- Email: [email protected]
An introduction to database security
Computers
drive. The Ofice, March 1988, pp. 37, 45.
Make a Plan for PC Disaster Recovery, James F. Yaremko. Personal computer disasters can take many forms. Some common occurrences are hard disk crashes, accidental file deletions, and accidental reformatting of hard disks. Others include down-time associated with damaged PCs, theft of equipment, or damage to files through power-related events. The building blocks of any disaster prevention and recovery plan include: disaster prevention techniques; backup and recovery procedures; acquiring software utilities for reclaiming lost data; plans for addressing equipment failure; proper training of users and program documentation. The Office, March 1988, p . 54# When Trouble Strikes, a UPS Can Save the Data, Michael Puttre. Uninterruptible power
supplies are interruptible and are not power supplies. Power protection is particularly vulnerable to the weak link principle. The UPS box is essentially a current washing machine that launders dirty AC current from the utility into clean AC current acceptable to the computer via batteries. There are two types of UPS units, stand-by and on-line, which are described in the article. The growing popularity of UPS systems is shown by the increasing range of products available. Information WEEK, March 14, 1988,p.
uff.
Reliable Power: Beyond the Big Box, Kenneth Bill. It is a mistake to believe that a big investment in a packaged set of uninterruptible power supply equipment will automatically end a
and Security,
company’s computer down-time problems. The UPS solution offered by a single vendor is not the same as a truly effective UPS “system.” The following considerations are important: (1) A UPS must be conceptualized, engineered, and operated as a total system. (2) An organizational structure must be created that defines both authority and accountability. (3) “Facilities people” may not be sufficiently equipped to deal with the subtle needs pertaining to reliable computer processing. (4) In this complex project, bugs are inevitable. Problems are best found through a process of extensive site testing. Information WEEK, March 14, 1988,p.
40.
TOP SECRET-Concepts and Implementation, Earl W. Jollymore and Robert E. Johnston. Selecting and implementing security software can be expensive, as can administering it, specifically when the security level is unsatisfactory. TOP SECRET is a software product intended to protect resources in many environments, with relatively simple installation and maintenance. The key to its success, however, is planning. This article discusses important considerations and steps for the implementation and ongoing administration of TOP SECRET. It also describes Version 4.1, the most recent version of TOP SECRET. Auerbach Data Security Management, MarchApril 1988, 84-02-07. An introduction to Database Security, A. Faye Borthick. The
growing use of database systems is increasing the need to secure effectively database information resources. Lapses in security leave organizations vulnerable to fraudulent and malicious disclo-
Vol. 7, No. 3
sure, modification, or destruction of data. This article is an overview of points to consider for designing and maintaining secure database systems. Auerbach Data Security Management, March-April 84-02-14.
1988,
Programmer Workstation Security, Gerald I. Zsaacson. Information is often exposed to accidental or malicious disclosure, modification, or destruction. The goal of a security program is to protect that information as well as the resources that process, access, and store it. The risk of exposure should be reduced to a level acceptable to management and should be monitored for unauthorized activities. This article examines the measures that can be taken in the systems programming and development environment to obtain these objectives. Auerbach Data Security Management, MarchApril 1988, 84-05-30.
It’s Critical To Make PC Security as Flexible as PCs Themselves,Janet Mason. Companies that ignore information security may find out too late that they can be held legally liable for their negligence by stockholders and customers. Even companies that have invested in PC security devices such as password systems and encryption software may be fooling themselves into believing that their information is safe. These systems may not be used correctly and thus may be easily thwarted. Biometric PC security devices and token systems offer additional layers of security but are currently expensive. Many large companies have their employees sign an information security protection statement. A separate short article
drive. The Ofice, March 1988, pp. 37, 45.
Make a Plan for PC Disaster Recovery, James F. Yaremko. Personal computer disasters can take many forms. Some common occurrences are hard disk crashes, accidental file deletions, and accidental reformatting of hard disks. Others include down-time associated with damaged PCs, theft of equipment, or damage to files through power-related events. The building blocks of any disaster prevention and recovery plan include: disaster prevention techniques; backup and recovery procedures; acquiring software utilities for reclaiming lost data; plans for addressing equipment failure; proper training of users and program documentation. The Office, March 1988, p . 54# When Trouble Strikes, a UPS Can Save the Data, Michael Puttre. Uninterruptible power
supplies are interruptible and are not power supplies. Power protection is particularly vulnerable to the weak link principle. The UPS box is essentially a current washing machine that launders dirty AC current from the utility into clean AC current acceptable to the computer via batteries. There are two types of UPS units, stand-by and on-line, which are described in the article. The growing popularity of UPS systems is shown by the increasing range of products available. Information WEEK, March 14, 1988,p.
uff.
Reliable Power: Beyond the Big Box, Kenneth Bill. It is a mistake to believe that a big investment in a packaged set of uninterruptible power supply equipment will automatically end a
and Security,
company’s computer down-time problems. The UPS solution offered by a single vendor is not the same as a truly effective UPS “system.” The following considerations are important: (1) A UPS must be conceptualized, engineered, and operated as a total system. (2) An organizational structure must be created that defines both authority and accountability. (3) “Facilities people” may not be sufficiently equipped to deal with the subtle needs pertaining to reliable computer processing. (4) In this complex project, bugs are inevitable. Problems are best found through a process of extensive site testing. Information WEEK, March 14, 1988,p.
40.
TOP SECRET-Concepts and Implementation, Earl W. Jollymore and Robert E. Johnston. Selecting and implementing security software can be expensive, as can administering it, specifically when the security level is unsatisfactory. TOP SECRET is a software product intended to protect resources in many environments, with relatively simple installation and maintenance. The key to its success, however, is planning. This article discusses important considerations and steps for the implementation and ongoing administration of TOP SECRET. It also describes Version 4.1, the most recent version of TOP SECRET. Auerbach Data Security Management, MarchApril 1988, 84-02-07. An introduction to Database Security, A. Faye Borthick. The
growing use of database systems is increasing the need to secure effectively database information resources. Lapses in security leave organizations vulnerable to fraudulent and malicious disclo-
Vol. 7, No. 3
sure, modification, or destruction of data. This article is an overview of points to consider for designing and maintaining secure database systems. Auerbach Data Security Management, March-April 84-02-14.
1988,
Programmer Workstation Security, Gerald I. Zsaacson. Information is often exposed to accidental or malicious disclosure, modification, or destruction. The goal of a security program is to protect that information as well as the resources that process, access, and store it. The risk of exposure should be reduced to a level acceptable to management and should be monitored for unauthorized activities. This article examines the measures that can be taken in the systems programming and development environment to obtain these objectives. Auerbach Data Security Management, MarchApril 1988, 84-05-30.
It’s Critical To Make PC Security as Flexible as PCs Themselves,Janet Mason. Companies that ignore information security may find out too late that they can be held legally liable for their negligence by stockholders and customers. Even companies that have invested in PC security devices such as password systems and encryption software may be fooling themselves into believing that their information is safe. These systems may not be used correctly and thus may be easily thwarted. Biometric PC security devices and token systems offer additional layers of security but are currently expensive. Many large companies have their employees sign an information security protection statement. A separate short article