Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 33
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness 4 Regulation As indicated earlier, regulation is one of several forces that will drive the evolution of the public switched networks for the remainder of the twentieth century. The impact of regulation on network evolution has already been dramatic (Huber, 1988). The divestiture of elements of the American Telephone and Telegraph Company (AT&T) and the introduction of competition into segmented telecommunications markets have transformed what was originally a single integrated nationwide network into a “network of networks.” While specific forecasts are hazardous, enough has transpired in the past two decades to allow a reasonable projection of the general direction of telecommunications regulation. Landmark rulings already made, although subject to modifications as circumstances may dictate, will not be completely or even substantially reversed. In particular, divestiture is irreversible. The integrated Bell System no longer exists, and its component parts have undergone organizational transformations that preclude reassembly of the original entity, even assuming that such a policy decision were made and could lawfully be implemented. Corporate goals have changed: Companies that formerly perceived themselves as passive providers of common carriage now regard themselves as active marketers of telecommunications and information services. In the predivestiture environment, the Bell System supplied end-to-end monopoly service and offered non-Bell companies liberal access to the research of Bell
OCR for page 34
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness Laboratories. In the evolving competitive marketplace, and with the expiration on 1 January 1989 of the 1956 consent decree’s mandatory licensing of Bell patents, some of AT&T’s research is expected to shift toward applied rather than basic areas. While the laboratories will no doubt seek to address security needs, applied research leads to greater emphasis on commercial products, and those products needed for national security emergency preparedness (NSEP) that are not commercially viable might receive less attention. The research support organization for the divested operating companies, Bell Communications Research (Bellcore), is also expected to emphasize applied research. The products and services developed will be increasingly market oriented. In the remainder of the twentieth century, the chief regulatory drivers of public network evolution will be (1) expected changes in jurisdictional responsibilities; (2) the evolution of Open Network Architecture (ONA); (3) the nature of broadband services regulation, that is, of cable television and advanced video services; (4) the gradual adoption of market-based pricing for services other than basic voice telephone service; (5) the incentive for bypass of the public switched networks; and (6) the evolution of regulation of local exchange carriers. Each of these is discussed in turn, with observations concerning their impact on NSEP planning and requirements. JURISDICTION Background Today, authority for making the rules governing the providers of telecommunications is divided among the Federal Communications Commission (FCC), the AT&T divestiture court, the Congress, and the state public utility commissions (PUCs). The main jurisdictional uncertainty is what authority, if any, will be retained by the divestiture court in the year 2000. The court has established as a prerequisite to ending its superintendence over the Regional Bell Operating Companies (RBOCs) the introduction of genuine competition in the local loop, that is, competition sufficient to make available to residential subscribers meaningful alternatives to obtaining basic telephone service from their local exchange carrier. Potential candidates for providing local loop alternatives are cellular mobile radio and the introduction of optical fiber into the local loop. In terms of federal-state jurisdictional prerogatives, the past decade has seen the growth of a partnership—not without sharp
OCR for page 35
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness disputes—between the FCC and the state PUCs, via increasing FCC reliance on Federal-State Joint Boards to resolve issues with significant interjurisdictional ramifications. Initial blanket state PUC resistance to federal deregulatory initiatives has been replaced by a search for compromises that will preserve the integrity of state regulation over the reasonableness of rates and conditions of service while permitting a gradual shift toward pricing policies more closely related to the actual cost of providing each specific service. Congressional supervision of the FCC’s policies will influence the nature and timing of deregulation, but no legislative reversed of the overall direction of domestic telecommunications policy is likely. In sum, by the year 2000 jurisdictional responsibilities will be less fragmented than at present, especially with regard to regulation of the RBOCs. National Security Emergency Preparedness Implications Because jurisdictional responsibility will remain substantially fragmented, NSEP needs may not be adequately met. As NSEP planning requires nationwide integration, the division of jurisdiction underscores the need to implement, in some form, the committee’s recommendation to strengthen the existing national-level NSEP resources to oversee planning for public network emergencies. OPEN NETWORK ARCHITECTURE Background The principle of ONA is an accomplished fact. AT&T and the RBOCs have already filed preliminary ONA plans and received tentative approval from the FCC. The goal of ONA is accepted by all: that is, equal, user-transparent access via the public networks to network services provided by network-based and nonnetwork enhancedservice providers. But the specifics of ONA implementation are complex, and any solution must prove acceptable to many competing industry groups. While ultimate agreement on some form of ONA is highly likely, operational definition of the detailed elements of ONA will continue for years, with gradual, element-by-element introduction rather than wholesale implementation, and continual modification as new services become available.
