A Newsletter Enabling Information Technologies by the IRMC IT Department


Spring 1997

- What’s Inside -

GroupTrek: The Next Generation - Look at the next generation of computing interfaces for working together.

Faculty Focus - Visit with Professor Paul Flanagan, a key member of the IT Department.

From the Internet - Check out some interesting statistics about our global village.

Java’s Brewing - Learn about the latest developments on this new object-oriented language.

A Quick Guide to System Dynamics - Here is the latest information about a dynamic technology.

Acronymania Quiz! - Have fun with techie acronyms.

Technology Updates - Here are the recent changes to IRMC's IT infrastructure.

A New Perspective in Addressing Software Threats - Security... throughout the entire software life cycle.

The Year 2000 Countdown Continues... - Learn more about this timely issue.

 

GroupTrek: The Next Generation

 avatar n. Hindu Mythology. the descent of a deity to the earth in an incarnate form or some manifest shape.  

Earth to Avatars, the first annual Contact Consortium Conference on Contact, Culture and Community in Digital Space, was held on October 26 and 27, 1996 in San Francisco. This conference was attended largely by young people with colored hair and strange clothing. Most of these same people have graduate degrees in computer science from schools such as Carnegie Mellon and Stanford, and are employed by companies with names like Silicon Graphics, Microsoft, Sony, and Netscape. What are these individuals doing at this and other similar conferences such as VRML 97? (VRML - Virtual Reality Modeling Language) Simple. They are creating the next generation of computing interface for working together.

What is this new interface for working together? It is populated with entities such as universal avatars, living worlds, universal objects and 3D widgets. Likely what identifies the next generation the most is the concept of being and meeting inside the computer, not outside it as we exist today with monitors, keyboards, mice, windows and videoteleconferencing. What does being inside the computer mean? The following is a scenario that describes it utilizing technology that exists today, although not yet integrated.

It is 9:00 am and time for the daily project meeting. You pull your lightweight I-O Glasses out of your case. These glasses have miniature monitors built into them and a radio wave device for sending and receiving signals. You also pull your PowerGlove out of your desk and put it on your hand. Through the glasses you see a control panel with buttons and gauges. You raise your glove and with a flick of your finger you press a VCR-like button that says Record. You then press another button that says Conference Room. Suddenly you are transported into a room that appears similar to a typical conference room.

Everything in the room is three dimensional. As you look around other people begin to "pop in." The other participants in your conference are physically located in such diverse locations as New York, Los Angeles and London. But you are all "meeting" in virtual reality through a Sony Community Place Internet server located in Kansas. The images or avatars of the other people you see were all originally captured using Cyberware’s WB4 infrared digital scanning machine - basically a 3D camera. The images were converted using a Silicon Graphics O2 workstation into the new Universal Avatar format.

The digital representations of the participant’s avatars are downloaded into your computer memory at the start of the meeting. The facial expressions and mouth movements you see are all computed and displayed using Digital’s DECFace add-in. This software interprets the participant’s real time voice input and utilizes the physiology of the human skull and its tissues to provide the "true to form" illusion of a talking head. Using the Universal Object standard, you pass a piece of virtual paper containing the agenda around to the others in the room.

The meeting commences. A discussion arises around whether the latest 3D Widget has a RK v. 2 option. As you watch, Jim from LA drops the widget onto the center of the table and pulls up its option menu. No, there only appears to be a RK v. 1 capability. Make a note to have the programmer’s build in RK v. 2. Jim starts up the widget and everyone laughs as the device zooms around the room. The meeting proceeds for an hour and then as quickly as they came, the participants pop out. You again bring up the control panel in your I-O Glasses and press the Stop button. You take off the glasses and sit back. Ahhh, now it’s time for a coffee break.

Sounds like science fiction? It’s not. You can see for yourself what already exists. Using Netscape go to http://www.onlive.com and download the Onlive browser. Follow the Onlive instructions to install it on your computer. You will need to plug a microphone into your sound card to talk with the others in the virtual reality space. This software acts as your interface to the Onlive "Living Worlds."

