- Email: [email protected]
Random bits & bytes
COtTIputers & Security, 14 (1995) 274-282
Random Bits & Bytes Harold Joseph Highland, FICS, FACM Editor-in-Chief Emeritus
Information Security It is unusual for this column to start with a review of a book but this is not a usual book. With almost 40 years in computing, reviewing for ACM’s Computing Reviews and the Mathematics Society’s]oumal ~~Muthematics as well as Computers G Security and other publications, I have found few books that have made so deep an impression. I’d put this book in the class of Knuth’s volumes on algorithms and Iverson’s on programming language. Information Security, edited by Marshall D. Abrams, Sushil Jajodia and Harold J. Podell, contains a collection of essays by some security bellwethers fleading researchers and practitioners] in the field of trusted systems. Among the ‘essayists’ are Leonard LaPadula, Clark Weissman, Roger Schell, Steven Kent, and others. Title: Editors: Publisher:
Information Security: An Integrated Collection of Essays Marshall D. Abrams, Sushil Jajodia and Harold J. Podell IEEE Computer Society Press, Los Alamitos, CA, 1995. vii+753 pp. [hardcover]. Price: US List $58; IEEE Members $44.
Unlike many of the omnibus books in information security, this volume is the apogee of sound technical
writing. Each essay is well constructed and is able to stand alone as a scholarly paper. Each provides an indepth analysis of the topic. If the volume is to be faulted, it is due to its concentration on trusted systems. This is not a defect f&m my viewpoint. Any attempt to broaden its horizons would have made it unwieldy;it would have lessened its impact. I believe that it might even have been impossible to find the depth of research and development in other areas of computer security. Aiming for the most secure system possible is an unattainable goal. Anyone can relax various security elements if that is the system with which they wish to live. The editors of this volume, in the glossary, add the following note to their definition of security: “Absolute security may in practice by impossible to reach;thus the security ‘quality’could be relative. Within state models of security systems, security is a specific ‘state’ as is to be preserved under various operations.” The 27 essays are divided into three categories: motivation, understanding and working security issues, and database security In all there were 21 authors some of whom collaborated on more than one paper. Of the essays 8 were written by individual authors, 15 by two authors and 4 by three authors. The three editors participated in many of the essays, each contributing to at least seven different papers. The introduction to the volume has detailed summaries of the highlights of each of the essays.
0 Compulit, Inc, 1995. Au rights reserved.
274
0187-4048/95/$9.50 0 1995, Elsevier Science Ltd
Computers & Security, Vol. 14, No. 4
The volume is worth its price even Xbought for only a few of the excellent essays. Particularly well done are those by:
lLaPadula’s Computer
“Rule-Set System”,
Modelling
of a Trusted
*Weissman’s “Penetration Testing”, a paper which I strongly recommend to readers in light of the recent SATAN fiascol, l Brinkley
and Schell’s “Concepts and Terminology Commuter Securitv”. 1
,
for
,
l
“Architectures Notargiacomo’s Management Systems”, and
*Bailey’s
for MLS
Database
“A Philosophy of Security Management”.
In addition to the informative and thought-provoking essays, there is a 37-page listing of references, a 61-page glossary, and a detailed index. This book brings together in one place the essence of different aspects of security, critical model development and an insight into active research in several areas. To any student of information security, this is a must book. Even if you are in the commercial field without a need for trusted systems, this is a very worthwhile book.
PROBLEMS AND SOLUTIONS -- Q: and A: Over the yearn we have received Iettem, telephone calls, fax and electronic mail from madem about security and security-related pmblemc. We wndd like to extend that rrvice to all rudera who have hentofom not availed themaelve~ of our assistance. = kstal
address:
Dr. Harold Joseph HQhland, Compulit, Inc., 562 Croylon Road, Elmont, NY 11003-2814,
Electronic mail:
Hiiodockmaster.nccs.mil
.
l&phone:
[+l]
n
Fax:
[+ I] 516488.6868 m USCa microcomputer Fax board which is normally not activated. Therefore please telephone our office in adwmce during office hours to notify us about pendii fkx tmntnnimion.
or Highlandeacm.org
or Hiiandocable.adelphi.edu
[backup site]
51648.6868
Wasted Disk Space Q: We increased the hard disk size on several micros in our department since there was insufficient space on the old disks to add two new company programs. When we transferred the old files to the new disk we found the files took more space than earlier. And this was without the new programs. We had no viruses; we checked with two different programs. Our supplier told us that this was caused by using a larger disk. Would it help if we used SCSI disks?
‘An extended discussion of SATAN and the reaction within the information security community will be included in my next
column.
USA
e
A: I, who should know better, also fell into the same trap without thinking ahead. I recently installed a g-millisecond 1 gigabyte SCSI. My old system had a 510 Mbyte IDE drive as C and a 240 Mbyte drive as D. The D-drive was used to store temporary programs for testing or data for analysis. When adding the gigabyte drive, the old D drive was transferred to another machine. I restructured the system leaving only DOS on the 51OMB C drive and moved all the working programs to the new drive. Instead of taking some 4OOMB, the identical programs , excluding DOS, now took slightly under 500MB. The cause of the ‘program explosion’ is the cluster size which expands as hard disk capacity increases. The cluster, the basic allocation unit, is the smallest unit of
275
H. J. Highland/Random Bits & Bytes
II
II
VolUme
sire
1 IWmber
of Bytes!
>
128 MB
2,048
128 ME! -
255 MB
4,096
256 MB -
511 MB
512 MB - 1,023 MB
Drive a: 105,027,584 2,048 51,283
8,192 1
16,384
i
Fig. 1.
tot81
8lloa8tion
bytes bytes tOt8l
tot81 disk sp8ao / 8llOa8tiOn Unit 8llOa8tiOll UlIits
bytes bytes tot81
tOt8l disk sp8ae / 8llOa8tiOn Unit 8llOa8tiOn Units
bytes bytes tOt8l
tot81 disk sp8ae / 8llOa8tiOn unit 8llOa8tiOlI Units
Drive g: 251,375,616 4,096 61,371
bytes byt8s tOt8l
tot81 dimk 8p8ao / 8llOa8tiOn U8it 8llOa8tiOn Units
Drive h: 20,768,768 2,048 10,141
bytes tot81 disk sp8ae bytes' / 8llOa8tiOll Unit tOt8l 8llOa8tiOll Units
Drivs d: 401,793,024 8,192 49,047 Drive l : 527,138,816 64,348
Drive f: 527,138,816 8,192 64,348
Although you did not note the new disk capacity in your request I believe you will find that you can save critical disk space by partitioning the drive disk. In our own case we even partitioned our original 510 Mbyte disk into drives C and D. The C disk now has a 105 Mbytes capacity; its cluster size is 2048 bytes [see Fig 21 and D disk is 401 Mbytes but its cluster size is 8192. C disk not only holds DOS and the necessary device drivers and TSRs but also a very large .BAT fi$ to provide access to an extensive number of programs . The new gigabyte disk was partitioned into two drives, E and F. Both of these are 527 Mbytes in size with 8192 bytes in a cluster, as shown in the figure. Aside from these drives, the system also handles a removable hard disk drive, designated by the system as drive G, which is 251 Mbytes in size with a cluster size of 4096 bytes. And a removable floptical-disk drive, designated as H. Note that its cluster size, 2048 bytes, is the same as drive C.
spaao
tot81
/ 8lloa8tion
8,392
space that DOS uses for a tile; it size varies depending upon disk size as shown in Fig 1.
disk
bytes
bytes
Fig.
unit units
2.
As individuals begin using large hard disks [retail advertisements in our area are promoting 720 Mbyte and 850 Mbyte disks for home use] the more sectors in a cluster. Some technicians note that on average DOS wastes about half a cluster for every file on the system. Anyone ready for OS/2 or Unix?
Educational Certification 2The data in Figure 2 is readily available and is part of that generated when one uses CHKDSK for any logical drive. 3Because of test analysis of programs the system operates under both DOS and Windows, and as a stand-alone station or part of a network. Many helpful programs are stored on the hard disks in both DOS and Windows versions. Furthermore because of my interest in cryptography, modeling and simulation, random number generators as well as desktop publishing, there are well over 760 programs on the system. Some, such as WordPerfect or ProcomPlus, are used daily. Others may be used only when disaster strikes during testing and some of there for peace of mind [a few are executed when I find the name but not certain what the program does].
276
Q: I am currently doing my masters, and my research project involves information security certification under IS0 9000. The reason for this letter is that while I was studying the papers fi-om the 1993 IFIP conference, I happened to read your introductory note, and felt that you were concerned about exactly what my masters is trying to handle an internationally accepted information security certification body.
Computers & Security, Vol. 74, No. 4
A: My paper from the 1993 IFIP conference did not endorse an international information security body My concern was with educational programmes and, specifically, graduate programs at the university level. In December 1993 [Volume 12 Number 81 issue of Computers G Security, I presented information about a subcommittee of WG 11.8 working on a Master’s Degree programme in information security Despite all the current hoopla about the world as a global village, there are vast differences in information security practices throughout the world. There is also a wide discrepancy between what is taught at universities and what is done, and even needed, in the real world. Our promoting an integrated curriculum at that graduate level is based on a hope that future leaders in this field would have a common core of understanding. For those interested in more information about the programme, please see pages 735-739 of the aforementioned issue of the Journal or communicate with Professor William J_ Caelli whose E-mail address is [email protected]. A common curriculum may be a first step. But it is important to remember that each course reflects the students’s background, the teacher’s academic training, his/her interests and particularly his/her real-world experience. Having served as a department chairman, associate dean of a liberal arts college, dean of a graduate school, member of a state-wide computer education committee and chair of a national information science curriculum committee, I found that most academics had little, if any, real world experience. Acting as a consultant [without any prior real experience] or spending three to six months temporarily in the security field oft is more a disservice than having remained in the ivycovered walls of academia. Please, no flaming :-)
Virus Protection Redux Q: By now I assume that everyone has been attacked by a computer virus. Most people I believe use some anti-viral product. We recently learned that the US Department of Defense will no longer use M&fee’s product but will replace it with the one from IBM. Would you recommend we switch to IBM as well? What do you do? A: My views of John M&fee’s products as well as several others are well known by those who have
attended seminars at which I speak. But that is not the point about your first questions switch to IBM. They have an excellent package but so do several other vendors. Which package I’d use in a company would depend on several factors: [a] Who will install it - a technician or each user [data entry clerk, secretary, etc.]? b] How easy and how long is the installation process? [c] Does the install package modify the [CONFIG.SYS and/or AUTOEXEC.BAT]? it require installer response?
system Does
[d] Is calling the program automated, or does one have to rely on user? [e] If an alert occurs [finding a virus or even a false alert] what response is required by the user? [fl Is a checksum program invoked as well as a scanner? These are only few of many questions which need to be answered about any such product. Too many organizations put too much trust in their use ofscanners. Most are poor against stealth and polymorphic viruses. Sorry but I cannot provide a simplistic lo-point checklist for product selection. Possibly the problem can be understood by my answer to your second question “What do you do?” My operation is not a typical office but in a way reflects a set of procedures that can be used. Also since I have tested numerous anti-virus products I found some routines in one product better [faster, take less memory, easier menu, etc.] than those others. I therefore have a ‘mix and match’ policy one program from one package, another from a different package, etc. Also I am thankful to several producers who send me disks providing updates to the virus list. Let me explain my own machine operations which would reflect operations in different offices in an outside company: [1] Daily operations, a closed system environment, since there are no disks from the outside. [2] Adding and/or modifying software on the system for normal, updates of existing programs or adding new ones.
277
H. J. Highland/Random Bits & Bytes
[3] Testing analysis, the evaluating and/or hardware product.
a new software
Protective Measures
PI In
normal daily operations there are no floppy disks coming into the system or moving from computer to computer. Any floppies that are written to are for ‘export’, to be sent to outside parties, such as this copy that goes to Elsevier in Oxford. Although all floppy disks available for use have been scanned and even though the hard disks have been scanned and checksummed. I nonetheless continue to use two anti-virus tools. I should note that I have a copy on disk ofboth the partition table of each hard disk and the system’s BIOS.
