Upload
angrytx
View
215
Download
0
Embed Size (px)
Citation preview
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
1/19
Defensive Information Warfare 1
Running head: Defensive Information Warfare
Defensive Information Warfare: A review of selected literature
James R Francisco
December 2003
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
2/19
Defensive Information Warfare 2
Abstract
Information warfare is a threat not only to military formations but to the civilian population as
well. Private organizations need to understand the context in which information warfare happens
and be able to defend against attacks when they occur. This article reviews the current literature
about defensive information warfare and suggests some avenues for ongoing research.
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
3/19
Defensive Information Warfare 3
Table of Contents
Defensive Information Warfare: A review of selected literature.................................................... 4
Threats to the Information Infrastructure.................................................................................... 4
National Policy, Law and Ethics................................................................................................. 9
Law and Ethics........................................................................................................................ 9
National Policy...................................................................................................................... 11
Defensive Information Warfare Strategies ............................................................................... 13
Deterrence ............................................................................................................................. 13
Protective Measures .............................................................................................................. 14
Conclusions............................................................................................................................... 15
References..................................................................................................................................... 17
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
4/19
Defensive Information Warfare 4
Defensive Information Warfare: A review of selected literature
In 1991, Martin Van Creveld published The Transformation of War.In that volume, he
proposed a new paradigm for analyzing warfare based on the growth of low-intensity conflicts
around the world.(Creveld, 1991) Recently, Van Creveld published a critique of the article where
he reviewed the differences between his 1991 predictions and the present. In that critique, he
comments that he never considered information warfare as a method.(Creveld, 2002) Defensive
information warfare is the practice of protecting an organizations computer systems against
attack by hostile sources. In this review, the literature discussing defensive information warfare
will be reviewed. The existing literature falls into three broad categories; threats to the
information infrastructure, national policy, and defensive strategies.
Threats to the Information Infrastructure
The information security literature is replete with details of differing methods that a
hostile attacker may choose to attempt to harm an organizations information system. However, it
is helpful to understand the nature and the motivations of the actors who are creating the threats
as well. In early discussions about information warfare, Jensen pointed out that the goals of
information warfare are centered on the concept of the precision strike that paralyzes the enemy
without creating large numbers of casualties among either friendly or hostile forces. (Jensen,
1994)
While assessing the potential threats from an attack on the nations information
infrastructure, Berkowitz raised the idea of sending agents into the country covered as computer
science students who, after gaining the needed skills, would attack the nation from within. (B. D.
Berkowitz, 1995) He has also characterized the advent of information warfare as the dark side:
of the information revolution. Berkowitz reasons that the vulnerabilities that have arisen in the
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
5/19
Defensive Information Warfare 5
military and the private sector relate directly to the spread of information technology. (1995)
Another point that he raises relates to the fragmented nature of the threat from information
warfare. There is no guarantee that different hostile nations, terrorist groups, or criminal gangs
will attack the nations information systems in the same way or at the same entities. Nor will
they limit themselves to military or governmental systems. Civilian information systems are also
high profile targets of information warfare.(B. D. Berkowitz, 1995)
Organizationally, the rise of information technology has provided fruitful ground for the
development of networked organizations sometimes at the expense of traditional forms. (Arquilla
& Ronfeldt, 1999) Arquilla and Ronfeldt argue that this increased ability of networked
organizations to compete with traditional hierarchal organizations represents a departure from
the normal organizational structures used in conflict and crime. In this model, organizations take
on topologies that are familiar to network engineers such as chains and stars. The most
challenging type of organization is what Arquilla and Ronfeldt describe as the all-channel
network where all of the actors interconnect with each other with no identifiable central
leadership. (1999)This type of organization also is the hardest to identify and deal with on a
permanent basis because of the manner in which the organization relies on communications in
order to convey its values and conduct operational planning. One attack mode of networked
organizations in the information systems arena is the swarm where attackers approach a target
from a number of perspectives. This does suggest that when an organization is being attacked in
one manner, such as a distributed denial of service attack, network engineers need to be on guard
for other types of attacks against the system.(Arquilla & Ronfeldt, 1999) This concept of
netwar has been expanded and integrated in to a comprehensive model of the threat
environment for a nation that is under attack from terrorist organizations.(Bunker, 2002)
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
6/19
Defensive Information Warfare 6
The civil information infrastructure has taken on a greater significance in an environment
where an increasing amount of the information that passes between civilian entities is dependent
on that infrastructure. In this environment, attacks on critical points in the economy can be more
harmful to the nation than attacks on military units.(Cobb, 1999) Cobb has identified some areas
of vulnerability that hostile actors could use to attack a nation. The energy industry is a
significant target for hostile attackers. The impact of events like the 2003 regional power grid
failure in the northeast United States point out the potential disruptions to society that a
successful attack could cause. The energy distribution network is increasingly computerized and
Cobb uses examples from Australia to illustrate the ways that attacking a single choke point can
have a devastating impact on the ability of an organization, community, or nation to be able to
respond to attacks against it. (Cobb, 1999) Other industries that are at risk in Cobbs examples
are the telecommunications and finance industries. In each case, Cobb gives examples of
chokepoints in the Australian economy that could be the source of major disruptions to society if
successfully disabled or destroyed.(1999)
The ranks of potential attackers are long and the list seems to grow on a regular basis.
Schwartau describes the situation as being a case of asymmetry between the opposing sides.
(Schwartau, 2000) Nations and other entities, knowing that attempting to compete with the
United States on the physical battlefield have expressly stated their intentions to attack civilian
organizations and infrastructure. Chinese military officers have specifically stated their intent to
attack the financial services industry, transportation, communications systems, and the national
power grid in the case of a major conflict with the United States.(Schwartau, 2000) The Russian
military also takes the threat of information warfare seriously. Schwartau relates that the
Russians consider information warfare as second only to the use of nuclear weapons. The losses
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
7/19
Defensive Information Warfare 7
from information warfare are not limited to damage caused by attacks that shut down systems.
There are ongoing economic losses from theft of information as well. In 2000, the FBI estimated
that the losses to U. S. businesses from online industrial and economic espionage exceeded $300
billion.(Schwartau, 2000)
The threat to businesses from information warfare is not reduced by the dilatory
responses of the United State government to the potential risks. Schwartau describes several laws
that put businesses in the United States at a disadvantage to the rest of the world in the effort to
protect intellectual assets.(Schwartau, 2000) Berkowitz discusses issues with the original
placement of the National Infrastructure Protection Center under the management of the FBI. (B.
Berkowitz, 2000)The core of Berkowitzs argument is based on the difference in traits between
the FBI, which is structured to find and arrest criminals, and the military, which has the purpose
of defeating the nations enemies.(2000) Although several programs have been initiated by the
government to help identify and contain information systems attacks, Berkowitz points out that
they do not have good communications channels with the military commands that have the
capability to respond to the attacks in a forceful manner. He also discusses the ways in which the
government has mishandled relationships with the very information technology companies that
would be the greatest help in creating solutions and systems that would protect both business and
government from hostile cyberattacks. (B. Berkowitz, 2000) Berkowitz does also point out some
of the actions of the software industry that have made information systems vulnerable to attack.
He particularly identifies the conflict between designing systems for ease of use and the need for
secure systems that are secure. (2000)
Other writers have given some attention to what types of strategies hostile organizations
may use against businesses and society. Erbschloe and Vacca write that, the types of
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
8/19
Defensive Information Warfare 8
information warfare that will be most likely waged against large industrial computer-dependent
countries are sustained terrorist information warfare, random terrorist information warfare,
sustained rogue information warfare, random rogue information warfare, and amateur rogue
information warfare.(Erbschloe & Vacca, 2001) These authors categorize rogue attacks as those
mounted by criminal organization as opposed to the terrorist attacks, which may or may not have
state sponsorship and the amateur rogue attacks carried out by individuals.
Perhaps the largest threat to businesses and society is not from the economic damage that
comes from a single large-scale attack that succeeds but from a few small, well-publicized
attacks that undermine the confidence of the public in the systems that are attacked. (B.
Berkowitz & Hahn, 2003) This strategy would not require major destruction, just little
inconveniences for the public from time to time until they became convinced that the systems
were unreliable.