Living Worlds is a new extension to current standards for Virtual Reality on the Internet. It is sometimes referred to as VRML 3.0. VRML 1.0 was the standard that created a common format for physical, static worlds such as buildings that you could explore. VRML 2.0 added standards for Moving Worlds - the ability to see and interact with moving objects such as cars. Now 3.0 will add standards for universal avatars - a physical likeness (or un-likeness as you prefer) of yourself that can move among and be seen within all the thousands of virtual reality worlds out on the internet. Onlive now has living worlds where you can go visit others in a sports bar or in a gambling casino. Now you won’t need to travel to Las Vegas to participate in the action of sitting around a table playing blackjack with others. You can now lose your money while sitting at home.

“The desktop computer to me, at least since 1968, has been a passing phase. It’s not an aberration, but it’s like Guttenberg in that you invent something new, but you don’t know what it is, so you put it in the old case. Aldus [Mantius] is my hero. He’s the guy who wanted books that could fit into saddlebags, so he was forced not only to change the size of the book, but to also invent a lot of modern typography in order to make the books legible.” (Alan Kay, Byte, Feb. 1991)

- John Saunders

IT Faculty Profile: Paul Flanagan

Background: Born and raised in Petersburg, VA. Attended Richard Bland College, Virginia Commonwealth University, University of Maryland, Nova Southeastern University.

MBTI: INTJ

Employed at Richmond Regional Planning, Prince George's County Maryland, and U.S. Army Military Personnel Center.

Areas of expertise: Software Development, Expert Systems, Speech Recognition, Natural Language Processing, and hopefully soon Information Security.

What I like most about IT: The utility, when IT solves a problem it is most satisfying.

What I like least about IT: Many otherwise bright people are uncomfortable around IT and this inhibits new IT ideas and solutions.

If I was a technology, the type of technology I would be: A fifth generation language that captures the promise of JAVA and VRML. I would like this language to be useful in creating Educational Worlds so people (mostly kids) could learn "how to learn" as well as "content". This is so saccharin.


From the Internet...

If we could shrink the Earth's population to a village of precisely 100 people with all existing human ratios remaining the same, it would look like this:

- Georgetown University Sociology Department

Java’s Brewing!

By Les Pang, Ai-Mei Chang and Jamie Smith (AMP 14 Student)

 

On March 10, IBM, Netscape, Sun and Novell presented the "Java World Tour ‘97," a conference on the object-oriented language which is making an impact on the World Wide Web. The keynote addresses from corporate executives, the sessions, and demonstrations were broadcast via live satellite from New York to Washington and other cities.

A Quick Guide to the System Dynamics Technology

By John Saunders 

System Dynamics is a technology which implements the modeling of cause and effect relationships. It provides an individual or group of users the ability to build a model of a decision environment and then to simulate how the model elements interact over time. The number of elements within and the relationships among system dynamics representations can become very large and complex. To respond to this challenge the use of the computer and its associated capability of sensitivity or "what if" analysis is critical.

This technology has been applied in a wide variety of disciplines including economics, the social sciences, environmental studies, and politics. Some elements of the technology to be covered here include causal loops and stocks and flows.

Causal Loops Causal Loops are simple diagrams that are drawn to indicate hypothesized relationships among the system elements under examination. Their use is a first step in creating a working model of an environment. As an example the causal loop diagram below depicts an organizational situation where an increase in layoffs result in a decrease in morale. This decrease then causes a reduction in productivity. This effect then feeds back to produce increased layoffs. The concept of feedback is central to this technology.

 

Figure 1 - Causal Loop of Employment Morale

The O in this loop indicates an Opposite effect in the relationship, i.e. a decrease in productivity causes an increase in layoffs. An S in the loop indicates effects in the Same direction. That is a decrease in morale causes a decrease in productivity. This particular loop is an example of a reinforcing loop. In the causal loop nomenclature a large R is placed inside the loop to indicate its reinforcing nature. Causal loops may be interpreted as negatively or positively reinforcing. In the instance just described this loop would be classified as negative reinforcing. A positive reinforcing loop would be indicated by a decrease in layoffs which would then produce an increase in morale which further produces an increase in productivity. The two vertical bars (||) between Morale and Productivity indicate a delay. As indicated in this diagram, a decrease in morale may not decrease productivity immediately, but over time will cause a reduction.

