U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

State of Practice of Computer Security (From Data Security and Data Processing, Volume 4, P 163-178, 1974 - See NCJ-89630)

NCJ Number
89631
Author(s)
G N Smith
Date Published
1974
Length
15 pages
Annotation
A certifiably secure computer system requires that the system have high integrity and an uncompromisable access control mechanism, with integrity being a prerequisite for access control.
Abstract
A system has integrity when its behavior is predictable and meaningful. Data integrity is ensured when only valid data can be entered into the computer and inconsistencies are prevented. At the present state-of-the-art, extensive data integrity is not common and is usually situation specific. System integrity exists when the system will do what it is expected to do and the various parts of the system behave as specified irrespective of the environment in which they operate. To facilitate the system's behaving as expected, it is common practice to modularize the system's subtasks. Structuring can be used to obtain a well-defined, limited set of interfaces between modules. Consistency of operation in varying environments can be enhanced through a well-structured system design, which is being achieved by multiple-state machines. System access control involves limiting access to the system as a whole through the log-in procedure. The standard approach has been to supply each user with a unique password. The trend in this area appears to be towards the use of a hand- or voice-print identification. An exhibit summarizes the various security techniques in general use and indicates examples of systems that use these techniques. Twelve references are included.

Downloads

No download available

Availability