U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

GRAPPLING WITH COMPUTER SECURITY IN THE 1980'S

NCJ Number
56454
Journal
Security Management Volume: 23 Issue: 4 Dated: (APRIL 1979)
Author(s)
J A SCHWEITZER
Date Published
1979
Length
6 pages
Annotation
BASIC SECURITY MEASURES ARE DESCRIBED FOR THE TYPE OF COMPUTER SYSTEMS EXPECTED TO BE PREVALENT IN THE 1980'S.
Abstract
COMPLETE SECURITY FOR A COMPUTER SYSTEM IS POSSIBLE ONLY WHEN INFORMATION IS PROCESSED IN A COMPUTER WHICH IS DEVOTED TO A SINGLE APPLICATION, CONTAINED IN A SECURE PHYSICAL ENVIRONMENT, AND INDEPENDENT OF ANY TERMINALS OR OTHER COMPUTERS OR DEVICES. THIS IS NOT PRACTICAL IN THE COMPUTER SYSTEMS OF 1977-1985. BUSINESS COMPUTER PLANS INDICATE INCREASING USE OF TERMINALS, DISTRIBUTED PROCESSING, AND DATA BASES WITH LARGE MULTIPROGRAMMED PROCESSORS. THE SECURITY CONSIDERATION, THEN, IS TO ACHIEVE SOME ACCEPTABLE LEVEL OF SECURITY. CONSIDERING THE LARGE NUMBER OF PEOPLE WHO WILL HAVE ACCESS TO TERMINALS, THERE MUST BE EFFECTIVE WAYS OF CONTROLLING ACCESS TO THE FILES WHICH WILL BE PRESENT ON LARGE CENTRAL PROCESSORS CONNECTED TO COMMUNICATIONS CIRCUITS. SYSTEM USERS, GENERALLY THE ORGANIZATION WHICH IS SPONSORING THE DATA SYSTEM OR WHOSE MEMBERS ARE USING THE COMPUTER, SHOULD BE RESPONSIBLE FOR THE SECURITY OF THEIR INFORMATION. DETERMINING THE LEVEL OF SENSITIVITY OF THE INFORMATION BEING PROCESSED IS THE FIRST AND BASIC STEP IN THE INFORMATION SECURITY PROCESS. MANAGERS OF SYSTEMS DEVELOPMENT, SYSTEM MAINTENANCE, COMPUTER PROCESSING, AND TELECOMMUNICATIONS SERVICES MUST PROVIDE A VARIETY OF PROTECTIVE MECHANISMS, INCLUDING APPROPRIATE MEASURES FROM EACH OF THE LEVELS OF PROTECTION, GENERALLY DESCRIBED AS THE FOLLOWING: LEVEL 1--PHYSICAL PROTECTION, LEVEL 2--ORGANIZATIONAL NCJ-59507. --IN GERMAN. (KMD) SECURITY ELEMENTS, AND LEVEL 4--ENCRYPTION OF SENSITIVE INFORMATION. THE VARIETY OF PROTECTIVE ELEMENTS FROM THE FOUR CONCENTRIC LEVELS MAY BE VIEWED AS A MENU OF PROTECTIVE DEVICES. MANAGERS OF SYSTEMS DEVELOPMENT ACTIVITIES, IN CONCERT WITH THE FUNCTIONAL SYSTEMS USER, MUST SELECT FROM THE VARIETY OF PROTECTIVE FEATURES TO PROVIDE AN OVERALL LEVEL OF PROTECTION FOR THE SYSTEM OR OPERATION COMMENSURATE WITH THE SENSITIVITY OF THE INFORMATION BEING PROCESSED. (RCB)

Downloads

No download available

Availability