OCR for page 36
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness National Security Emergency Preparedness Implications The focus of governmental inquiry into the deployment of ONA has been to ensure the widest possible user access to network software, in order to afford true equality of interconnection for nonnetwork enhanced-service competitors. Deployment of ONA will have significant impact on the public networks’ NSEP capabilities. A positive aspect is that ONA should provide the flexible network intelligence needed to meet NSEP requirements—notably, out-of-band signaling. But ONA could have a serious adverse impact on NSEP: As network software becomes increasingly accessible, the potential increases for hostile users to disrupt the public switched networks. Computer hackers might scramble network data. Instead of using hardware-oriented schemes such as “blue box” billing bypass, thieves might access network software databases to alter customer records, such as billing information. Finally, saboteurs might also implant “computer viruses” or “worms” in accessible network software, causing serious damage to network databases and operations (Communications Week, 1988; New York Times, 1988; Telephone Engineer and Management, 1988). ONA can increase network vulnerability to such disruptions in two ways. First, ONA increases greatly the number of users who have access to network software. In any given universe of users, some will be hostile. By giving more users access to network software, ONA will open the network to additional hostile users. Second, as more levels of network software are made visible to users for purposes of affording parity of network access, users will learn more about the inner workings of the network software, and those with hostile intent will learn more about how to misuse the network. Network security is the other side of the coin of network access: ease of access makes security difficult; tight security makes access difficult. Somewhere along a continuum, between perfect access with no security and perfect security with no access, an appropriate trade-off must be made. How much security is desirable depends on the value of the assets to be protected, the cost of protecting them, and the importance of affording ease of access. Ease of access to network software is the essential for ONA, but ease of access for legitimate users means equal ease of access for hostile ones. Given that the nationwide telephone network and associated databases are a vital national asset, government policy
OCR for page 37
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness makers should take care to ensure that security concerns are reflected in the evolution of ONA. Cost constraints and the need for user-friendly access may preclude maximum protection, but some level of security is clearly needed: It is hard to overstate the dependence of the U.S. economy on a fully functioning telecommunications network infrastructure. The vulnerability of network software raises an important regulatory issue: What level of network software should be masked against access by users in order to safeguard network integrity? For example, outside users should not have access to executable source code, which drives network operations. Access to databases could be subject to verification of user identification, and other safeguards such as partitioning might be useful. At minimum, the evolution of ONA should reflect security considerations as well as the desire to provide open, equal access for users. BROADBAND SERVICES Background The 1990s will see the convergence of broadband and telecommunications technologies made possible by progress in digital switching and transmission, that is, the “arbitrarily large bandwidth” capacity afforded by the use of fiber’s extremely broadband capabilities. At this writing, the FCC is considering modifying the rules that limit telephone company participation in cable television franchises. The existing rules are premised upon the limited bandwidth available to telephone users; the introduction of optical fiber into the local loop will eventually obviate the need to retain the current restrictive rules. Thus, even if the cable rules are not revised in the next year or two, eventual revision is probable. With the bandwidth deliverable via optical fiber access lines, multiple service providers will be able to compete for customers. Telephone company entry would be conditional on their willingness to provide nondiscriminatory access to competitors. At this writing, as indicated earlier, it is not clear if telephone companies would be allowed to provide more than video dial tone. With the advent of high-definition television (HDTV) sometime in the 1990s, demand for broadband capacity will be stimulated. Regulation will focus on ensuring multiple-provider access to local subscribers. If implemented in conjunction with a broadband ISDN architecture, network connectivity for voice, data, and video will
OCR for page 38
