modern ICT, Current European and the US experience , Educated Personnel. Educated and egg-headed people which are not in exact line in present hierarchical management and social structures ( even some advanced in many respects but social losers) might be in the first  echelon of  Networking Era  partisans with its cross – silos  : multi-dimension comprehensive Global  information exchange. 

There are a lot of difficulties (Minuses) which impede realization of the idea and implementation of the latter.  Bureaucracy  and  inertia are barriers to change hierarchical attitude and set entity to entity relational connections through over the world. Psychologically those who occupy positions within current silo with stove pipe style of information exchange are not for reconstruction information flows. .Naturally not any information might be include into the System as National interests dictate. But if this direct access to information of Network Prevention System similar to Supercource  is forbidden it will be a nonsense.

In National environment is very problematic to make work the theoretical networking schemes  because of  set of threats and obstacles.  It is not technological problem it is a social one. For modern Russia it deems reasonable to concentrate on the next barriers to moving up : Anti- networking - separation  of societies that   created intentionally;Execution of natural networking foundation - changing economy; Management scheme based on family- friend interest structure.

We are striving for demonstration that Supercourse is to be a  nuclei of a new paradigm  to reorganize all the global safety system

But why Global Health Network- Supercourse which has been created since  90-s of last century at Disease Monitoring and Telecommications WHO Collaborating Center, University of Pittsburgh and having begun as a university course to prevent infection diseases   should be assessed as key step in reorganizing all the global safety system. ? The Supercourse infrastructure is simple ,  effective  and trustworthy. 

A rough  estimation gives that the Supercourse trained 300,000-1,000,000 students. Supercourse2, which is the next generation will help people accept SC a new paradigm of global safety system through : facilitating collaboration and cooperation; improving global health which has to be effective, cheap, ubiquitous, and very user friendly. The new Supercourse2 will contemplate : multidisciplinary distributed collaboration to have better systems for collaboration and information sharing; state of the art technologies to build up the Supercourse in both the numbers of Public Health participants and ease-of-use.  An organizational tool which is named Center of Excellence in Public Health Informatics will inspire greatly as it is planned to include:

-  creation of a system for creating, storing, accessing, integrating and manipulating information at various aggregate levels.  This Extensible Public Health Information Collaboratory (EPIC) will allow synchronous and asynchronous collaboration among Public Health educators and will provide an information infrastructure to reflect the knowledge and sophistication of the user, will create an environment that bridges cultural and linguistic boundaries, and will link geographic information systems to public health needs. 

A digital library will bring sharing information across the public health silos.

We might confess , however that the Center of Excellence implies more technological ( even on linguistics)  than social aspects.Even if some persons or group are persuaded partisans of the idea it is necessary to make people accept the new paradigm of Networking.

Additionally  we propose to analyze the  difficulties which impede realization of the idea and implementation of the latter from Information Security ( InfoSec) Scope.

 

2. InfoSec Scope to make people accept the New Paradigm of Networking   

 

Naturally Networking must be secure. It is widely accepted that the "security have a value that can be broken down into three major attributes: confidentiality, integrity, and availability , see for example [3] .  Information must be readily available to those authorized to access it (availability), inaccessible to all not authorized to access it (confidentiality), and protected from destruction and/or unauthorized alteration of any kind (integrity). The system must meet the next 7 principles – of InfoSec System building : Taking into account all possible and interconnecting threats, Continuity, Complexity, Optimization , Flexibility, Simplicity, Openness .

Taking into account all possible and interconnecting threats .

On the way to implement Supercourse into the Global society the team will encounter threats which are different to those of thorough  academic spheres.

Threats that are initiated by diverse information security contradictions as those for Big and Small Corporations, for Military and Universities should be taken into account

Internal Threats are brought by a wide variety of individuals including researchers, practitioners, government officials, academics, military personnel and corporate leaders.  Each member of these groups has a different set of priorities, a different set of physical and technological resources, and a different set of educational and information needs, and codes of security practice . 

In current Russia some groups have advantage in their positions by means of separation and anti-Networking.  As Customs have their taxes on the Frontiers So the frontier is to be defended by the “custom “group. Thus network partisans may observe psychological , legislative or contesting, even adversary barriers for information retrieval an information dissemination as well.

Continuity

Networking similar to InfoSec process  is not a single and isolated action – it is a continuous and aimed one.The idea of Updating of the SC by contacting each of the authors of the lectures every two years and asking  them for the updated versions of their best lectures matches this very principle. The problem of constant contacting is not technological only but psychological as well. It is of some sense to note : Renovation of a system makes that vulnerable.

Complexity

Complexity implies that all instruments from diverse disciplines must be applied. to build the system.  We may assess as  reasonable the next  Principal Channels of making people accept Network prevention as a new paradigm : Discipline of Prevention; ICT( including TV and PR ); Information Security; Law; Library Sciences.