[al I use VirusGuard4,
a 6K TSR. It scans memory, boot and partition sectors, hidden system files, COMMAND.COM as well as executable programs including OVl, BIN, DLL, etc. It also checks for viruses before every program load, when a file is copied and a floppy disk when it is inserted into a drive. Although not needed for daily operation, I use an additional co mmand line option - /write=yes - which checks files before written to catch viruses being unpacked fi-om compressed archive files. This is essential for all other operations. It is also handy when I unzip E-mail material.
[b] NofBoot5 prevent a warm reboot of the system if there is a floppy disk in drive A. Both of these are ‘hold over’ procedures from the days when my daily operations involved using scanned disks; they are extra insurance. The memory and disk scan by VirusGuard is exceedingly fast and each boot or reboot produces the screen shown in F& 3. [2] When it is necessary to update an existing program in use or add a new one, additional anti-virus procedures are used; it is one of the multiple configuration used under MS-DOS. Three additional TSRs are used.
%ut of Dr. Solomon’s Toolkit by S&S International. Berkley Court, Mill Street, Berkhamsted, Herdordshire, HP4 2HB, UK. ?-his is part of the FixUtilities, a fieewam package from A. Padgett Peterson, PO Box 1203, Windermere, FL 34786 USA; the package is available on many bulletin boards.
278
Clmcking VIRZMN Mnor]l
scuumd,
OK
driver
110 rirusos
found in -a-y.
3172 Virus08 + 2985 Variants Memory
residant portion occu~irs
plus 226 OUARD.DRV
bytes for a copy
of
= 6157
just 9060 bytes
your onviro-t.
stormd in IN9 memory for famt aceas=. /?nu!cE=YEs
/cOPY=~S
Fig. 3.
[a] VirStop.EXE’s6 primary purpose is to prevent the execution of programs infected with known viruses. It is a standard TSR and intercepts the so-called ‘Load-and-execute’ function. This means that whenever an attempt is made to run a program VIRSTOP gets a chance to examine it first, using a simple but fast search to check for viruses and will abort the execution ofthe program, display a message and return an error. It does not make an accurate identification; F-PROT.EXE is necessary for that purpose. It will also prevent warm boot if a disk is in drive A. [b] VBSaver7 is used as anti-stealth virus protection. [c] TSRMON8 rtiesident
prevents any program from going unless it is hsted m an accompanying
Note that VirusGuard and Vi&top are duplicated efforts. Similarly TSRMON is a replication. This action is taken as an added precaution. Possibly the most important
‘VirStop is part of the F-Prot package. The English-language shareware version of the F-PROT anti-virus program is free of charge for any individual using it on his/her personally owned computer, which is not used for commercial purposes. F-PROT Professional is a commercial version and includes a strong list of features and additional tools in addition to the ones included in the shamware version. Frisk Software International, Postholf 7180, IS-127 Reykjavik, Iceland. ‘This is part of the Doctor package from Thompson Network Software, PO Box 669306, Marietta, GA 30066-0106 USA. *Part of Panda Pro available firorn Panda Systems, 801 Wilson Road, Wilmington, DE 19803 USA.
Computers & Security, Vol. 14, No. 4
‘shield’ during installing compressed files is VirusGuard with the write option invoked to scan files as they are decompressed and before they are written to the hard disk. [3] The most critical anti-virus steps are taken when testing new software and/or hardware. I have encountered programs that trash the FAT, others that encrypted the MBR but failed to decrypt when uninstalled, caused the monitor to change colours periodically although no request to do so was made. Naturally a full backup of data files flocated now on drive D] is made; all other disks have ‘permanent’ backups [more in next issue]. [a] I use Padgett Peterson’s Disk Secure program to encrypt the hard disk’s MBR. I do not use it regularly because I have had to do four low level reformats of hard disks when encrypted boot records failed. I have not had that experience with Disk Secure but periodically found that the system alter$d its configuration without any ‘human’ action. Not certain of the cause [neither are our technical support team], I sleep sounder with an unencrypted MBR. [b]
10
Monitor constantly monitors Int 13, intercepting potentially destructive activities,such as a format call, a writer to the MBR; it even prevents a write to the FAT ifimproper chaining is present. [Note to anyone using this program; disable it before attempting to format a floppy disk.]
