NCJ Number
98757
Date Published
1984
Length
173 pages
Annotation
This book provides the technical information necessary for making the right decisions on computer information security and physical assets security.
Abstract
A survey of the constituents used in contemporary computer systems provides the background from which safeguards are examined. An overview of hardware focuses on equipment associated with data and information processing or computing activities; a review of software and systems considers operating systems, translators, firmware, applications programs, the information base, system architecture and component technology, and computer users. The discussion of computer security measures begins with procedural security techniques, notably access controls for getting to and using computers; reading, writing, and manipulating files; handling computer-related documentation; tracking personnel behavior; and providing backup and recovery. The chapter on security technology for computer hardware covers access control, information protection, and facilities protection. Consideration of security technology for computer software encompasses access controls, encryption routines, kernelized or partitioned systems, risk analysis packages, comparators, and logging and auditing software. Methods for evaluating the effectiveness of computer security programs are also reviewed. Some of the methods described are electronic data processing auditing, file and transaction monitoring, log examination, password pickup, incident reporting, security tests, and data analysis. Appendixes list technology suppliers and vendor categories. A glossary and index are provided, along with approximately 130 reference listings.