The next first steps we name crucial and essential to apply Infosecurity Scope: dispelling myths ; implementing codes of practice described in ISO 17799.

To make myths be gone those might be listed .

Myth 1 : Networking in Academic Society is on appropriate stage

Actually academic society needs needs networking as well as in any other discipline. The Supercourse is not a sole production on Neworking , but there not so many.  The Legal Framework for the Information Society (LEFIS)  [4] demonstrates  academic approach to cross disciplinary networking. Supported by the European Union as Thematic Network,  LEFIS is rather exemption than a rule in academic sphere and its experience  might be thoroughly learned to farther dissemination.

Myth 2: Networking policy is a technical issue.

Policies in Networking are not technical manuals. Networking is about people

Myth 3: If you build it, they will come.

Right after you post the new Networking policy in the Internet, you notice all the users can think about is the extra work you have proposed to them. The process of writing policy is a group activity.

Codes of practice if follow ISO 17799  [5] comprises the next items.

1. Terms and Definitions

The challenge to specialists of diverse disciplines is to design and develop effective means for collecting, representing, storing, retrieving, and disseminating relevant and useful information. This is especially true in any critical domain as Public Health , accurate and useful information retrieved and delivered in the right form or mode at the right time and location to the right people can mean the difference between life and death. So it is of special value to work on  Multilanguage Glossary of terms and definitions. From its origin the Supercourse has been developed as Multilanguage tool

2. Implementation and Security Policy 

One of the principal questions on InfoSec asks:  whose proprietary is the Information Resources and Processes . Classic answer may one among : Individual , Corporation, or Government.In some more complicated cases we observe collaborative project,  and so individuals, corporations, governments try to defend their interests in the project. Eternal problem of balance between Secrecy and Openness as the result of contradictions between proprietaries  we see when universities, industries and government interact.

3 Organizational Implementation and Security

Bringing users into the loop early makes them stakeholders in the policy and ambassadors to the rest of the networking sector . Peers who believe in the need for SC carry a lot more weight with users than the "professional paranoids" of SC. It is clear Public Relations in academic and research fields differ from those of Politics and Trade but is of value as well.

4. Asset Classification  and Control

All major information assets should be accounted for and have a nominated owner.

Accountability for assets helps to ensure that appropriate  trustworthy and integrity is maintained. Modern librarian technologies applies contemporary ICT and have tools to  identify the owners for all major assets 

5.  Personnel Implementation and Security 

It makes a great difference which people are engaged in the process. If it is another team no doubt the Supercourse will be developed otherwise. As far as Thematic Network,  LEFIS, is concerned , no doubt any other coordinator than Prof. Fernanado Galindo leads that different way. Peers and users makes difference as well.

As Russia is big and diverse , it is a good specimen to check the Global System of the Supercourse .

Also other items of the ISO 17799 : physical and environmental implementation and security; communications and operations management; access control; systems development and maintenance; business continuity management; compliance (on implementation and security); are of value to promote to cross-silo Networking on Global Scale.

Personalization and real-time adaptation of the Network may be considered as an essential issue to Make People Accept Network Prevention as a Paradigm. A personalized (or adaptive) system builds a model of the goals, preferences and knowledge of each individual user, and uses this model to guide interaction with the user.  Not only the system should be adaptive but users are to be prepared also: moving to meet each other.  A personalized system  helps to make users think collaboratively, to attract them into collaborative activity. It is of some sense to seek for people who are ready to accept the SC and Network Prevention Paradigm. While Personalization and real-time adaptation not only users but adversaries as well  should be taken into account.

To be a trustworthy entity the Network Prevention must be secured itself . 

Additionally Security Provision of a Network Prevention supposes : Form it Attractive for Societies and enforce that by Law instruments; Neutralize Adversaries; Implement Aggressive Dissemination. These correspond the Principal Channels of making people accept Network prevention as a new paradigm such as  : Discipline of Prevention; ICT( including TV and PR ); Information Security; Law; Library Sciences.

 

Summary

 

Information Security Techniques with their great ISO17799 ideology will help Networking  to formulate Information Policy, to clarify threats and barriers, to name adversaries and competitors, to provide continuity. Librarian Sciences and Technologies will support dissemination of information severely and give it a solid base. 

 

References

 

[1]    http://www.pitt.edu/~super1/.

[2]    The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets February,      

        2003.

[3]    http://www.itillious.com/insight/articles/value_vs_threat.html

[4]    http://www.lefis.org/index.htm.en.

[5]    Information technology — Code of practice for information security management. Technologies de   

l'information — Code de pratique pour la gestion de sécurité d'information. International Standard   

ISO/IEC 17799. First edition 2000-12-01. Reference number ISO/IEC 17799:2000(E).