COMPUTER SECURITY: A Global Challenge



Similar documents
^H 3RD EDITION ITGOVERNANCE A MANAGER'S GUIOE TO OATA SECURITY ANO DS 7799/IS ALAN CALDER STEVE WATKINS. KOGAN PAGE London and Sterling, VA

Computer Security Basics

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press

Risk Analysis and the Security Survey

SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK. A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL

WISCONSIN/MINNESOTA BORDER COUNTY MUTUAL AID AGREEMENT FOR EMERGENCY RESPONSE AND RECOVERY

TABLE OF CONTENTS CHAPTER TITLE PAGE

Network Security: A Practical Approach. Jan L. Harrington

PROCEEDINGS OTTAWA, CANADA CANADIAN COMPUTER SECURITY CONFERENCE 1990 SECOND ANNUAL HOSTED AND ORGANIZED BY MARCH 1990

GFSU Certified Cyber Crime Investigator GFSU-CCCI. Training Partner. Important dates for all batches

CESG Certification of Cyber Security Training Courses

Schneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, p i.

PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA

Data Security at the KOKU

STANDARD CHARTERED PLC

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

E-DISCOVERY IN CANADA

ANALYTICS. Predicting the Economic Value of Your Company's Human Capital Investments AMACQM. American Management Association

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

Engineering. Software. Eric J. Braude. Michael E. Bernstein. Modern Approaches UNIVERSITATSBIBLIOTHEK HANNOVER ' TECHNISCHE INFORM ATIONSBIBLIOTHEK

Computing. Federal Cloud. Service Providers. The Definitive Guide for Cloud. Matthew Metheny ELSEVIER. Syngress is NEWYORK OXFORD PARIS SAN DIEGO

Online Recruiting and Selection

Introduction. Acknowledgments Support & Feedback Preparing for the Exam. Chapter 1 Plan and deploy a server infrastructure 1

BOARD OF EMPLOYEE LEASING COMPANIES TELEPHONE CONFERENCE CALL MEETING MINUTES. WEDNESDAY, NOVEMBER 17, :00 a.m. EST

Network Security. Windows 2012 Server. Securing Your Windows. Infrastructure. Network Systems and. Derrick Rountree. Richard Hicks, Technical Editor

Introduction to Cyber Security / Information Security

STATE OF NORTH CAROLINA

Cambridge. Institutional

Weighted Total Mark. Weighted Exam Mark

Chapter 1. PATRICK BLACKETT (1897)...01 by Maurice W. Kirby, Lancaster University Jonathan Rosenhead, London School of Economics

PRODUCT LIABILITY OF MANUFACTURERS

BOARD OF EMPLOYEE LEASING COMPANIES

CORPORATE SOCIAL RESPONSIBILITY

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

CIMA'S Official Learning System

The Best Lawyers in America 2008

PART A: OVERVIEW INTRODUCTION APPLICABILITY OBJECTIVE...1 PART B: LEGAL PROVISIONS LEGAL PROVISIONS...

HENRY MINTZBERG. Critical Evaluations in Business and Management. Edited by John C. Wood and Michael C. Wood. Volume I. Routledge

Tim Bovles WILEY. Wiley Publishing, Inc.

Course Design Document. IS403: Advanced Information Security and Trust

CRYPTOG NETWORK SECURITY

INCIDENT RESPONSE CHECKLIST

IMPROVEMENT THE PRACTITIONER'S GUIDE TO DATA QUALITY DAVID LOSHIN

Configuration. Management for. Senior Managers. Essential Product Configuration. and Lifecycle Management

SOFTWARE TESTING AS A SERVICE

Greenwich Wealth Management, LLC Investment Adviser Business Continuity Plan

Policy Title: HIPAA Security Awareness and Training

Integrity 10. Curriculum Guide

1. Who can use Agent Portal? 2. What is the definition of an active agent? 3. How to access Agent portal? 4. How to login?

STATE OF NORTH CAROLINA

шли Information Visualization in Data Mining and Knowledge Discovery Edited by digimine, Inc. University of Massachusetts, Lowell

Mental Health Declaration for Europe

SHARED ASSESSMENTS PROGRAM STANDARD INFORMATION GATHERING (SIG) QUESTIONNAIRE 2014 MAPPING TO OCC GUIDANCE ( ) ON THIRD PARTY RELATIONSHIPS

Declaration to be submitted by directors in the Applicant Company 1

Stratex International Plc ('Stratex' or 'the Company') Holdings in Company

Network & Information Security Policy

MS Information Security (MSIS)

We request that you complete the Expense Factor Required Form and return it to us no later than September 29, 2014.

Eleventh Hour Security+

CHIS, Inc. Privacy General Guidelines

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Customer Relationship Management

BIBLIOGRAPHY OF CONGRESS 2013

Final report SA-R of the AB S.A. company for the financial year 2009/2010. covering the period from to

STATE UNIVERSITY OF NEW YORK COLLEGE OF TECHNOLOGY CANTON, NEW YORK COURSE OUTLINE EADM 220 DISASTER MANAGEMENT AND PREPAREDNESS

14. Privacy Policies Introduction

External Supplier Control Requirements

STATE UNIVERSITY OF NEW YORK COLLEGE OF TECHNOLOGY CANTON, NEW YORK COURSE OUTLINE JUST 201 CRITICAL ISSUES IN CRIMINAL JUSTICE

STATE UNIVERSITY OF NEW YORK COLLEGE OF TECHNOLOGY CANTON, NEW YORK COURSE OUTLINE EADM 400 INCIDENT COMMAND: SYSTEM COORDINATION AND ASSESSMENT

HSBC Holdings plc. Overseas Regulatory Announcement

Best Lawyers. Stewart McKelvey. Fredericton Allison McCarthy (2012) Banking and Finance Law Corporate Law Frederick McElman QC (2012)

Securing SQL Server. Protecting Your Database from. Second Edition. Attackers. Denny Cherry. Michael Cross. Technical Editor ELSEVIER

CONSUMER PRIVACY AND DATA PROTECTION

Contents. Foreword. Acknowledgments

OECD SERIES ON PRINCIPLES OF GOOD LABORATORY PRACTICE AND COMPLIANCE MONITORING NUMBER 10 GLP CONSENSUS DOCUMENT

RYERSON UNIVERSITY Ted Rogers School of Information Technology Management And G. Raymond Chang School of Continuing Education

I. The Role of the Board of Directors II. Director Qualifications III. Director Independence IV. Director Service on Other Public Company Boards

Executive's Guide to

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

SECURITY AND QUALITY OF SERVICE IN AD HOC WIRELESS NETWORKS

BIOTECHNOLOGY OPERATIONS

MEDIA RELEASE. IOSCO reports on business continuity plans for trading venues and intermediaries

Metrics and Methods for Security Risk Management

Security for Computer Networks

Contents. xvii. Preface. xxi. Foreword. 1 Introduction 1. Preamble 1. Scope and Structure of the Book 3. Acknowledgments 4 Endnotes 5

Security from a customer s perspective. Halogen s approach to security

Certified Paralegal Examination Suggested Study References

Expert Oracle Application. Express Security. Scott Spendolini. Apress"

Transcription:

COMPUTER SECURITY: A Global Challenge Proceedings of the Second IFIP International Conference on Computer Security, IFIP/Sec'84 Toronto, Ontario, Canada, 10-12 September, 1984 edited by James H. FINCH Cerberus Computer Security Inc. Canada and E. Graham DOUGALL Comshare Ltd. Canada UNIVERSITATSBIBLIOTHEK HANNOVER TECHNISCHE INFORMATIONSBIBLIOTHEK 1984 NORTH-HOLLAND AMSTERDAM. NEW YORK. OXFORD

0 TABLE OF CONTENTS Preface Acknowledgements Editors' Notes Introduction Program Chairman's Address vii viii ix xv xvii KEYNOTE SPEAKER Professional Responsibility for Information Privacy Isaac L. Auerbach (U.S.A.) INVITED SPEAKERS The Use of Digital Signatures in Banking Donald W. Davies (U.K.) 13 What about your Legal Parachute when your Data Security Crashes? Jan Freese (Sweden) 23 Equity in Access to Information Calvin C. Gotlieb (Canada) 29 Beyond War: Implications for Computer Security and Encryption Martin E. Hellman (U.S.A.) 41 Some Legal Aspects of Computer Security Susan H. Nycum (U.S.A.) 49 The Future of Trusted Computer Systems Roger R. Schell (U.S.A.) 55 Security Guidelines for the Management of Personal Computing Systems Dennis D. Steinauer (U.S.A.) 69 ACCEPTED PAPERS SECURITY MANAGEMENT Safeguards Selection Principles Donn B.Parker (U.S.A.) 83