There is some dispute about the nature of the threats facing the nation from information
warfare. Smith points out that with the exception of some large scale virus releases, the scenarios
for attacks outlined by scholars and other writers concerned about information warfare remain
scenarios for discussion.(Smith, 1998) From time to time, the government has been less than
helpful in dealing with building the organizations, systems, and credibility needed to deal with
these threats. In fact, government statements have inflated the number of systems attacked over
the years by a significant margin.(Smith, 1998) Skibell discusses the ways that a mythological
framework has arisen around the hacker and how that has diverted resources away from other
issues of corporate security such as protecting the organizations information system from internal
theft and sabotage.(Skibell, 2002) Having examined the nature of the threats to society from
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
9/19
Defensive Information Warfare 9
information warfare, it is necessary to understand the legal and ethical positions that drive public
policy and constrain the range of possible actions that a firm might take to defend itself.
National Policy, Law and Ethics
The range of responses to external information security threats that are acceptable for
information systems organizations are bounded by law, ethics, and national policy. At a
fundamental level, law and ethics drive national policy.
Law and Ethics
There are ethical issues to consider when developing a strategy to respond to information
warfare attacks against business and private information systems. Arquilla (1998) initiates a
discussion about the nature of information warfare and the application of the principles of just
war in cyberspace. He argues for an interpretation of the use of information warfare that is
similar to the no first use doctrine that the United States adheres to for of weapons of mass
destruction. This philosophical position restricts the range of responses that are available to
lawfully constituted governments even though the author recognizes that the actors in an
information warfare attack may be a terrorist organization or a criminal enterprise not connected
to any established government. (Arquilla, 1998)
Information systems professionals in western nations are also often personally
constrained by the ethical codes of the professional societies to which they belong. Several
elements of the Code of Ethics for the Association for Computing Machinery have an impact on
the responses of ACM members to information warfare. The general moral imperatives of the
code suggest that while participation in offensive information warfare would be unethical,
element 1.2, that says, Avoid harm to others, and section 1.5, respect property rights,
suggests that members may be come involved in protecting the information assets of an
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
10/19
Defensive Information Warfare 10
organization. ("ACM Code of Ethics and Professional Conduct," 1991) Although an ethical
approach may seem to put the organization at a disadvantage with respect to the hostile attackers,
the ethical approach is crucial to maintaining the legitimacy of the organization in the eyes of
third-party observers. The law is also a constraining factor when considering the range of
available responses to an attack.
International law has some specific criteria for an armed response by a nation to a
provocation. This test is known as the Caroline Test based on an incident in New York State in
1837 where British forces crossed from Canada to New York to seize Caroline, a ship that had
been engaged in smuggling weapons into Canada.
The Caroline test calls for three critical elements to coexist in any lawful statesforcible act of self defense: (1) the act in question must be necessary; (2) the use of forceinvolved must be proportionate and not excessive in terms of the means employed; and (3)the timing of the forcible defensive act must leave absolutely no doubt that the given actwas the very last option at hand.(Delibasis, 2002)
Delibasis also suggests that this classic interpretation of international law is supported by Article
51 of the United Nations charter. (2002) However, the language of Article 51 leaves open the
question whether an information warfare attack is an armed attack within the spirit of the article.
This conflict is resolved in article 2(4) of the U. N. Charter which further defines an attack as
both the use of arms and a violation of international law, which involves an exercise of power in
the territorial domain but no use of arms. (Delibasis, 2002) Although the U. N. charter clearly
grants nations the right to assertively defend themselves from electronic attacks through
information systems. There are national laws that influence the ability of organizations to
respond to information warfare attacks.
