U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

PROJECT SEARCH - CRIMINAL JUSTICE COMPUTER HARDWARE AND SOFTWARE SECURITY CONSIDERATIONS

NCJ Number
13610
Author(s)
ANON
Date Published
1974
Length
39 pages
Annotation
CRIMINAL JUSTICE INFORMATION SYSTEMS SAFEGUARDS ARE RECOMMENDED FOR THE PHYSICAL FACILITY, PROCEDURES, ORGANIZATION AND PERSONNEL, EQUIPMENT, OPERATING SYSTEMS, APPLICATIONS PROGRAMS, AND DATA FILES.
Abstract
INADEQUATE SAFEGUARDS AND CONTROLS MAY RESULT IN UNAUTHORIZED OR ILLEGAL OBSERVATION, EXTRACTION, ALTERATION, UTILIZATION, OR ADDITION OF DATA. STANDARDS FOR TERMINAL AND OPERATOR IDENTIFICATION, DATA STORAGE, DATA ENTRY, AND FILE PROTECTION SOFTWARE ARE DELINEATED. SUGGESTIONS INCLUDE USING TERMINAL IDENTIFICATION CODES, PERSONAL IDENTIFICATION NUMBERS AND USER LOGS, WHICH SHOULD BE AUDITED REGULARLY. DATA STORAGE SECURITY REQUIREMENTS INCLUDE THE CREATION OF DUPLICATE FILES AND THE INSTITUTION OF CONTROLS ENSURING THAT EACH USER HAS ACCESS ONLY TO THOSE FILES FOR WHICH HE IS AUTHORIZED. DATA ENTRY PROCEDURE SHOULD ENTAIL THE DESTRUCTION OF SOURCE DOCUMENTS AND LIMIT THE ENTRY, MODIFICATION AND CANCELLATION CAPABILITIES OF TERMINALS. A MONITORING PROGRAM WOULD DETECT AND REPORT VIOLATIONS OF THE SYSTEM SECURITY SOFTWARE, AND AN EDIT PROGRAM WOULD PERIODICALLY AUDIT ALL RECORD ALTERATION TRANSACTIONS. THE APPENDIX CONSISTS OF A CHECKLIST OF SECURITY CONSIDERATIONS FOR CRIMINAL JUSTICE COMPUTER HARDWARE AND SOFTWARE. A BIBLIOGRAPHY IS PROVIDED.