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness be significantly enhanced. But broadband penetration of the local loop is not anticipated before the mid-1990s. Even by the year 2000 broadband connectivity will probably be limited to “islands” — selected exchange areas. National Security Emergency Preparedness Implications If, eventually, television signals are deliverable to a nationwide majority of the customers via landline networks, some portion of the radio frequency spectrum currently allocated for television broadcast could conceivably be reallocated to other technologies such as cellular, domestic mobile, and paging. Those channels could then become available for radio access for NSEP purposes. PRICING Background Traditional telephone pricing was designed to foster “universal service”: basic voice telephone service at rates that virtually all potential subscribers could afford. Telephone service was priced according to “value of service”: Each customer paid the same flat rate for the right to access the same universe of subscribers. Because high-volume users such as business or urban subscribers received no volume discounts, the value-of-service pricing model incorporated subsidies for residential and rural users. With the abandonment of the traditional monopoly environment, its centerpiece, value-of-service pricing, will ultimately be largely supplanted by market pricing. Competition is premised upon the ability to price services at or near actual cost per customer. Because advanced network services will be open to competition, and because policing competition will require identification of costs associated with provision of specific services, price disaggregation will prove necessary for most services available in the marketplace. Transitional mechanisms will be required, but some form of postmonopoly price structure, whether it is the FCC’s current “price cap” proposal or some other form, will likely be introduced over the next decade. Prices will not, however, be precisely matched to costs even by the year 2000. The subsidy to maintain universal access for basic voice telephone service will continue to skew the price of access below its true economic cost for low-volume users. Also, the absence of any universally accepted definitive yardstick for separating joint
OCR for page 39
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness and common plant costs of providing inter- and intrastate service will continue to preclude pure cost-based pricing of basic service. An evolving pricing concept developed by the state PUCs is the “social contract” tariff: In return for guaranteeing low-cost universal basic telephone service, exchange carriers are permitted flexible pricing for other, nonuniversal services. The FCC’s “price cap” proposal has similar objectives. While some subsidies will remain in effect where the cost of service is well beyond any price that could reasonably be charged, by the year 2000 price disaggregation should be almost complete and public network services will mostly be offered via usage-sensitive, strategically priced tariffs. National Security Emergency Preparedness Implications The redundancy afforded in a monopoly environment, such as duplication of databases, though vitally important for NSEP, is less likely to be available in a cost-disaggregated environment. The cost of carrying excess inventory can impede the ability of a firm to price competitively, and thus carriers have an incentive to avoid excess investment in backup resources. The Hinsdale, Illinois, disaster illustrates the consequences of inadequate redundancy: to thousands of users, services were disrupted, in some cases for up to several weeks. The prospect of future occurrences is real, and the harm done could be worse next time. In addition to the loss of residential connectivity and injury to businesses dependent on network access, a future occurrence could cause loss of life, if, for example, 911 emergency service is disrupted and medical or police assistance is unavailable. While full-scale network redundancy is not economically feasible, modest, strategically located redundancy is affordable. Because non-service specific network enhancements are no longer automatically includible in the carrier rate base, an alternative method of financing emergency backup is needed. BYPASS Background There are, as defined by the FCC, two types of bypass: “facilities bypass” and “service bypass.” Facilities bypass is the use of facilities that are physically separate from the embedded public network. Examples of such bypass include earth station to satellite to earth
OCR for page 40
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness station and point-to-point microwave. Service bypass refers to price-discounted services delivered via the public network, for example, virtual private networks. The rate and extent of customer migration from the public network will be dictated by the pace of transition to cost-based pricing on that network, and the timing of the introduction of ubiquitous “arbitrarily large bandwidth” at rates that would render bypass uneconomical for those who remain public network users for most of their traffic. If price reformation lags, large users would use the public network primarily as a “carrier of last resort.” The principal deterrent to bypass will be regulatory approval of market-priced virtual private networks. By the year 2000 there will be substantial data traffic carried on private networks, but the bulk of voice traffic will remain on the public network; the impact on carriers will be primarily reflected in carrier revenues. Because most by passers are expected to retain links to the public network, network connectivity should not be seriously impaired—provided that the private networks employ protocols and interface gateways that are compatible with public network standards. Whether service quality will also be maintained is unclear, as the proliferation of networks and network interface standards may preclude attainment of optimal network service quality. For NSEP purposes, however, connectivity at a threshold level of adequacy is more important than whether service quality meets commercially acceptable standards. National Security Emergency Preparedness Implications As private networks proliferate, many with robust packet switching capabilities, they will constitute a resource for augmenting network redundancy. The committee recommends that efforts be made to exploit the capabilities of private networks for message transmission, mail-box storage, and more robust signaling. LOCAL EXCHANGE CARRIER REGULATION Background Market pricing and ubiquitous access to information services will drive competition into the local exchange for most services. Two regulatory issues will be paramount: (1) the extent of the de facto