For the United States government and organizations subject to the laws of the United
States the issue is clearly stated in 18 USC 1030 (a)(5) where most of the activities short of
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
11/19
Defensive Information Warfare 11
actual physical counterstrikes are prohibited by law not only to the civilian population, but the
government as well. One possible offensive response that has been discussed is the idea of a
logic bomb that counterattacks the computer system of the attacker. There is a risk that this kind
of attack may come from the computer of an innocent bystander.(DiCenso, 1999) DiCenso has
expressed a position held in the legal community of the United States Air Force that in at least
the initial phases of the investigation of an attack against an organizational information system,
criminal law procedures should be followed. (1999)
National Policy
The discussion about national policy with respect to information security has grown in
importance with the growth of the internet. Schwartau identified some if the threats and potential
targets for information warfare at an early point in the life of the commercial internet.(Schwartau,
1995) At that time, he also started advocating the development of a national information policy
to structure the activities of organizations defending against information systems attacks. In an
effort to impress the significance of the need for a strong policy, Schwartau portrays several
worst-case scenarios including the wrong hands could extract the most personal information
about the "digital you," not the least of which could be medical, financial, business, legal, and
criminal documentation. An individual could alter his/her own records to eradicate nefarious
histories. Or an individual could alter anyone's electronic documentation for any
reason.(Schwartau, 1995)
The interest of the United States government in defending against penetration attacks of
information systems is a recent development. In 1995, the Department of Defense (DOD) was
discounting the threat posed by the nearly 160,000 successful penetrations of DOD computer
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
12/19
Defensive Information Warfare 12
systems because no highly classified information had been compromised. (Davies, 1999) In
recent years, there has been a change in the thought within DOD on information systems and
security. In 1996 the U. S. Justice department initiated a commission to study the issues and
requirements for a national information security policy.(Munro, 1996) Munro points out that
there is not unanimity in society about the need for or the desirable nature of and information
security policy. There are a number of concerns that are raised in the public debate about
information security. The software development industry is opposed to restrictions on the sale of
encryption software on grounds of lost profit and harm to the international competitive standing
of U.S. software publishers. There are elements of the civil liberties community that are
concerned about intrusions affecting individual privacy. (Munro, 1996) In this environment,
there is a need for the active cooperation of private industry that has been lacking in the past so
that protective efforts in the future can be successful.
The RAND corporation has developed a decision making framework to assist policy
makers properly evaluate the impact of their decisions. (Molander, Wilson, & Mesic, 1998) In
order to provide a common infrastructure and enhance security; the Defense department has
proposed a project Backbone to create a common internet protocol infrastructure and set of
networking strategies for the defense community. (Grasso & DeMarines, 2003)
A number of writers have challenged the policies of the government concerning the
defensive environment. Schwartau questions the legal policies that prohibit businesses from
assertively protecting their assets. (Schwartau, 2000) Welch and other officers at West Point
have observed that defensive warfare does not usually win the day. They have advocated a
change in the policy and the law to allow organizations to engage in active countermeasures
against their attackers. From the law and the published ethical standards of the professional
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
13/19
Defensive Information Warfare 13
computer societies, we will be able to develop strategies and tools to defend against information
systems attacks.
Defensive Information Warfare Strategies
Given the constraints of 18 USC 1030 (a) (5) which prohibits the use of counterstrikes
against entities that attack an organizations computer systems, it is necessary to consider purely
defensive strategies for protecting the information infrastructure. These defensive strategies can
be characterized into two categories; deterrence and protective measures.
Deterrence
The objective of deterrence is to discourage potential hostile attackers from launching an
attack in the first place. At the international level, there are serious discussions about how to
prevent information warfare. Worden and France have proposed a deterrence strategy that
integrates information warfare deterrence with the general strategy of the United States regarding
deterring the use of weapons of mass destruction.(Worden & France, 2001) The prime minister
of Russia has been in discussions with the United Nations to discuss ways to ban information
warfare.(Blank, 2001) This should be taken as an example of how seriously other powers
consider the potential threat to their national infrastructure. Blank discusses how information
warfare is a risk to the concept of deterrence of the use of weapons of mass destruction. He goes
on to suggest that it may not be possible to deter information warfare attacks at the national
policy level because the attacks themselves are oriented at and disable the very monitoring
systems that are critical for that kind of approach to be viable.(Blank, 2001)
Given the problematic nature of attempting to prevent information warfare attacks using
national policy, we can consider systems and software engineering approaches that either stop an
attack from occurring or mitigate any potential damage. One deterrence approach that has been
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
14/19
Defensive Information Warfare 14
suggested is to develop software that prevents computers from being used as the source of an
attack.(Bruschi & Rosti, 2000) This approach envisions the creations of filters that are installed
on computers that will monitor outgoing packets for characteristic types of activity and then
disable the ability to send that traffic. This approach is one that could be implemented by
operating system vendors as a part of a service update or a new release. Bruschi and Rosti have
developed a demonstration system for this concept. It applies packet filtering rules to the
outgoing packets when they are ready to be passed on to the data link layer. The packet flow is
checked against attack signatures of known attacks and blocked when an attack attempt is
detected.(Bruschi & Rosti, 2000) The appeal of this approach is found in the simplicity of the
implementation. The preventive measure is installed with the operating system and potential
attackers have to reconfigure the computer in order to make it useful as a means of attack.(2000)
Protective Measures
Protective measures are things that an organization can do to either block an attack or
recover quickly from an attack. One proposal for protecting database systems is to develop a way
to recover damaged data.(Panda & Giordano, 1998) This approach uses a modified transaction
log to store the record of transactions in a form that can be analyzed and used to recover the data
compromised in the attack. Panda and Giordano have developed paradigm for structuring
defensive activities. Their goals are stated very simply; protect, detect, and react.(Panda &
Giordano, 1999) Panda and Tripathy have taken the recovery of databases a step further by
developing a method for segmenting the transaction logs of a database server to reduce the
amount of time that is needed for detecting and repairing damaged sections of data.(Panda &
Tripathy, 2000) Continuing this work, Panda and Yalmanchili have developed another approach
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
15/19
Defensive Information Warfare 15
to recovery that fuses bad transactions together in the log and facilitates their rapid removal and
the recovery of the data that was damaged in the process.(Panda & Yalamanchili, 2001)
Another approach to defense is to make the individual applications as durable as possible
and rely on the concept of "survival by defense."(Pal, Webber, & Schantz, 2001) The objective
of this approach in the words of the authors is We make a distinction between survival by
protection, which seeks to prevent the attacker from gaining privileges, and survival by defense,
which includes protection but also seeks to frustrate an attacker in case protection falls and the
attacker gains some privileges anyway.(Pal et al., 2001) In this strategy, it is possible to run
applications on untrustworthy systems because the application is secure in and of itself.
The United States Army has taken an interest in defensive strategies due to the
constraints of the law on counter actions against the hostile entity in the information attack. West
Point has developed The Information Analysis and Research (IWAR) laboratory as a tool for
training cadets and other in the techniques of defensive information warfare.(Lathrop, Conti, &
Ragsdale, 2003) This program has been a significant factor in instruction in both information
warfare and information assurance education at the academy. Liu and Zang have developed a
model for analyzing the attacker intent. From a defensive stand point, this type of modeling
allows defenders to tailor their responses to the level of the threat.(Liu & Zang, 2003)
Conclusions
The study of defensive information warfare is s relatively new area for information
technology management scholars. Despite the significant similarities and the reliance on the
body of information security literature for much of the understanding about the specific tasks that
must be done in defending an information system, this is an area that merits ongoing research.
When information managers can place their defensive measures in a context that is supportive of
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
16/19
Defensive Information Warfare 16
national level desires to preserve the technological balance between this nation and its
adversaries, they then can leverage the efforts of others in order to improve their organizations
security.
Opportunities for further research include developing a costing model to quantify the true
costs of security to an organization and further development of defensive measures that can be
installed into the computer at the time of manufacture and protect that that system and older
systems without the upgraded systems.
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
17/19
Defensive Information Warfare 17
References
ACM Code of Ethics and Professional Conduct. (1991). Recovered on 12/10/2003 from
http://www.acm.org.
Arquilla, J. (1998). Can information warfare ever be just?Ethics and Information Technology,
1(3), 203 - 212.
Arquilla, J., & Ronfeldt, D. (1999). The Advent of Netwar: Analytic Background. Studies in
Conflict & Terrorism, 22(3), 193-207.
Berkowitz, B. (2000). Information Warfare: Time to Prepare.Issues in Science & Technology,
17(2), 38-46.
