NCJ Number: 89627
Title: Data Security and Data Processing, Volume 2 - Study Summary
Corporate Author: IBM
Date Published: 1974
Page Count: 30
Sponsoring Agency: IBM
Publication Number: G 320-1371-0
Format: Document
Language: English
Country: United States of America
Annotation: This volume presents summaries of findings from four study sites involved in the IBM data security study intended to gain practical experience with data security in an actual data processing operation.
Abstract: The study sites addressed themselves primarily to that aspect of data security which deals with the computing system's approaches to protecting against potential threats to data. Toward this end, the sites were asked to investigate the economic and procedural effects of using a secure system (State of Illinois), to determine whether and to what extent the degree of data security of a computing system can be measured (TRW Systems), to do research on how a system can best authorize access to data (Massachusetts Institute of Technology), and to gauge the impact on existing operations of the process of converting to a secure system (IBM's Federal Systems Center). The summary of findings from the Illinois study site focuses on the practices of management in achieving privacy and security awareness among personnel, as well as the functional elements of security (legislative considerations, security administration, security and privacy education, and technological requirements and considerations). The summary of findings from the study site at the Massachusetts Institute of Technology considers user requirements reflected in operating system features, data set access control, and user attitudes toward data security. The TRW Systems findings address the definition of secure computer systems, threats and vulnerabilities in computer systems, requirements for secure operating systems, system evaluation, and automated aids for secure systems. The IBM Federal Systems Center study focused on the problems attendant to installing a security system in an already operational environment, and the summary considers security system features and features facilitating installation. The appendixes contain a reader directory of abstracts from the other study volumes and an outline of the videotape education program that reports on the findings of the Illinois study. For other study volumes, see NCJ 89626, 89628-32, and 89655-60.
Index Term(s): Change management; Computer privacy and security; Cost effectiveness analysis; Data security; Evaluation measures; Personnel identification systems; Summaries
To cite this abstract, use the following link: http://www.ncjrs.gov/App/publications/abstract.aspx?ID=89627
. A title search of 