OCR for page 41
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness exclusive local exchange franchise and (2) the definition of what constitutes “universal service.” For market-priced services, carriers will not possess an exclusive franchise. Regulation predicated upon the traditional monopoly service model will gradually be supplanted by more flexible regulation, designed to promote open entry and competition. While “last resort” provider service will remain closely regulated, the remainder of local loop traffic will not be regulated under monopoly rules. Regarding universal service, many federal and state policy makers feel that in the Information Age the traditional concept of universal service—access to basic voice telephone service—should be expanded to include information services. Such expansion is intended to prevent the social segmentation of society into “information rich” and “information poor” classes. It is unlikely that at the federal level a specific new definition of universal service will be adopted. At the state level, there is likely to be considerable experimentation, with many states adopting, in cooperation with exchange telephone companies, Information Age definitions of universal service. Already, inquiries on advanced network services are under way in New York and Florida, and the California PUC has also expressed interest in the subject. Another problem in local exchange carrier regulation is ensuring that NSEP personnel have access to the public networks. For example, in June 1988 a power failure at a New England Telephone central office blocked incoming calls for some 35,000 local business and residential customers. A number of area banks closed because of lack of business. Their business operations were so intertwined with the telephone system that when it failed the banks’ daily business largely evaporated. Even though the telephone company blocked incoming calls from outside the region, it was reported that local calls were almost impossible to make until late in the day. This led local authorities to scatter police and fire resources strategically throughout the affected area. As is evident from the above situation, an emergency creates telephone overloads that can block access to whatever remaining capacity exists within the communications system. This in turn can prevent authorities from providing local or even regional emergency services. The committee believes that situations will occur where local authorities are unable to maintain essential services because of the failure of communications services. One solution would be to give
OCR for page 42
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness priority communications service to selected users during emergencies that cause massive overloads on the public switched networks. Several options to accomplish priority service could be made available. For example, access to dial tone is considered critical, because if enough nonessential users are connected to a damaged network, higher priority users can be blocked from access. Also, techniques of “line load control” and “directionalization” have been used in the past to control access to a limited telephone capacity. It appears that such controls are no longer actively maintained. In some states, local laws may prohibit telephone companies from providing priority communications services to designated users. National Security Emergency Preparedness Implications Because the mainstay of Nationwide Emergency Telecommunications Service (NETS) and NSEP needs will be voice communications, regulation, by conditioning deregulation on retention of “last-resort” voice, will serve NSEP purposes by maximizing network connectivity. The deployment of information services as universal service adjuncts of basic voice service would enhance the capabilities of the public network and serve NSEP goals. The committee believes that roadblocks to such services must be removed and that facilities should be installed to support priority service where appropriate. Well-meaning laws seeking equal access and treatment may inadvertently be counterproductive in the case of damage to public network assets. It is the committee’s understanding that at least one state has a specific prohibition against priority treatment, therefore preventing implementation of line load control. ADDITIONAL NATIONWIDE EMERGENCY TELECOMMUNICATIONS SERVICE AND NATIONAL SECURITY EMERGENCY PREPAREDNESS CONSIDERATIONS Changes in regulation have had significant impact on the proposed NETS program. The organizational changes wrought by divestiture and the cost-cutting incentives created by competition make NETS planning more difficult. The existence of multiple-service providers competing in segmented markets will also complicate procurement creativity and flexibility if the assets of a network of networks are to be used to serve NETS purposes effectively.
OCR for page 43
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness NSEP concerns are less service-specific, but must cover a broader range of contingencies than the war-oriented scenarios to which the NETS program is addressed. NSEP concerns include network reconstitution in the wake of sabotage, natural disasters, and accidents attributable to human error. As with NETS, the regulatory changes of the past two decades make NSEP management more complicated and NSEP capabilities more problematical. The ultimate NSEP challenge for regulatory policy is to meet nonservice-specific NSEP needs in a service-specific regulatory and marketing environment. For regulation to serve adequately NSEP purposes, network redundancy and security considerations must be given greater weight in government policymaking. Sound regulatory policy must reflect a multitude of factors. Critical factors include (1) a sensitivity to the vulnerability of software-driven networks, (2) an awareness of diminishing network route diversity and the concomitant need for nonservice-specific redundancy, (3) encouraging the exploitation of advanced technologies, and (4) managing the spectrum in ways that promote network redundancy and survivability (Stanley, 1988). Based on the foregoing discussion and analysis, the committee makes the following recommendations. Recommendation: Assure Sufficient National Level National Security Emergency Preparedness Resources In light of society’s growing reliance on information and telecommunications networks and the resulting increase in risk to national security emergency preparedness, the National Security Council should review whether the resources available to the National Communications System are sufficient to permit it to fulfill its responsibilities for planning, implementing, and administrating programs designed to decrease communications vulnerabilities for national security emergency preparedness users in an environment of proliferating public networks. Government must be able to analyze what network features are necessary for national security. Government must also be able to implement plans and procure services pertinent to national security needs. In its efforts to date to evaluate the NSEP capabilities of the public networks, the federal government has not considered how network capabilities might be enhanced to reduce vulnerabilities to
OCR for page 44
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness broader economic and social disruption. There is a gap in NSEP oversight: The committee believes that the government should review whether its existing resources are sufficient to adequately perform expanded NSEP oversight of the proliferating public networks and clarify the appropriate agency missions to enable them to address these broader NSEP questions. Recommendation: Provide Priority Service As emergency services cannot be provided without prepositioning dedicated network equipment, the National Communications System should ask the Federal Communications Commission to require the industry to deploy the network assets needed to provide priority service for selected users during declared emergencies. Major emergency situations tend to cause overload conditions on the telephone system. These overloads are nondiscriminatory to telephone users and will equally prevent authorities from accessing the system as they will block nonessential callers. Thus, priority service provisions for selected users as police, firemen, hospitals, and government officials are necessary. Priority service options should include such techniques as guaranteed dial tone, line load control, and directionalization, to name a few. The committee understands that ample authority already exists for the government to require that industry be permitted to deploy network assets that would support NSEP under a wide range of contingencies (Telecommunications Reports, 1988). Without emplacement of adequate network assets in advance, it will not be possible to implement NSEP plans in event of a crisis. Recommendation: Establish Emergency Plans As crisis management skills are critical in making emergency assets work effectively, the National Communications System should establish additional emergency plans, tailored to the evolving public networks, that use simulated disaster and recovery scenarios to develop fallback strategies for network use during emergencies. Preparedness requires more than availability of adequate facilities. Emergency personnel must be trained to use the equipment with the speed and efficiency needed to enable adequate discharge of NSEP
OCR for page 45
Growing Vulnerability of the Public Switched Networks: Implications for the National Security Emergency Preparedness responsibilities. Large organizations must develop procedures and practice their implementation, adjusting plans as experience with actual disasters dictates. In this regard, experience with recent disasters will help provide a blueprint for developing future contingency plans. Finally, as a truly practical endeavor the NCS should commission the analysis of scenarios that postulate the destruction of a megaswitch and enumerate the steps that would be currently undertaken to restore communications along with the problems that would likely be encountered, including estimates of costs, time required to restore communications, the level of the restoration, telecommunications service priority adherence, and network management obstacles. REFERENCES Communications Week. 1988. Virus alters networking. November 14. Huber, P.W. 1988. Regulatory and other pressures on network architecture. Presentation to the Committee on Review of Switching, Synchronization and Network Control in National Security Telecommunications, Washington, D.C., May 19. New York Times. 1988. Breach reported in United States computers. April 18. Stanley, T. 1988. Technical and spectrum developments for future telecommunications. Presentation to the Committee on Review of Switching, Synchronization and Network Control in National Security Telecommunications, Washington, D.C., January 19. Telecommunications Reports. 1988. FCC adopts new telecommunications priority system for national security emergency use. October 31. Telephone Engineer and Management. 1988. Computer virus. December 15.
Representative terms from entire chapter: