In practice, not all the possible combinations have been implemented, and not all the possibilities would provide useful operational characteristics. Deliberate efforts to penetrate secure systems can either be active or passive. Communication Leakage Points The communications linking the central processor, the switching center and the remote terminals present a potential vulnerability. Resource-sharing systems are those that distribute the resources of a computer system e. Fort George G. Only a few computer systems are currently in operation that attempt to provide service to a broad base of users working with classified information.
Those personnel responsible for performing the manual procedures necessary to provide and maintain on-going service operations of the system. The act of identifying the sensitivity of' defense information by ascertaining the potential level of damage to the interests of the United States were the information to be divulged to an unfriendly foreign agent. The means employed to achieve system security objectives shall be based on any combination of software, hardware, and procedural measures sufficient to assure suitable protection for all classification categories resident in the system. At the other extreme, the agent may actively seek to obtain removable files or to create trap doors that can be exploited at a later date Finally, an agent might be placed in the organization simply to learn about the system and the operation of the installation, and to obtain what pieces of information come his way without any particularly covert attempts on his part at subversion.
Accidental Disclosure. Deliberate efforts to penetrate secure systems can either be active or passive. In the passive mode, the intervener may attempt to monitor the system by tapping into communication lines, or by monitoring compromising emanations.
Charles R. Ware and other sources. However, there is some overlap between the various areas, and when the application of security controls to computer systems raises a new aspect of an old problem, the issue is discussed. Full programming systems Type IV give the user extensive and unrestrained programming capability. Fort George G.
When referring to an aggregation of equipment, together with its management controls and procedures, facility clearance is some- times used. An individual designated by a Responsible Authority as specifically responsible for 1 proper verification of personnel clearances and information-access authorizations; 2 determination of operational system security status including terminals ; 3 surveillance and maintenance of system security; 4 insertion of security parameters into the computing system, as well as general security-related system matters; 5 security assurance. The system should be reliable from a security point of view. The Appendix was first drafted by Arthur A. He may be able to couple several of these programs together for automatic execution in sequence and to insert parameters into the selected programs. The following are members of the Policy Panel: Jerome D.
Therefore, security measures for these elements of the system are not examined in this Report unless there are some unique considerations. System Operators. Roberts formerly, Robert W. In the passive mode, the intervener may attempt to monitor the system by tapping into communication lines, or by monitoring compromising emanations. The system should be auditable. Such symbols are not used to construct an internal machine language program that can subsequently be executed upon command from the user.
First, the security problem is not unique to any one type of computer system or configuration; it applies across the spectrum of computational technology.
However, there is some overlap between the various areas, and when the application of security controls to computer systems raises a new aspect of an old problem, the issue is discussed. Balzer and Mr.
The organizational meeting was held the following month, and thereafter the Panels and the Steering Group met on a regular basis to formulate the recommendations that constitute the body of this Report. Communication Leakage Points The communications linking the central processor, the switching center and the remote terminals present a potential vulnerability.
The problem is that the computer hardware involved is of such complexity that it is easy for a knowledgeable person to incorporate the necessary equipment in such a way as to make detection very difficult. Wholly isolated systems can be physically shielded to eliminate emanations beyond the limits of the secure installation, but with geographically dispersed systems comprehensive shielding is more difficult and expensive. An individual designated as responsible for the overall management of all system resources, both the physical resources of the system and the personnel attached to it. Active Infiltration.