[c] Mirror” produces two copies of the boot record, root directory and the FAT. The first is the most recent copy and the second is the prior or backup copy. It is called immediately before any testing begins. If the root directory or FAT are clobbered at any stage, it is possible to recover; in this case to the state just prior to the program testing.
9No changes were severe enough to prevent booting the system. The more annoying ones include the disabling of LPTl and COMl even if the setup program has not been run. “Also part of Panda Pro “Part of PCTooZs by Central Point Software, 15220 N.W. Greenbrier Parkway, Suite 200, Beaverton, OR 97006-9937 USA.
InfoSec Basics Packing 29 chapters and an extensive annotated bibliography into 400 pages is a Herculean task but that is what Edward Amoroso did in this volume. It is very unlikely that anyone in computer security would be unable to find something ofvalue in this comprehensive, readable volume. The book was developed over a number of years. The ‘notes’started out as those needed for a one hour lecture on computer security at AT&T. It evolved into a U-day seminar and eventually into a graduate course in computer security. That course is taught by the author at two different colleges in the State of New Jersey. The volume has been refined over a period of semesters. In reading the volume it was obvious that the author honed his copy over time and he was aided by comments and suggestions horn students and colleagues.
Title: Author. Publisher:
Fundamentals of Computer Security Technology Edward Amoroso AT&T Laboratories - P T R Prentice Hall Inc, Englewood Cl&, NJ, 1994. xxii+ 404 pp. baperback] .
Each chapter is compactly written but nonetheless is well structured and easy to read. I was amused when I found that the author suggested “that some technical background is helpful in this area”. This book is not designed for someone who is not computer literate. The 33-page annotated bibliography is exceedingly helpful to anyone looking into almost any topic in information security. In addition, the author, f?om my viewpoint, has been brave enough to select the 25 greatest works in computer security. He does admit that his selection of criteria were fimdamentally subjective and “subject to error”. If anyone is interested in building a core library in this field, this list is a good starting point although I do not agree with all his suggestions. Finally, some of our academic readers might find this volume an interesting choice for a textbook - the problems are meanin@.
279
H. J. Highland/Random Bits & Bytes
Computer Viruses I have not reviewed computer virus books to any extent during the past two or three years because I was once told that ::ifiyou cannot say something nice, do not say anything. The Slade Guide to Computer Viruses is however an exceptional volume. Written primarily for the general reader, it nonetheless contains a fairly high degree of technical data presented in a highly readable manner. There is much useful information without becoming paranoid in combating computer viruses and Trojan horses - sound information in reducing the threat of viral infection and well as reacting when a virus has struck. In addition the volume has a fairly complete index arranged for the non-technical reader. Title:
Author: Publisher
Guide to Computer Viruses: How to Avoid The, How to Get Rid of Them and How to Get Help. Robert Slade Springer-Verlag, New York, NY, 1994. xvii+472 pp. [paperback], includes one software disk. Price: US$29.
More than half of the book consists of a series of worthwhile appendices. The author starts this portion of the book off with a section on the “Frequently Asked Questions” to which he provides concise and accurate answers. Possibly the heart of the appendices is the one containing the reviews of “Antivirus Products”. Almost 30% ofthe book [140 out of the 472 pages] are devoted to product reviews by the author. The evaluations are critical and 10 factors are evaluated on a scale from 1 (poor) to 4 (very good). Some of the products no longer exist and others have been updated; the bane of any published book and also the problem of a single person doing all the evaluations. In reviewing this book, I compared some of my own product evaluations with those of the author. I found
‘33emg told and therefore doing does not necessarily follow. Since time is limited for reading, I ofien abandon a book after picking three or four random sections and reading several pages. Ifthe book appears well written and of interest, I then resort to the traditional way of reading, starting with the title page. Should note that I do this well even when selecting books for leisure reading. 280
that we are generally more or less in agreement. Whether I can say that my criteria for evaluation are more objective than the author is difficult to determine. However, I have always felt that a single review, no matter how well the criteria list has been honed, may still be too subjective. The author is a technician, well versed in microcomputers. He certainly is not the average user who might have different priorities. The author also includes a helpful, detailed directory of antiviral vendors including telephone numbers and Email addresses for those interested in obtaining more information.
NTIS Volumes of Interest The National Technical Information Service (NTIS) is a self-supporting agency of the US Department of Commerce. It provides access to the results of both US and foreign government-sponsored research and development and engineering activities. For copies of any of the publications we consider of interest to computer security directors and personnel, you can communicate with: Orders: +l 703 487-4650 US Denartment of Commerce Natio& Technical Inf~ormationService Telex: 89-9405 or 64617 FAX: +1 703 321-8547 5285 Port RwaI Road SPringfieId,V~22161
Securing Electronic Mail: The Risks and Future of Electronic Mail S.A. Weeber, Lawrence Livermore National Lab, CA, March 1993,16pp.,DE93017187/WCC. The network explosion of the past decade has significantly affected how many of us conduct our data to data work. We increasingly rely on network services such as electronic mail, file transfer, and network newsgroups to collect and distribute information. Unfortunately, few of the network services in use today were designed with the security issues of large heterogeneous networks in mind. In particular, electronic mail, although heavily relied upon, is notoriously insecure. Messages can be forged, snooped, and even altered by users with only a moderate level of system proficiency. The level of trust that can be assigned at present to these services needs to be caremlly considered.
Computers & Security, Vol. 14, No. 4
In the past few years, standards and tools ave begun to appear addressing the security concerns of electronic mail. Principal among these are RFCs 1421,1422,1423 and 1424, which propose Internet standards in the areas of message encipherment, key management, and algorithms for privacy enhanced mail (PEM). Additionally, three PEM systems, offering varying levels of compliance with the PEM RFC’s, have also recently emerged: PGP, RIPEM, and TIS/PEM. This paper addresses the motivations and requirements for more secure electronic mail and evaluates the suitability of the currently available PEM systems.
Cryptography and Cryptosystems (Latest citations from the NTIS Bibliographic Database) NERAC Inc,Tolland CT,November 1993,239 citations minimum; updated with each order, PB94-853363. The bibliography contains citations concerning the theory, design, operation, performance and applications of cryptography and cryptographic equipment systems. Both analog and digital cryptographic methods and apparatus are considered. Some attention is given to algorithms for cryptography and to encryption or enciphering and decryption techniques. Military and civilian applications are described, including secure communications and security for computer information and data processing.
Automated Code
Assistance for Detecting
Malicious
R. Crawford, l? Kerchen, K. Levitt, R. Olsson and M. Archer,Lawrence Livermore National Lab, CAJune 3 8, 1993,14pp., DE93018106WCC. This paper gives an update on the continuing work on the Malicious Code Testbed (MCT). The MCT is a semi-automated tool, operating in a simulated, cleanroom environment, that is capable of detecting many types of malicious code, such as viruses, Trojan horses, and time/logic bombs. The MCT allows security analysts to check a program before installation, thereby avoiding any damage a malicious program might inflict.
Information
Surety for Today and Tomorrow
SK. Fletcher, Sandia National Labs, Albuquerque 1993,5pp., DE93017647, WCC.
NM,
Information Surety is the enhancement ofthe confidentiality, integrity and availability of information and software systems. It is attained through sequential steps: identification of software reliability requirements and information protection needs, designing for a balanced level of risk throughout the system, and application of appropriate software and hardware technologies and procedures. The ability to apply these steps when developing systems is impaired by a general lack of understanding of surety issues by system developers, and by the fact that there are many separate areas of knowledge involved that are not currently integrated into a disciplined approach (e.g. risk assessment, information access control in computers and networks, secure messaging, trusted software development).
