Data Security

The rising abuse of computers and increasing threat to personal privacy through data banks have stimulated much interest in the technical safeguards for data. There are four kinds of safeguards, each related to but distinct from the others. Access controls regulate which users may enter the system and subsequently which data sets an active user may read or write. Flow controls regulate the dissemination of values among the data sets accessible to a user. Inference controls protect statistical databases by preventing questioners from deducing confidential information by posing carefully designed sequences of statistical queries and correlating the responses. Statistical data banks are much less secure than most people believe. Data encryption attempts to prevent unauthorized disclosure of confidential information in transit or in storage. This paper describes the general nature of controls of each type, the kinds of problems they can and cannot solve, and their inherent limitations and weaknesses. The paper is intended for a general audience with little background in the area.

[1]  Whitfield Diffie,et al.  Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard , 1977, Computer.

[2]  Jeffrey S. Fenton Memoryless Subsystems , 1974, Comput. J..

[3]  David K. Hsiao,et al.  Full protection specifications in the semantic model for database protection languages , 1976, ACM '76.

[4]  Gustavus J. Simmons,et al.  Symmetric and Asymmetric Encryption , 1979, CSUR.

[5]  R. Stockton Gaines,et al.  Some security principles and their application to computer security , 1978, OPSR.

[6]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[7]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[8]  Ronald Fagin,et al.  On an authorization mechanism , 1978, TODS.

[9]  Alan G. Konheim,et al.  CRYPTOGRAPHIC METHODS FOR DATA PROTECTION , 1979 .

[10]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[11]  K. S. Shankar,et al.  Special Feature The Total Computer Security Problem: an Oveview , 1977, Computer.

[12]  Clark Weissman,et al.  Security controls in the ADEPT-50 time-sharing system , 1899, AFIPS '69 (Fall).

[13]  Willis H. Ware,et al.  Privacy and Security Issues in Information Systems , 1976, IEEE Transactions on Computers.

[14]  Ellis S. Cohen Information transmission in computational systems , 1977, SOSP '77.

[15]  Elliott Irving Organick,et al.  Computer system organization: The B5700/B6700 series (ACM monograph series) , 1973 .

[16]  Jerome H. Saltzer,et al.  On digital signatures , 1978, OPSR.

[17]  Glenford J. Myers Advances in computer architecture , 1978 .

[18]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.

[19]  Roger M. Needham,et al.  The Cambridge CAP computer and its protection system , 1977, SOSP '77.

[20]  Gerald J. Popek,et al.  Design Issues for Secure Computer Networks , 1978, Operating Systems.

[21]  Norman R. Nielsen,et al.  Effective safeguards for computer system integrity , 1976, AFIPS '76.

[22]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[23]  Richard J. Lipton,et al.  Even Data Bases That Lie Can Be Compromised , 1978, IEEE Transactions on Software Engineering.

[24]  Michael Stonebraker,et al.  Access control in a relational data base management system by query modification , 1974, ACM '74.

[25]  Stephen M. Matyas,et al.  Generation, Distribution, and Installation of Cryptographic Keys , 1978, IBM Syst. J..

[26]  Edwin Weiss,et al.  A user authentication scheme not requiring secrecy in the computer , 1974, Commun. ACM.

[27]  Andrew B. Whinston,et al.  A transformational grammar-based query processor for access control in a planning system , 1977, TODS.

[28]  David K. Hsiao,et al.  Privacy and Security of Data Communications and Data Bases , 1978, VLDB.

[29]  Jorge Nuno Silva,et al.  Mathematical Games , 1959, Nature.

[30]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[31]  Dorothy E. Denning Secure personal computing in an insecure network , 1979, CACM.

[32]  Richard E. Lennon Cryptography Architecture for Information Security , 1978, IBM Syst. J..

[33]  Peter J. Denning,et al.  Fault Tolerant Operating Systems , 1976, CSUR.

[34]  K. J. Biba,et al.  Structured specification of a Security Kernel , 1975, Reliable Software.

[35]  Abraham Lempel,et al.  Cryptology in Transition , 1979, CSUR.

[36]  Gregory R. Andrews,et al.  Certifying information flow properties of programs: an axiomatic approach , 1979, POPL '79.

[37]  Lance J. Hoffman,et al.  Modern methods for computer security and privacy , 1973 .

[38]  Martin E. Hellman,et al.  Hiding information and signatures in trapdoor knapsacks , 1978, IEEE Trans. Inf. Theory.

[39]  Jerome H. Saltzer,et al.  A hardware architecture for implementing protection rings , 1972, CACM.

[40]  Gerald J. Popek,et al.  Issues in Kernel Design , 1978, Advanced Course: Operating Systems.

[41]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[42]  James O. Achugbue,et al.  OUTPUT PERTURBATION FOR PROTECTION OF STATISTICAL DATA BASES. , 1978 .

[43]  Gerald J. Popek,et al.  A model for verification of data security in operating systems , 1978, CACM.

[44]  James P. Anderson,et al.  Information Security in a Multi-User Computer Environment , 1972, Adv. Comput..

[45]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[46]  Theodore A. Linden Operating System Structures to Support Security and Reliable Software , 1976, CSUR.

[47]  Stephen M. Matyas,et al.  A Cryptographic Key Management Scheme for Implementing the Data Encryption Standard , 1978, IBM Syst. J..

[48]  Maurice V. Wilkes,et al.  Time-sharing computer systems , 1968 .

[49]  Richard R. Linde,et al.  The ADEPT-50 time-sharing system , 1969, AFIPS '69 (Fall).

[50]  David Jefferson,et al.  Protection in the Hydra Operating System , 1975, SOSP.

[51]  Jerome H. Saltzer,et al.  The Multics kernel design project , 1977, SOSP '77.

[52]  Peter J. Denning,et al.  Protection: principles and practice , 1972, AFIPS '72 (Spring).

[53]  Peter J. Denning,et al.  Third Generation Computer Systems , 1971, CSUR.

[54]  Steven B. Lipner,et al.  A comment on the confinement problem , 1975, SOSP.

[55]  Gerald J. Popek,et al.  Protection structures , 1974, Computer.

[56]  Lawrence Snyder On the synthesis and analysis of protection systems , 1977, SOSP '77.

[57]  Edward F. Gehringer,et al.  Functionality and performance in capability-based operating systems. , 1979 .

[58]  K. J. Biba,et al.  Structured specification of a Security Kernel , 1975 .

[59]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[60]  Michael A. Baker,et al.  Databanks in a free society , 1973, CSOC.

[61]  Robert F. Boruch,et al.  Confidentiality-Preserving Modes of Access To Files and To Interfile Exchange for Useful Statistical Analysis , 1977 .

[62]  William L. Maxwell,et al.  On the implementation of security measures in information systems , 1972, CACM.

[63]  J. Schlörer Identification and Retrieval of Personal Records from a Statistical Data Bank , 1975, Methods of Information in Medicine.

[64]  Jan Schlörer,et al.  Security of statistical databases: multidimensional transformation , 1980, TODS.

[65]  Jonathan K. Millen,et al.  Security Kernel validation in practice , 1976, CACM.

[66]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[67]  Robert F. Boruch,et al.  Maintaining confidentiality on data in educational research: A systemic analysis. , 1971 .

[68]  Robert S. Fabry,et al.  Capability-based addressing , 1974, CACM.

[69]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[70]  Clement T. Yu,et al.  A study on the protection of statistical data bases , 1977, SIGMOD '77.

[71]  Peter J. Denning,et al.  Linear queries in statistical databases , 1979, ACM Trans. Database Syst..

[72]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[73]  Elliott I. Organick,et al.  The multics system: an examination of its structure , 1972 .

[74]  Morris H. Hansen,et al.  Insuring confidentiality of individual records in data storage and retrieval for statistical purposes , 1899, AFIPS '71 (Fall).

[75]  Barbara Liskov,et al.  A Language Extension for Controlling Access to Shared Data , 1976, IEEE Transactions on Software Engineering.