By admin No comments

Little prior knowledge is needed to use this long-needed reference. Computer professionals and software engineers will learn how to design secure operating. BUILDING A SECURE COMPUTER SYSTEM Morrie Gasser ACF2 is a trademark of Uccel Crop. AOS is a trademark of Data General Corp. DEC, PDP, VMS. : Building a Secure Computer System () by Morrie Gasser and a great selection of similar New, Used and Collectible Books.

Author: Nijind Tehn
Country: Italy
Language: English (Spanish)
Genre: Video
Published (Last): 3 February 2016
Pages: 376
PDF File Size: 20.45 Mb
ePub File Size: 20.37 Mb
ISBN: 254-1-98870-657-6
Downloads: 69237
Price: Free* [*Free Regsitration Required]
Uploader: Guzuru

Fortunately, techniques to protect against information modification are almost always the gassser as or a subset of techniques to protect against information disclosure. To make this website work, we log user data and share it with processors.

Before the problem of data security became widely publicized in the media, most people s idea.

How easy is it to use? Different indexing techniques has been used and analyzed using. Most mlrrie the techniques for building secure systems, however, also help you build more robust and reliable systems. One misconception fortunately short-lived involved data encryption; that is, encoding information using a password or secret key so that it cannot be deciphered by unauthorized individuals.

Reproducible design steps that are carefully documented make it possible for a third party to objectively judge the efficacy of the builder s use of the technology. This fact is consistently borne out in the technical measures we will discuss.


First, repeated entry of the password greatly increases the risk that someone will be looking over the user s shoulder when the password is entered. External controls can be divided buklding three classes: Security Flaws in Public Servers.


If one of your users accesses your system via a modem on a personal computer, how do you ensure that the personal computer has not been penetrated by an outsider via that modem? This discussion is based primarily More information. Not able to commit to open-ended support, the government has largely ceased direct funding for secure operating system development, concentrating instead on specific applications and various seed efforts.

Building a Secure Computer System

A few organizations, especially in the military, formed tiger teams to simulate adversaries trying to obtain unauthorized access to information. Cryptography and Network Security Sixth Edition by William Stallings Chapter 1 Overview The combination of space, time, and strength that must be considered as the basic elements of this theory of defense.

From a high-level standpoint, attacks on computer systems and networks can be grouped. As a result, securing a system has traditionally been a battle of wits: While customers may want improved security, they usually have second thoughts when security features adversely affect other, more important features. National Computer Security Center.

Building a Secure Computer System by Gasser, Morrie

Intel,iapx are trademarks of Intel Corp. Gasser has accepted this formidable challenge and has succeeded beyond what even we optimists would expect. Vendors often implement security enhancements in response to specific customer demands. Information security is the subject of this book. We probably cannot change the way the world works, but understanding why it works the way it does can help us avoid the typical pitfalls and choose acceptable security solutions.


The principle originated in ICT. The industry seems resigned to the fact that systems will always have bugs. Many of the topics discussed here will be covered later in more detail. We would be fighting a losing battle, except that security need not be an isolated effort: The password mechanism is an internal control that obviates the need for external controls such as locked terminal rooms.

To sum up, security relates to secrecy first, integrity second, and denial of service a distant third. In addition, some security techniques do address certain denial-of-service problems, especially problems related to data integrity. When one person in the group leaves the company, the password must be changed and the new password manually distributed.

Christina Kormos National Agency Phone: Part I of this book provides an overview of elementary concepts and serves as an introduction to the chapters in parts II and III that will enable you to read only the chapters of interest, without getting lost.

In the rare cases where the techniques differ, that fact will be pointed out explicitly. What is a Secret – and – What does that have to do with Computer Security?

A few vendors have taken steps to help the few security-conscious customers who are willing to invest gassfr additional protection. Messerschmitt Supplementary section for Understanding Networked Applications: