U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

COMPUTER SCIENCE AND TECHNOLOGY - DESIGN ALTERNATIVES FOR COMPUTER NETWORK SECURITY

NCJ Number
51667
Author(s)
G D COLE
Editor(s)
D K BRANSTAD
Date Published
1978
Length
177 pages
Annotation
THE CRITICAL ISSUES AND PROBLEMS RELATING TO COMPUTER NETWORK SECURITY ARE IDENTIFIED, AND THE MECHANISMS WHICH MIGHT IMPLEMENT THE POLICY/SOLUTIONS ARE DISCUSSED, ALONG WITH THE TRADEOFFS RELATING TO THESE MECHANISMS.
Abstract
THE COMPUTER-NETWORK SECURITY PROBLEM IS SEEN TO BE NOT MERELY A COMMUNICATIONS PROBLEM, BUT RATHER A COMPLEX SET OF PROBLEMS DUE TO MULTISYSTEM NATURE OF THE NETWORK. OF THE ALTERNATIVE SECURITY MECHANISMS CONSIDERED, THE MOST VIABLE ARE CONSIDERED TO BE THE SECURITY CONTROLLER AND INTELLIGENT CRYTOPGRAPHIC DEVICE. THE CONCEPT EMPLOYING THE MECHANISMS INVOLVES THE USE OF A DEDICATED MINICOMPUTER TO CONTROL ACCESS TO A COMPUTER NETWORK THROUGH THE CONTROL OF DATA ENCRYPTION KEYS; I.E., PARAMETERS, TYPICALLY BINARY NUMBERS, THAT CONTROL THE PROCESSES OF ENCIPHERING AND DECIPHERING COMPUTER DATA. AN AUTHORIZED USER OR TERMINAL IN A COMPUTER NETWORK IS ISSUED AN ENCRYPTION KEY TO OBTAIN ACCESS AFTER THE CREDENTIALS OF THE USER OR TERMINAL HAVE BEEN VERIFIED. IN EXAMINING THE USE OF THIS SECURITY CONCEPT, THE NETWORK IS VIEWED AS CONSISTING OF SEVERAL LEVELS, AND THE PRESENTATION PROCEEDS IN A TOP-DOWN ANALYSIS INVOLVING THE FOLLOWING: (1) THE POLICY AND REQUIREMENTS ISSUES; (2) THE HOST COMPUTERS SECURITY CONTROL SYSTEMS; (3) THE INTELLIGENT CRYPTOGRAPHIC DEVICE; AND (4) THE COMMUNICATIONS NETWORK. WITHIN EACH LEVEL, THE ISSUES RELATED TO AUTHENTICATION, AUTHORIZATION, CONNECTION ESTABLISHMENT, CONNECTION USAGE, SECURITY MONITORING, AND SECURITY ASSURANCE ARE CONSIDERED. IN ADDITION TO TECHNICAL CONSIDERATIONS, PROCEDURAL AND ECONOMIC ASPECTS ARE DISCUSSED. IT IS BELIEVED THAT THE APPROACH SUGGESTED WILL PROVIDE THE NECESSARY CONTROL MECHANISMS TO HANDLE THE COMPLICATIONS OF THE NETWORK ENVIRONMENT AND PROVIDE A VIABLE AND EVOLUTIONARY APPROACH TO ACHIEVING THIS GOAL IN BOTH EXISTING AND FUTURE NETWORKS. A BIBLIOGRAPHY IS PROVIDED. (AUTHOR ABSTRACT MODIFIED--RCB)

Downloads

No download available