U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Computer Security, the Defense Department, and the Private Sector - A 3-Part Dialogue About Fundamental Objectives and Needs

NCJ Number
99004
Journal
Computer Security Volume: 3 Issue: 1 Dated: (Summer 1984) Pages: 53-60
Author(s)
L D Faurer; R H Courtney
Date Published
1984
Length
7 pages
Annotation
This dialog between a security spokesman for the U.S. Department of Defense (DOD) and a private computer security consultant focuses on a disagreement about DOD computer security priorities in the area of user control.
Abstract
The first paper -- presented by the Director of the National Security Agency (NSA), which is responsible for DOD computer security -- reviews the historical development of the DOD computer security system and delineates the responsibilities of the DOD Computer Security Center, the entity in NSA directly responsible for DOD computer security. The paper states that the DOD is required by executive order to protect sensitive national security data from disclosure to or modification by unauthorized individuals. The paper by the private security consultant notes that the security center's definition of a secure computer system focuses on thwarting unauthorized persons from accessing DOD computers, but neglects the control of authorized persons who may misuse their authority to the detriment of national security. In the third paper, a DOD spokesperson responds to the consultant's concern by stating that DOD is concerned for the 'accountability of actions taken by authorized persons.' An editorial comment following this DOD response argues that such accountability refers only to the identification and authentication of the prospective user, not to what the user does after access has been obtained.

Downloads

No download available

Availability