While causal loops are an effective method for describing generalized relationships, a need for finer granularity in the description is often necessary. In reviewing the example above many questions arise. For example:  

Another ancillary method, commonly called Stocks and Flows, builds upon causal relationship diagrams and provides a mechanism for in-depth, time-based observation of the system.  

Stocks and Flows Stocks and flows allow a finer granularity in the analysis of the model relationships and also are the basis for running system dynamics simulations. No straightforward method for converting causal loop diagrams into stock and flow diagrams has been formulated. However experts in the field have formulated heuristics for aiding participants when building models. The stock and flow diagram below is one expanded interpretation of the simple causal loop above.

Figure 2 - Employment Morale Stock & Flows Model

In the above example the number of employees in the organization, indicated by the box, may decrease through an outflow, indicated by the valve, triggered by the influence of a demand in the job market, as indicated by the circle, line, and arrow. Or the units in stock may be increased by additional raw material conversion caused by an increase in the production rate which was increased by a boost in morale, which was influenced by increased hiring. 

Note that the symbols utilized are different than those in causal loops. The box indicates a stock, where elements accumulate, and then increase and decrease over time. The circle with a small T on the top represents a flow control, similar to a valve. And the circles with extending lines and arrows indicate influences. Finally, the clouds indicate an assumption of indeterminate supply or demand.

Figure 3 - Stock and Flow Symbols

The stock and flow symbols used in system dynamics are derived from the early work of Professor Jay Forrester of the Massachusetts Institute of Technology. Dr. Forrester is considered the "Father" of System Dynamics.

 Output in stock and flow systems is typically depicted in the form of time graphs such as that shown below. The X axis indicates time and the Y axis contains scaled values of the variables under observation.

Figure 4 - Graphical Output of a Simulation

These diagrams enable model builders to see relationships which could not be seen using conventional analysis and tools such as spreadsheets. This is true both because of the complexity of variable interaction, and because of time influences. In the above diagram such things may be seen as hiring delay consequences, effects of seasonality, the push and pull of external job market attractions, and the long term result of crisis reactions such as massive layoffs.

Acronymania Quiz!

ATM

  1. Automated teller machine.
  2. Association of Tiddlywinks Manufacturers
  3. Asynchronous Transfer Mode or Adobe Type Manager.

BLOB

  1. Steve McQueen horror movie.
  2. One of your in-laws.
  3. Binary Large Objects.

CORBA

  1. Rikki Tiki Tavi’s worst enemy.
  2. A great sports car.
  3. Common Object Request Broker Architecture

FAT

  1. Something you get after the holidays.
  2. Cheesecake lover.
  3. File Allocation Table.

MIME

  1. Street performer trapped in an invisible cage.
  2. It’s not yours, it’s _____.
  3. Multipurpose Internet Mail Extensions.

PCMCIA

  1. People Can’t Memorize Computer Industry Acronyms.
  2. Pickle Canners’ and Manufacturers’ Corporate & Industry Alliance.
  3. Personal Computer Memory Card International Association (recently reduced to PC Card).

RISC

  1. Redundant Information Systems and Communications.
  2. A popular game you play on Saturday nights.
  3. Reduced Instruction Set Computer.

SCSI

  1. Someone just below grungy.
  2. Your brother-in-law.
  3. Small Computer System Interface.

SQL

  1. Standardized Query Language.
  2. Godfather II, Archie’s Place, Die Hard II.
  3. Structured Query Language.

TCP/IP

  1. Something found in my alphabet soup.
  2. Just couldn’t hold it, I guess.
  3. Transmission Control Protocol/Internet Protocol

If you consistently picked the following letter:

  1. You are absolutely normal.
  2. You need help!
  3. You are truly the ultimate propeller head.

 

Technology Updates / By Paul Flanagan

Speech Recognition and Natural Language Processing turns to Windows 95. The speech recognition computer stored in room 102 has recently been converted to Windows 95, Dragon Dictate Version 2.5 and Power Translator. This update provides the capacity to direct Windows 95 applications like Microsoft Word and Powerpoint using your voice. In addition, these documents and Internet Home Pages can be translated to Spanish, French, German and Italian. Although not easy to use, two AMP-14 students, Gary Ford and Brad Barnes, demonstrated the speech recognition and machine translation respectively during the Technology Track. 

All computers in the Decision Room, room 101, have been upgraded to 16 megabytes of Random Access Memory. Many thanks to Lt. Carigo and Frank Cassidy for getting this done.  

A New Perspective in Addressing Software Threats

By Jack Egan

On April 29, Jack Egan will be presenting a paper at the Software Technology Conference in Salt Lake City. His paper examines the threats to DoD software intensive systems throughout their entire life cycle. These threats include malicious software, hacker intrusions, reverse engineering and software errors. The paper also examines existing process frameworks for addressing this problem such as the Trusted Computer System Evaluation Criteria (TCSEC) and the Security Systems Engineering Capability Maturity Model (SSE CMM). These are found to be inadequate for immediate applications to individual projects because they are either untested or impractical for some types of systems. A set of best practices is presented which should be compatible with any existing process and which can be easily implemented. The paper concludes with several recommendations, primary of which is that testing and software quality assurance should be made components of program security and an examination of the manager’s role in software protection.

Often overlooked are threats to information security which exist throughout the entire software life cycle. As a result, there is a growing awareness that planning for information security should be an important part of strategic planning for any large DoD software intensive project. Many examples can be given in support of this premise. Ken Thompson of AT&T Bell Labs has described a C-compiler Trojan Horse, in which a modification to the compiler caused the next recompilation of the UNIX login routine to place a trapdoor in the object code of login. This trapdoor could permit any unauthorized user to gain access to the system. This trapdoor would not be caught by code inspectors because it would not appear in any source code. Mitch Kabay Director of Research at the National Computer Security Association, tells a story about how MCI in 1993 prosecuted one of its former software designers for putting a "backdoor" into a system that enabled him to commit over three million dollars in fraud by capturing customer credit card numbers and using them in fraudulent transactions. In another story, a Dutch chemical firm used a software system to control the mixture of chemicals through the use of computer-controlled codes. A certain combination of codes -thought to be prohibited by the system-created a unstable mixture causing an explosion which killed several people. These examples illustrate the point that developmental errors, both deliberate and unintentional , have resulted in the weakening of system security, often leading to tragic or embarrassing consequences. 

What are the major vulnerabilities to DoD software development? First, there is vulnerability to the threat of malicious software such as viruses, logic bombs, Trojan Horses, hostile applets, etc. Second, there are vulnerabilities to the hacker threat which involves the intrusion of unauthorized persons, either insider or outsider, who can modify data, obtain unauthorized information, plant malicious software, deny service, disrupt information flow, etc. Third, there is vulnerability to the reverse engineering threat. This threat involves decompilation technologies, turning compiled code into source code. It can also apply to hardware components as well, where a modest investment in instrumentation, may allow a skilled engineer to reconstruct the design of a critical hardware chip. Finally, there is always a susceptibility to software errors. Whether these are introduced deliberately, or as in the vast majority of cases unintentionally, the effects of software errors and bugs can be even more destructive than deliberately malicious software.  

There are two current approaches to the problem of protecting software during its development. The first is to apply the Trusted Computer System Evaluation Criteria (TCSEC) criteria to all systems. This approach involves adopting the NSA Orange Book concepts and applying them to networked environments. The other involves the rapidly growing field of security engineering and its application in the Systems Security Engineering Capability Maturity Model. The NSA decided to extend the Software Engineering Institute’s CMM to the more specific field of developing software that had to enforce security requirements, as well as perform some computing task. In the SSE CMM there are three areas: engineering (development process), project management, and organizational. The key process areas represent are areas which an organization should focus on in order to improve. The underlying premise of the CMM is that software development problems, and hence project failures are managerial rather than technical. 

The time has come to look at testing and software quality assurance (SQA) as being important components of software security rather than being separate responsibilities. Software errors, faults and failures, whether maliciously caused or accidental, can be caught in testing or by other good SQA practices such as inspections, structured walkthroughs, etc. For example, rigorous code or design reviews can detect trapdoors, salami attacks, viruses, etc. and there is anecdotal evidence that peer walkthroughs may even be better than actual software testing. It would uncover inconsistencies in understanding and would locate programmer’s flaws of logic. 

It is also important to recognize that the methodology used to develop software can also make a difference. Some software methodologies are more security-friendly than others. For example, the waterfall model is considered to be the least security friendly because it does not emphasize risk reduction, it delays usage until much later in the life cycle, and SQA and testing may be inconsistently applied, often in a piecemeal manner throughout its development cycle. At the opposite end of the spectrum, system construction from reusable software components promises be the most security-friendly. This assumes, of course, that the reusable components are trusted and that the assembly is done in a secure environment. If this is not so, then the assembled system may be susceptible to the same software threats as systems built with other methodologies. 

The language chosen for development may also contribute greatly to software protection. Ada is considered the most supportive of software protection, because the semantics support formal analysis and it possesses the properties of encapsulation, information hiding and modularity. 

Another good practice is the implementation of a sound configuration management program. This protects software integrity and documentation because all changes must be approved and documented. Software can be evaluated for possible side effects thus reducing the impact of errors. It also will protect the program from malicious modification since access to any running production program is possible only through a configuration management program. 

File encryption can be employed as a means of reducing the likelihood of data leakage during design and specification phases. Even if access was unauthorized, the intruder would not be able to see the targeted information. File encryption could be employed automatically within special accounts at logout, and decryption be initiated at login. Digital signatures could be used to ensure that recent modifications have been done by authorized individuals. Employ file integrity checking to guard against tampering and virus infections. Most operating systems will also provide some modicum of access controls. Mandatory access might be used in systems where a high degree of classified information is stored. None of these best practices will provide full protection, but if used in concert could greatly improve the protection of your software project. 

In applying any of these practices, the program manager must exercise prudent judgment. A security plan is required which best reflects the needs and the context of the environment within which the software is being developed. The issue is one of rationally allocating scarce resources to the protection of software during its development. This implies that a thorough understanding of the risks and the threat level is in tow. The manager must determine through a cost-benefit analysis how much risk he/she can stand and how much can be spent on controlling that risk. For example, if the threat is largely determined to be internal, then perhaps improving physical and personnel security is more appropriate than investing in an elegant security architecture designed to keep out external intruders. But cost-benefit analyses can be tricky since loss of face, and embarrassment could be quite harmful to an organization even if sensitive information is not compromised.  

There is no way to adequately determine your bottom-line return on a security investment. Investing in software protection must be viewed in the same manner as an insurance policy for your home. However, unlike an insurance policy, information security may cost more than a tiny fraction of the overall value of the protected item.

 

The Year 2000 Countdown Continues… 

The Year 2000 Conference and Expo was held in Washington from February 9-11. It focused on strategies for addressing the "Y2k" problem facing managers and users worldwide. 

Lessons learned in addressing the Y2k problem: 

Executive/managers responsibilities:

Early observations on mobilizing an organization: 

Two basic coding strategies for correcting the date problem are as follows: 

  1. Date field expansion – change the field from YYMMDD to YYYYMMDD within the physical databases and files.
  2. Procedural workaround – continue to use the 2-character year field in the databases but provide a subroutine in the application that recognizes invalid dates (based on a time "window") and converts these to compliant dates so that date calculations can be made accurately. For example: 
  • If YY>17 then YYYY = "19" + "YY" else YYYY = "20" + "YY" 
    •

    • Tools for addressing the problem include inventory and impact assessment tools, date expansion tools, repositories/data dictionaries, change tracking tools, and testing and validation tools. Many of these tools appear to be former computer-aided software engineering (CASE) tools which have been re-tailored. 

    There is much concern at the private sector level due to the legal risks associated with neglecting the Year 2000. Customer litigation due to poor service or account mismanagement may result. Legal and liability costs could dwarf the anticipated costs to fix the problem. 

    "Three Certainties: Death, Taxes and the Year 2000." (Gartner Group)

    - Les Pang

    Y2k Links:

    Visit http://members.aol.com/lpang10473/y2k.htm

    to access a Y2k jumpstation. Another excellent site (mentioned in previous y2k articles in Info Tech Talk) is:

    http://www.itpolicy.gsa.gov/mks/yr2000/y201toc1.htm

    itt-972.gif (5455 bytes)

    http://WWW.NDU.EDU/ndu/irmc/itt-previous.html

     

    Editor Les Pang, e-mail: pangl@ndu.edu, (202) 685-2060, http://members.aol.com/lpang10473/default.htm

    Graphics Designer Jim Looney

    Return to the top