|
The Protection Of Information In Computer Systems
''The Protection of Information in Computer Systems'' is a 1975 seminal publication by Jerome Saltzer and Michael Schroeder about information security. The paper emphasized that the primary concern of security measures should be the information on computers and not the computers itself. It was published 10 years prior to Trusted Computer System Evaluation Criteria, commonly known as the Orange Book. Design principles The following design principles are laid out in the paper: * KISS principle, Economy of mechanism: Keep the design as simple and small as possible. * Fail-safe, Fail-safe defaults: Base access decisions on permission rather than exclusion. * Complete mediation: Every access to every object must be checked for authority. * Kerckhoffs's principle, Open design: The design should not be secret. * Privilege separation, Separation of privilege: Where feasible, a protection mechanism that requires two keys to unlock it is more robust and flexible than one that allows acces ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Jerome Saltzer
Jerome Howard "Jerry" Saltzer (born October 9, 1939) is an American computer scientist. Career Jerry Saltzer received an ScD in Electrical Engineering from Massachusetts Institute of Technology, MIT in 1966. His dissertation '''Traffic Control in a Multiplexed System was advised by Fernando Corbató. In 1966, he joined the faculty of the Department of Electrical Engineering and Computer Science at MIT. One of Saltzer's earliest involvements with computers was with MIT's Compatible Time-Sharing System in the early 1960s. In the later 1960s and early 1970s, he was one of the team leaders of the Multics operating system project. Multics, though not particularly commercially successful in itself, has had a major impact on all subsequent operating systems; in particular, it was an inspiration for Ken Thompson (computer programmer), Ken Thompson to develop Unix. Saltzer's contributions to Multics included the now-standard kernel stack switching method of process switching, as well as ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Fail-safe
In engineering, a fail-safe is a design feature or practice that, in the event of a failure causes, failure of the design feature, inherently responds in a way that will cause minimal or no harm to other equipment, to the environment or to people. Unlike inherent safety to a particular hazard, a system being "fail-safe" does not mean that failure is naturally inconsequential, but rather that the system's design prevents or mitigates unsafe consequences of the system's failure. If and when a "fail-safe" system fails, it remains at least as safe as it was before the failure. Since many types of failure are possible, failure mode and effects analysis is used to examine failure situations and recommend safety design and procedures. Some systems can never be made fail-safe, as continuous availability is needed. Redundancy (engineering), Redundancy, fault tolerance, or contingency plans are used for these situations (e.g. multiple independently controlled and fuel-fed engines). Examples ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Security Software
Computer security software or cybersecurity software is any computer program designed to influence information security. This is often taken in the context of defending computer systems or data, yet can incorporate programs designed specifically for subverting computer systems due to their significant overlap, and the adage that the best defense is a good offense. The defense of computers against intrusion and unauthorized use of resources is called ''computer security''. Similarly, the defense of computer networks is called '' network security''. The subversion of computers or their unauthorized use is referred to using the terms ''cyberwarfare'', ''cybercrime'', or '' security hacking'' (later shortened to ''hacking'' for further references in this article due to issues with ''hacker'', ''hacker culture'' and differences in white/grey/black 'hat' color identification). The computer security software products industry was launched in the second half of the 1970s when computer f ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Symposium On Operating Systems Principles
In Ancient Greece, the symposium (, ''sympósion'', from συμπίνειν, ''sympínein'', 'to drink together') was the part of a banquet that took place after the meal, when drinking for pleasure was accompanied by music, dancing, recitals, or conversation.Peter Garnsey, ''Food and Society in Classical Antiquity'' (Cambridge University Press, 1999), p. 13online Sara Elise Phang, ''Roman Military Service: Ideologies of Discipline in the Late Republic and Early Principate'' (Cambridge University Press, 2008), pp. 263–264. Literary works that describe or take place at a symposium include two Socratic dialogues, Plato's ''Symposium (Plato), Symposium'' and Xenophon's ''Symposium (Xenophon), Symposium'', as well as a number of ancient Greek literature, Greek poems, such as the elegiac couplet, elegies of Theognis of Megara. Symposia are depicted in Ancient Greek art, Greek and Etruscan art that shows similar scenes. In modern usage, it has come to mean an academic conference or m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (International Organization for Standardization, ISO/International Electrotechnical Commission, IEC 15408) for computer security certification. It is currently in version 3.1 revision 5. Common Criteria is a framework in which computer system users can ''specify'' their security ''functional'' and ''assurance'' requirements (SFRs and SARs, respectively) in a Security Target (ST), and may be taken from Protection Profiles (PPs). Vendors can then ''implement'' or make claims about the security attributes of their products, and testing laboratories can ''evaluate'' the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Least Privilege
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user, or a program, depending on the subject) must be able to access only the information and resources that are necessary for its legitimate purpose. Details The principle means giving any user accounts or processes only those privileges which are essentially vital to perform its intended functions. For example, a user account for the sole purpose of creating backups does not need to install software: hence, it has rights only to run backup and backup-related applications. Any other privileges, such as installing new software, are blocked. The principle applies also to a personal computer user who usually does work in a normal user account, and opens a privileged, passw ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Privilege Separation
