skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 134920 Find in a Library
Title: Locking Up Open Systems
Journal: Security Management  Dated:(February 1992)  Pages:42,44-46
Author(s): P Crawford
Date Published: 1992
Page Count: 4
Type: Survey
Format: Article
Language: English
Country: United States of America
Annotation: Security, privacy, and integrity are related terms that refer to the policies and mechanisms that protect computer systems from outside intruders. A total computer security policy must balance the need-to-know requirements of the user with the sensitivity of the information he is allowed to access.
Abstract: Multilevel security systems working within the framework of a total policy can provide more secure and cost-effective methods of managing information. The multilevel security mode of operation increases flexibility and offers significant cost benefits. Computer security managers need to consider the goals of their organization, the value of the company's information assets, the vulnerabilities of their current system or network, the physical environment in which their system operates, their visitor and personnel screening process, and the potential costs of a security breach. Before determining what their specific needs are, managers must understand some basic terms including least privilege, discretionary access, labeling, mandatory access, accountability, assurance, integrity, and encryption. Beneficial techniques for a computer security program recommended by the author include limiting terminal access, auditing, and limiting log-on attempts.
Main Term(s): Computer facility security; Security management
Index Term(s): Computer privacy and security
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=134920

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.