Berkowitz, B., & Hahn, R. W. (2003). Cybersecurity: Who's Watching the Store?Issues in
Science & Technology, 19(3), 55-53.
Berkowitz, B. D. (1995). Warfare in the information age.Issues in Science & Technology, 11(1),
59-67.
Blank, S. (2001). Can Information Warfare Be Deterred?Defense Analysis, 17(2), 121-149.
Bruschi, D., & Rosti, E. (2000).Disarming offense to facilitate defense.Paper presented at the
2000 workshop on New security paradigms, Ballycotton, County Cork, Ireland.
Bunker, R. J. (2002). Battlespace Dynamics, Information Warfare to Netwar, and Bond-
Relationship Targeting. Small Wars & Insurgencies, 13(2), 97-108.
Cobb, A. (1999). Electronic Gallipoli?Australian Journal of International Affairs, 53(2), 133-
150.
Creveld, M. V. (1991). The Transformation of War. New York: Free Press.
Creveld, M. V. (2002). The Transformation of War Revisited. Small Wars & Insurgencies, 13(2),
3-16.
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
18/19
Defensive Information Warfare 18
Davies, P. H. J. (1999). Information Warfare and the Future of the Spy.Information
Communication & Society, 2(2), 115-133.
Delibasis, D. (2002). The Right of States to Use Force in Cyberspace: Defining the Rules of
Engagement.Information & Communications Technology Law, 11(3), 255-269.
DiCenso, D. J. (1999). IW Cyberlaw.Airpower Journal, 13(2), 85-102.
Erbschloe, M., & Vacca, J. R. (2001).Information Warfare: How to Survive Cyber Attacks. New
York, NY: McGraw-Hill.
Grasso, A., & DeMarines, V. A. (2003). From dot-mil to dot-com.Armed Forces Journal
International, 140(5), 32-34.
Jensen, O. E. (1994). Information warfare: Principles of third-wave war.Airpower Journal, 6(4).
Lathrop, S. D., Conti, G. J., & Ragsdale, D. J. (2003). Information warfare in the trenches. In
Security education and critical infrastructures. Norwell, MA: Kluwer Academic
Publishers.
Liu, P., & Zang, W. (2003).Incentive-based modeling and inference of attacker intent, objectives,
and strategies.Paper presented at the 10th ACM conference on Computer and
communication security, Washington D.C., USA.
Molander, R. C., Wilson, P., & Mesic, R. F. (1998). Strategic Information Warfare Rising:
RAND Corporation.
Munro, N. (1996). Sketching a national information warfare defense plan. Communications of
the ACM, 39(11), 15-17.
Pal, P., Webber, F., & Schantz, R. (2001). Survival by defense-enabling.Paper presented at the
Workshop on New security paradigms, Cloudcroft, New Mexico.
8/14/2019 Defensive Information Warfare_A Literature Review.pdf
19/19
Defensive Information Warfare 19
Panda, B., & Giordano, J. (1998).An overview of post information warfare data recovery.Paper
presented at the ACM symposium on Applied Computing, Atlanta, Georgia.
Panda, B., & Giordano, J. (1999). Defensive information warfare. Communications of the ACM,
42(7), 30-32.
Panda, B., & Tripathy, S. (2000).Data dependency based logging for defensive information
warfare.Paper presented at the Symposium on Applied Computing, Como, Italy.
Panda, B., & Yalamanchili, R. (2001). Transaction Fusion in the Wake of Information Warfare.
Paper presented at the ACM symposium on Applied computing, Las Vegas, Nevada.
Schwartau, W. (1995).Information Warfare: Chaos on the Electronic Superhighway: Avalon
Publishing Group.
Schwartau, W. (2000). Asymmetrical Adversaries. Orbis, 44(2), 197-206.
Skibell, R. (2002). The Myth of the Computer Hacker.Information Communication & Society,
5(3), 336-356.
Smith, G. (1998). An electronic Pearl Harbor? Not likely.Issues in Science & Technology, 15(1),
68-73.
Worden, S. P., & France, M. E. B. (2001). Towards an Evolving Deterrence Strategy: Space and
Information Dominance. Comparative Strategy, 20(5), 453-466.