An Overview of Computer Security

Presented is an overview of computer security, including concepts, techniques, and measures relating to the protection of computing systems and the information they maintain against deliberate or accidental threats. Motivations for security measures are discussed. Security strategies are considered. Actions and events that threaten security are described, along with technical problems that can prevent the computer from adequately dealing with threats. Security models are surveyed. Specific technical and administrative measures for promoting security are described. Among the technical measures discussed are design of secure systems, hardware and operating systems, identification of users, encryption, and access control packages. Administrative measures include personnel, physical security of the computing system, and auditing. Also presented is the establishment of a security program. Reviewed are special problems and their solutions, including communications and networks, data base management systems, and statistical data bases. This paper is based on a paper by the author published in The Handbook of Computers and Computing, edited by Arthur H. Seidman and Ivan Flores, Van Nostrand Reinhold Company, Inc., New York (1984).

[1]  Abraham Lempel,et al.  Cryptology in Transition , 1979, CSUR.

[2]  Dorothy E. Denning,et al.  Inference Controls for Statistical Databases , 1983, Computer.

[3]  J. Taber,et al.  A Survey of Computer Crime Studies, 2 Computer L.J. 275 (1980) , 1980 .

[4]  Stephen M. Matyas,et al.  Generation, Distribution, and Installation of Cryptographic Keys , 1978, IBM Syst. J..

[5]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[6]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[7]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[8]  Gerald J. Popek,et al.  Encryption and Secure Computer Networks , 1979, CSUR.

[9]  Jerome H. Saltzer,et al.  Protection and the control of information sharing in multics , 1974, CACM.

[10]  ROBERT P. CAMPBELL,et al.  A modular approach to computer security risk management , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[11]  Jonathan K. Millen,et al.  Verifying Security , 1981, CSUR.

[12]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[13]  Henry M. Gladney Administrative Control of Computing Service , 1978, IBM Syst. J..

[14]  B. D. GOLD,et al.  A security retrofit of VM/370 , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[15]  Donald J. Haderle,et al.  IBM Database 2 Overview , 1984, IBM Syst. J..

[16]  Stephen M. Matyas Digital Signatures - An Overview , 1979, Comput. Networks.

[17]  Roger R. Schell A Security Kernel for a Multiprocessor Microcomputer , 1983, Computer.

[18]  Eduardo B. Fernandez,et al.  Database Security and Integrity , 1981 .

[19]  William S. McPhee Operating System Integrity in OS/VS2 , 1974, IBM Syst. J..

[20]  Morrie Gasser,et al.  Security Kernel Design and Implementation: An Introduction , 1983, Computer.

[21]  Dorothy E. Denning,et al.  Secure statistical databases with random sample queries , 1980, TODS.

[22]  Jan Schlörer,et al.  Security of statistical databases: multidimensional transformation , 1980, TODS.

[23]  Selim G. Aki Digital signatures: A tutorial survey , 1983, Computer.

[24]  H. P Gassmann,et al.  OECD guidelines governing the protection of privacy and transborder flows of personal data , 1981 .

[25]  Peter J. Denning A Scientist's View of Government Control Over Scientific Publication , 1982, IEEE Technology and Society Magazine.

[26]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[27]  Donn B. Parker,et al.  Vulnerabilities of EFTs to intentionally caused losses , 1979, CACM.

[28]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[29]  K. S. Shankar,et al.  Special Feature The Total Computer Security Problem: an Oveview , 1977, Computer.

[30]  Dorothy E. Denning,et al.  Protecting Public Keys and Signature Keys , 1983, Computer.

[31]  Jonathan K. Millen,et al.  Security Kernel validation in practice , 1976, CACM.

[32]  Selim G. Akl,et al.  Digital signature schemes for computer communication networks , 1981, SIGCOMM 1981.

[33]  Samantha Fordyce,et al.  Computer security: A current assessment , 1982, Comput. Secur..

[34]  Stephen M. Matyas,et al.  A Cryptographic Key Management Scheme for Implementing the Data Encryption Standard , 1978, IBM Syst. J..

[35]  Peter J. Denning,et al.  Data Security , 1979, CSUR.

[36]  N HoltRobert,et al.  The Foreign Corrupt Practices Act , 1981 .

[37]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[38]  Love H. Seawright,et al.  VM/370 - A Study of Multiplicity and Usefulness , 1979, IBM Syst. J..

[39]  J. G. Fletcher,et al.  Resource Access Control in a Network Operating System , 1980, ACM Pacific.

[40]  Carl E. Landwehr The Best Available Technologies for Computer Security , 1983, Computer.

[41]  Dan M. Nessett Identifier protection in a distributed operating system , 1982, OPSR.