Privilege may refer to: Arts and entertainment * Privilege (film), ''Privilege'' (film), a 1967 film directed by Peter Watkins * Privilege (Ivor Cutler album), ''Privilege'' (Ivor Cutler album), 1983 * Privilege (Television Personalities album), ''Privilege'' (Television Personalities album), 1990 * ''Privilege (Abridged)'', an album by Parenthetical Girls, 2013 * "Privilege (Set Me Free)", a 1978 song by the Patti Smith Group * Privilege (Law & Order: Criminal Intent), "Privilege" (''Law & Order: Criminal Intent''), a television episode * "Privilege", a short story by Frederick Forsyth included in the collection ''No Comebacks'' * "Privilege", a song by Kevin Federline from the album Playing with Fire (Kevin Federline album), ''Playing with Fire'' (Kevin Federline album) Business * Privilege (insurance company), a division of the Royal Bank of Scotland * Privilege Ibiza, a nightclub in Ibiza, Spain * Privilege Style, a Spanish charter airline * Printing privilege, a precursor ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Kerckhoffs's Principle
Kerckhoffs's principle (also called Kerckhoffs's desideratum, assumption, axiom, doctrine or law) of cryptography was stated by the Dutch cryptographer Auguste Kerckhoffs in the 19th century. The principle holds that a cryptosystem should be secure, even if everything about the system, except the key, is public knowledge. This concept is widely embraced by cryptographers, in contrast to security through obscurity, which is not. Kerckhoffs's principle was phrased by the American mathematician Claude Shannon as "the enemy knows the system", i.e., "one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them". In that form, it is called Shannon's maxim. Another formulation by American researcher and professor Steven M. Bellovin is: In other words—design your system assuming that your opponents know it in detail. (A former official at NSA's National Computer Security Center told me that the standard assumption there was that ser ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
KISS Principle
KISS, an acronym for "Keep it simple, stupid!", is a design principle first noted by the U.S. Navy in 1960. First seen partly in American English by at least 1938, KISS implies that simplicity should be a design goal. The phrase has been associated with aircraft engineer Kelly Johnson (engineer), Kelly Johnson. The term "KISS principle" was in popular use by 1970. Variations on the phrase (usually as some euphemism for the more churlish "stupid") include "keep it super simple", "keep it simple, silly", "keep it short and simple", "keep it short and sweet", "keep it simple and straightforward", "keep it small and simple", "keep it simple, soldier", "keep it simple, sailor", "keep it simple, sweetie", "keep it stupidly simple", or "keep it sweet and simple". Origin The acronym was reportedly coined by Kelly Johnson (engineer), Kelly Johnson, lead engineer at the Lockheed Martin, Lockheed Skunk Works (creators of the Lockheed U-2 and SR-71 Blackbird spy planes, among many others). How ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Michael Schroeder
Michael David Schroeder (born 1945) is an American computer scientist. His areas of research include computer security, distributed systems, and operating systems, and he is perhaps best known as the co-inventor of the Needham–Schroeder protocol. In 2001 he co-founded the Microsoft Research Silicon Valley lab and was the assistant managing director until the lab was disbanded in 2014. Early life and career Schroeder was born in 1945 in Richland, Washington. He did his undergraduate work at Washington State University and went to graduate school at MIT, obtaining his PhD in 1972. Starting in 1976 he has been on the MIT EECS department faculty, at Xerox PARC, and at the DEC Systems Research Center. At MIT he was involved with Multics, where his contributions included a seminal work on security architecture for shared information systems. In 1977 Schroeder and Roger Needham designed a new (unclassified) computer network protocol for distributed authentication server using a K ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pearson Education
Pearson Education, known since 2011 as simply Pearson, is the educational publishing and services subsidiary of the international corporation Pearson plc. The subsidiary was formed in 1998, when Pearson plc acquired Simon & Schuster's educational business and combined it with Pearson's existing education company Addison-Wesley Longman. Pearson Education was restyled as simply Pearson in 2011. In 2016, the diversified parent corporation Pearson plc rebranded to focus entirely on education publishing and services; further, as of 2023, Pearson Education is Pearson plc's main subsidiary. In 2019, Pearson Education began phasing out the prominence of its hard-copy textbooks in favor of digital textbooks, which cost the company far less, and can be updated frequently and easily. As of 2023, Pearson Education has testing/teaching centers in over 55 countries worldwide; the UK and the U.S. have the most centers. The headquarters of parent company Pearson plc are in London, England. P ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Computer System Evaluation Criteria
Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCSEC was used to evaluate, classify, and select computer systems being considered for the processing, storage, and retrieval of sensitive or classified information. The TCSEC, frequently referred to as the Orange Book, is the centerpiece of the DoD ''Rainbow Series'' publications. Initially issued in 1983 by the National Computer Security Center (NCSC), an arm of the National Security Agency, and then updated in 1985, TCSEC was eventually replaced by the Common Criteria international standard, originally published in 2005. History By the late 1960s, government agencies, like other computer users, had gone far in the transition from batch processing to multiuser and time-sharing systems. The US Department of Defense (DoD) Advanced Resear ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
