U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Access Control Mechanism for Computing Resources

NCJ Number
79397
Journal
IBM Systems Journal Volume: 14 Issue: 3 Dated: (1975) Pages: 212-228
Author(s)
H M Gladney; E L Worley; J J Myers
Date Published
1975
Length
18 pages
Annotation
The architecture of an access control mechanism for the resources of an OS/360 or VS/370 computer system is presented, and its use for data base security and integrity in a research and engineering environment is described.
Abstract
In the research and engineering enterprise considered (San Jose Laboratory), there is a rapid evolution toward a system in which users can treat the computer facility as a trustworthy repository of their data and users may share data. Use authorization, security (protection against deliberate misuse), and integrity (protection against erroneous modification) are particularly important in such a system. These concerns were addressed by making one addition to the data maintained by the system about itself and by adding a set of utility programs that would modify and act on the contents of such an inventory dataset. The resulting inventory control system may be viewed as a mechanism for controlling and recording access to computing system resources. The inventory control system is also a mechanism that permits the decentralization of authorization by providing a framework with clear lines of authority and responsibility. It is possible to shift the burden of access administration from the computer center installation management to those parts of the organization better qualified to deal with the details and make a specific management decisions. Such decentralization reduces potential security-breeching temptations by computer facility employees. Since introducing the inventory control system in 1972 and experiencing its operation through 1974, there has been no apparent dataset integrity problem caused by the inventory control system itself. The incidence of lost or destroyed data is much improved, and the incidence of errors in new programs has been very low. Implementation objectives are listed, and potential functions for the inventory control system are discussed. Appendixes provide detailed information on the dataset and the inventory control system.