- Email: [email protected]
Processing encrypted data
Computers and Security, Vol. 7, No. 1
Europe had provided system manuals to the hackers. Government
Computer News, October 9, 1987, p. 4.
"Never Mind!" Businesses Cool Off on Site License Issue, Ed Scannell The once-bright prospect of making unlimited copies of software programs for a one-time fee has been dulled by the realities of administering and supporting these site licensing agreements. Overhead is one problem. It is also difficult to convince management to commit a large sum to a small vendor; Lotus, Microsoft and Ashton-Tate have no such plan. Another stumbling block to site licensing is the lengthy legal process that precedes such agreements. One option that interests some large user organizations is a license that allows them to download copies of micro programs from mainframes. Computerworld, Septem-
ber21, 1987, pp. I, 148.
Processing Encrypted Data, Niv Ahituv, Yeheskel Lapid, and Seev Neumann A severe problem in the processing of encrypted data is that very often, in order to perform arithmetic operations on the data, one has to convert the data back to its nonencrypted origin before performing the required operations. This article addresses the issue of processing while the data are in encrypted mode. It develops a new approach for encryption models that can facilitate the processing of such data. The advantages of this approach are reviewed and a basic algorithm is developed to prove the feasibility of
the approach. Communications of the ACM, September 1987, pp. 777-780.
Tactical Planning for Data Security Management, Sandra M. Mann Lambert. Resolving the complex problems facing the data security administrator requires an approach that cuts across an organization's functional and organizational lines at all levels of management. This article discusses such an approach and presents managerial and operational tactics for effectively managing the data security function.
Auerbach Data Security Ma,agement, September-October I987, 92-01-40.
Public Policy and Internal Privacy Codes, Tom Riley Advances in computer technology have created new problems concerning information privacy that legislators have only begun to address. The easy accessibility of information provided by microcomputers makes it possible for false, erroneous, and misleading information to be distributed to virtually anyone with a computer or access to one. This article presents a definition of privacy; discusses the threats to individuals' privacy; and explains how organizations, as well as individuals, can benefit from internal privacy codes. Auerbach
Data Security Management, September-October 1987, 82-04-05.
notes that an example of the failure of the Erie audit profession to take the initiative is the issue of computer hacking and its ramifications on society. The problems have been used as a basis for justifying the existence of the EDe audit function but the problem of hacking deserves serious study. Another example is the Australia card. The implementation of a national identity card raises social questions, such as its use to undertake computer matching and the prevention o f abuse of such an identification system. Edpacs, August
1987, pp. I-6.
When the Password is a Passkey, Peter H. Lewis Specialists in computer security say that for every well-publicized case of teenage hackers breaking into computers, there are probably 99 cases of employees breaking into their own company computers for fraudulent, criminal or simply mischievous purposes. Passwords are the secret keys that allow access to computers. Passwords can be simple, or arcane and complex. The best ones are hardest to guess but the hardest to remember. The longer a password has been operational, the more likely it has been compromised. By changing passwords often and stressing the importance of password security to employees, companies can take a small step toward computer security. The New York Times, September
27, I987, Sec. 3, p. 12.
Has EDP Audit Progressed in the Last 15 Years?, Ron Weber In a discussion of whether EDP auditing has made "real" progress over the last 15 years, the author
Report Says Computers Spy on 7 million Workers in us Computers that can monitor rest breaks and productivity are keeping
103
Europe had provided system manuals to the hackers. Government
Computer News, October 9, 1987, p. 4.
"Never Mind!" Businesses Cool Off on Site License Issue, Ed Scannell The once-bright prospect of making unlimited copies of software programs for a one-time fee has been dulled by the realities of administering and supporting these site licensing agreements. Overhead is one problem. It is also difficult to convince management to commit a large sum to a small vendor; Lotus, Microsoft and Ashton-Tate have no such plan. Another stumbling block to site licensing is the lengthy legal process that precedes such agreements. One option that interests some large user organizations is a license that allows them to download copies of micro programs from mainframes. Computerworld, Septem-
ber21, 1987, pp. I, 148.
Processing Encrypted Data, Niv Ahituv, Yeheskel Lapid, and Seev Neumann A severe problem in the processing of encrypted data is that very often, in order to perform arithmetic operations on the data, one has to convert the data back to its nonencrypted origin before performing the required operations. This article addresses the issue of processing while the data are in encrypted mode. It develops a new approach for encryption models that can facilitate the processing of such data. The advantages of this approach are reviewed and a basic algorithm is developed to prove the feasibility of
the approach. Communications of the ACM, September 1987, pp. 777-780.
Tactical Planning for Data Security Management, Sandra M. Mann Lambert. Resolving the complex problems facing the data security administrator requires an approach that cuts across an organization's functional and organizational lines at all levels of management. This article discusses such an approach and presents managerial and operational tactics for effectively managing the data security function.
Auerbach Data Security Ma,agement, September-October I987, 92-01-40.
Public Policy and Internal Privacy Codes, Tom Riley Advances in computer technology have created new problems concerning information privacy that legislators have only begun to address. The easy accessibility of information provided by microcomputers makes it possible for false, erroneous, and misleading information to be distributed to virtually anyone with a computer or access to one. This article presents a definition of privacy; discusses the threats to individuals' privacy; and explains how organizations, as well as individuals, can benefit from internal privacy codes. Auerbach
Data Security Management, September-October 1987, 82-04-05.
notes that an example of the failure of the Erie audit profession to take the initiative is the issue of computer hacking and its ramifications on society. The problems have been used as a basis for justifying the existence of the EDe audit function but the problem of hacking deserves serious study. Another example is the Australia card. The implementation of a national identity card raises social questions, such as its use to undertake computer matching and the prevention o f abuse of such an identification system. Edpacs, August
1987, pp. I-6.
When the Password is a Passkey, Peter H. Lewis Specialists in computer security say that for every well-publicized case of teenage hackers breaking into computers, there are probably 99 cases of employees breaking into their own company computers for fraudulent, criminal or simply mischievous purposes. Passwords are the secret keys that allow access to computers. Passwords can be simple, or arcane and complex. The best ones are hardest to guess but the hardest to remember. The longer a password has been operational, the more likely it has been compromised. By changing passwords often and stressing the importance of password security to employees, companies can take a small step toward computer security. The New York Times, September
27, I987, Sec. 3, p. 12.
Has EDP Audit Progressed in the Last 15 Years?, Ron Weber In a discussion of whether EDP auditing has made "real" progress over the last 15 years, the author
Report Says Computers Spy on 7 million Workers in us Computers that can monitor rest breaks and productivity are keeping
103