jump to navigation

Security Concerns and Solutions August 5, 2013

Posted by Marquette MS Computing in Security.
trackback

In the professional seminar we will be posting observations about operating system, application, and web security as well prevention techniques and cryptography.Edit

Advertisements

Comments»

1. Marybeth Mogensen - September 13, 2013

The use of a computer by multiple users is what this article,
“The Protection of Information in Computer Systems”, focused on. Methods have always been needed to ensure that the computer system implements the correct authority structure for those applications in which the users do not have the same permissions. The article identifies potential security violations in three categories. These categories included unauthorized information release, unauthorized information modification, and unauthorized denial of service (an intruder prevents an authorized user from referring to or modifying information). This paper concentrates on protection and authentication mechanisms and it listed some ways of protecting systems. These mechanisms included the labeling of files with lists of authorized users, and verifying the identity of a prospective user by demanding a password. Putting a label on a file, with a list of authorized users, might be an open invitation for someone looking for a file to gain access to. If a file has the top management listed as the only ones with access to it, this file may be targeted by someone looking for information to steal. With the development of password cracking software, passwords are a weak way to protect unauthorized use and stronger methods are needed in today’s world.
Computer protection mechanisms, which control access to information by executing programs, were also a focal point of the article. The four levels of functional goals for a protection system were identified as all-or-nothing systems, controlled sharing, user-programmed sharing controls, and putting strings on information. At all of these levels, the requirements for dealing with changes to gaining authorization for access were all a large impediment. Authentication mechanisms (systems that verify a user’s identity) have greatly improved with advances in technology, though.

Reference
[1] Saltzer, Jerome and Schroeder, Michael D.” The Protection of Information in Computer Systems”. Sept. 1975; 1278 – 1308. Available from: Proceedings of the IEEE (Volume:63 , Issue: 9 )

.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: