- Email: [email protected]
Producing reliable, secure software
IFIP/
Set ‘85 Abstracts
necessary, will vary for each class of investigator. For example, the Auditor will require more EDP knowledge. The Law Enforcement Officer will need both EDP and Audit Knowledge. The EDP expert will need knowledge in investigation techniques and audit. There is a need for a type of MBA course where people from different disciplines, emerge with a good knowledge of each others’ capabilities. The contents of such a course are suggested, with reference to existing courses conducted by the FBI and RCMP. GERALD E. MURINE: Producing
Reliable, Secure Software. The impact of adding additional code, complex design, and other measures to software to inhibit unauthorized use of software systems in turn directly impacts the reliability of the software itself. This paper examines the problem of measuring software reliability in computer security systems and suggests an approach to design in the reliability by making objective measures over the life cycle. The author presents some new concepts which will enable the software developers to measure not only the degree of security being built in the software but also its direct impact on reliability. CHARLESCRESSONWOOD: Establishing
Technical Systems Security Standards at a Large Multinational Bank. Many organizations are jeopardizing long-term systems cost-effectiveness, interoperability, and security by allowing various groups within the organization to make decentralized and uncoordinated technical control decisions. Cost-effective-
169
ness is compromised
because volume vendor discounts and cross-systems controls are often overlooked or unavailable. Interoperability between systems and networks is compromised because the machines cannot readily exchange secure data. Security is compromised because decentralized development teams are creating controls that address only obvious short-term needs. The solution to this serious problem is to develop, promulgate, and enforce organization-wide technical systems security standards. This paper addresses the organizational, political, technical, and project management related matters associated with the development of a bank-wide encryption standards document. The observations and recommended steps are equally applicable to the development of other technical, as opposed to policy oriented or procedural, systems security standards. DONALD W. DAVIES: How to Use the DES Safely. Among the ciphers which are in the public domain, the Data Encryption Standard must have been studied more intensely than any other. Since it is widely used for encipherment and authentication of financial messages, its security is a matter of public concern. As with all ciphers, advances in knowledge and technology can reduce its strength, so that its use then requires more care. This paper reviews what is known about the DES and the precautions needed to use it safely. No guarantee of security can ever be given, since an unsuspected weakness might exist, either in the algorithm or the way it is used. We do not consider, in this paper, the protocols employed in systems incorporating the DESand these need at least as much care as the cipher itself.
Set ‘85 Abstracts
necessary, will vary for each class of investigator. For example, the Auditor will require more EDP knowledge. The Law Enforcement Officer will need both EDP and Audit Knowledge. The EDP expert will need knowledge in investigation techniques and audit. There is a need for a type of MBA course where people from different disciplines, emerge with a good knowledge of each others’ capabilities. The contents of such a course are suggested, with reference to existing courses conducted by the FBI and RCMP. GERALD E. MURINE: Producing
Reliable, Secure Software. The impact of adding additional code, complex design, and other measures to software to inhibit unauthorized use of software systems in turn directly impacts the reliability of the software itself. This paper examines the problem of measuring software reliability in computer security systems and suggests an approach to design in the reliability by making objective measures over the life cycle. The author presents some new concepts which will enable the software developers to measure not only the degree of security being built in the software but also its direct impact on reliability. CHARLESCRESSONWOOD: Establishing
Technical Systems Security Standards at a Large Multinational Bank. Many organizations are jeopardizing long-term systems cost-effectiveness, interoperability, and security by allowing various groups within the organization to make decentralized and uncoordinated technical control decisions. Cost-effective-
169
ness is compromised
because volume vendor discounts and cross-systems controls are often overlooked or unavailable. Interoperability between systems and networks is compromised because the machines cannot readily exchange secure data. Security is compromised because decentralized development teams are creating controls that address only obvious short-term needs. The solution to this serious problem is to develop, promulgate, and enforce organization-wide technical systems security standards. This paper addresses the organizational, political, technical, and project management related matters associated with the development of a bank-wide encryption standards document. The observations and recommended steps are equally applicable to the development of other technical, as opposed to policy oriented or procedural, systems security standards. DONALD W. DAVIES: How to Use the DES Safely. Among the ciphers which are in the public domain, the Data Encryption Standard must have been studied more intensely than any other. Since it is widely used for encipherment and authentication of financial messages, its security is a matter of public concern. As with all ciphers, advances in knowledge and technology can reduce its strength, so that its use then requires more care. This paper reviews what is known about the DES and the precautions needed to use it safely. No guarantee of security can ever be given, since an unsuspected weakness might exist, either in the algorithm or the way it is used. We do not consider, in this paper, the protocols employed in systems incorporating the DESand these need at least as much care as the cipher itself.