Table of Contents xi Problem Definition : An Essential Prerequisite to the Implementation of Security Measures Robert H. Courtney, Jr. and Mary Anne Todd (U.S.A.) 97 Security and Productivity Edwin M. Jaehne (U.S.A.) 107 ACCESS CONTROL A Proposal for an Automated Logical Access Control Standard Charles R. Symons (U.K.) and James A. Schweitzer (U.S.A.) 115 Computer System Access Control Using Passwords R. Leonard Brown (U.S.A.) 129 Computer Viruses Fred Cohen (U.S.A.) 143 Selection Process for Security Packages JanH.P. Eloff (R.S.A.) 159 Incorporating Access Control in Forms Systems Gee Kin Yeo (Singapore) 169 Characteristics of Good One-Way Encryption Functions for Passwords Some Rules for Creators and Evaluators Viiveke Flk (Sweden) 189 OPERATING SYSTEMS SECURITY A Topology for Secure MVS Systems Ronald Paans and I.S. Herschberg (The Netherlands) 195 Measuring Computer System Security Using Software Security Metrics Gerald E. Murine and C.L. (Skip) Carpenter, Jr. (U.S.A.) 207 Formal Verification Its Purpose and Practice David A. Bonyun (Canada) 217 An Overview of Multics Security Benson I. Margulies (U.S.A.) 225 DATA BASE SECURITY Some Security Aspects of Decision Support Systems Daniel I. Lavrence (Canada) 239 The Integrity Lock Support Environment Richard D. Graubart and Steve Kramer (U.S.A.) 249

xii Table of Contents EDP AUDITING Integrity Analysis - A Methodology for EDP Audit and Data Quality Assurance Maija I. Svanks (Canada) 271 Retrofitting the EDP Auditor - EDP Security Skill Needs and Requirements Robert R. Moeller (U.S.A.) 283 RISK ANALYSIS Towards an Expert System for Computer-Facility Certification John M. Carroll and W.R. Mac Iver (Canada) 293 A Composite Cost/Benefit/Risk Analysis Methodology John Miguel (U.S.A.) 307 The SBA Method - A Method for Testing Vulnerability Rabbe Wrede (Sweden) 313 An Automated Method for Assessing the Effectiveness of Computer Security Safeguards Suzanne T. Smith and Judy J. Lim (U.S.A.) 321 PHYSICAL SECURITY Security Threats and Planning of Computer Centers Antero Mustonen (Finland) 331 Data Processing Security and Terrorism How to Safely Pass Through the Plumb Years and Inherit a Trade Union Problem: The Italian Experience Eugenio Orlandi (Italy) 377 CONTINGENCY PLANNING General Electric An Approach to Disaster Recovery Douglas D. Walker (U.S.A.) 387 Industrial Relations and Contingency Planning J.F. Donovan (Eire) 401 COMPUTER CRIME The Programmer's Threat: Cases and Causes I.S. Herschberg and Ronald Paans (The Netherlands) 409

Table of Contents xiii Introduction to Computer Crime Jay Bloombecker (U.S.A.) 423 Deviancy by Bits and Bytes: Computer Abusers and Control Measures Detman W. Straub Jr. and Cathy Spatz Widon (U.S.A.) 431 Characteristics of the Computer Environment that Provide Opportunities for Crime James E. Miller (U.S.A.) 443 COMMUNICATIONS AND NETWORK SECURITY EFT - Systems and Security, Practical Co-Operation between Banks in Finland Lars Arnkil and Juhani Saari (Finland) 451 Security and Privacy in Cellular Telephone Systems Roy Masrani and Thomas P. Keenan (Canada) 457 OFFICE INFORMATION SECURITY Access Control Models and Office Structures Giorgio Montini and Franco Sirovich (Italy) 473 Security Management in Office Information Systems Mariagrazia Fugini and Giancarlo Martella (Italy) 487 MICRO, SMALL SYSTEMS AND PERSONAL COMPUTER SECURITY Security Considerations in the Small Systems Environment Hal B. Becker (U.S.A.) 501 Data Protection in a Microcomputer Environment Harold J. Highland (U.S.A.) 517 Cause-and-Effect Model for Personal Computers Leroy A. Wickstrom (U.S.A.) 533 The Software Sieve Michael H. Darling (U.S.A.) 539 ENCRYPTION An Application of the Chinese Remainder Theorem to Multiple-Key Encryption in Data Base Systems Rodney H. Cooper, William Hyslop and Wayne Patterson (Canada) 553

Table of Contents A High Performance Encryption Algorithm W.E. Madryga (Canada) 557 Implementation Issues for Master Key Distribution and Protected Key load Procedures Goran Pagels Fick (Sweden) 571

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information