Professor Harold Joseph Highland, FICS, FACM is a dinosaur who was graduated from the university and commissioned in 1938. He is Managing Director of Compulit, Inc. [Ehnont, NY, USA] and heads its Microcomputer Security Laboratory. Almost 15 years ago he retired with the academic rank of Distinguished Professor from The Technical College of the State University of New York. He is founding editor of Computers G Security and now serves as Editor-in-Chief Emeritus. He also serves on the editorial board of six professional magazines in the United States and overseas. Over the years he has wrinen for TheNew York Times and other newspapers, and has worked as a research statistician, TV producer, economist, consumer magazine editor and publisher, book editor and interior designer. He turned to academia in 1957 and became a Dean of a university graduate school. Dr. Highland was the first recipient of the IFIP Kristian Beckman Award made in public recognition of an individual, who has significantly contributed to the development of international information security He also received the IFIP Outstanding Service Award and in 1994 received ISSA’s Thomas Fitzgerald Award in recognition of his contribution to infosec. For his work in modeling/simulation and generating and testing of random numbers, he received The Distinguished Service Award from The Institute of Management Sciences College of Simulation, a Special Recognition Award f?om the Board of Directors of The Winter Simulation Conference and the ACM/SIGSIM Award for Special Service for his leadership and work during the classical period of modeling and simulation. A prolific author he has written several hundred technical articles and papers as well as 27 books. Several of his books have been translated into Japanese, German, French, Italian, Dutch, Russian,
281
H. J. Highland/Random Bits & Bytes
and Finnish. In addition to his writing, speeches and workshops,Dr. Highland serves as Counsel to the Computer Security Technical Committee of the Chinese Computer Federation peijing, PRC] and to other government agencies in the US and overseas.He is also a member of the International Committee on Information Security Crime-Related Investigations and Intelligence [ISCRI].
of Sciences WAS], the IEEE’s Computer Society [IEEEKS], American Association for the Advancement of Science [A&AS], The Internet Society [ISOC], The Internet Security association [ISA], Computer Professionals for Social Responsibility [CPRS], Information Systems Security Association [ISSA] and the Association for Corporate Computing Technical Professionals.
Dr. Highland is the only American Fellow of the Irish Computer Society [ICS] and is also a Fellow of the Association for Computer Machinery [ACM]. He is also a member of the New York Academy
More complete biographical data can be found in Who’s who in the World,Who’s WhoinAmerika, who’s WhoinScienceandTechnology,Who’s Who in American Education, and Who’s Who in the East.
282
Random Bits & Bytes Harold Joseph Highland, FICS, FACM Editor-in-Chief Emeritus
Information Security It is unusual for this column to start with a review of a book but this is not a usual book. With almost 40 years in computing, reviewing for ACM’s Computing Reviews and the Mathematics Society’s]oumal ~~Muthematics as well as Computers G Security and other publications, I have found few books that have made so deep an impression. I’d put this book in the class of Knuth’s volumes on algorithms and Iverson’s on programming language. Information Security, edited by Marshall D. Abrams, Sushil Jajodia and Harold J. Podell, contains a collection of essays by some security bellwethers fleading researchers and practitioners] in the field of trusted systems. Among the ‘essayists’ are Leonard LaPadula, Clark Weissman, Roger Schell, Steven Kent, and others. Title: Editors: Publisher:
Information Security: An Integrated Collection of Essays Marshall D. Abrams, Sushil Jajodia and Harold J. Podell IEEE Computer Society Press, Los Alamitos, CA, 1995. vii+753 pp. [hardcover]. Price: US List $58; IEEE Members $44.
Unlike many of the omnibus books in information security, this volume is the apogee of sound technical
writing. Each essay is well constructed and is able to stand alone as a scholarly paper. Each provides an indepth analysis of the topic. If the volume is to be faulted, it is due to its concentration on trusted systems. This is not a defect f&m my viewpoint. Any attempt to broaden its horizons would have made it unwieldy;it would have lessened its impact. I believe that it might even have been impossible to find the depth of research and development in other areas of computer security. Aiming for the most secure system possible is an unattainable goal. Anyone can relax various security elements if that is the system with which they wish to live. The editors of this volume, in the glossary, add the following note to their definition of security: “Absolute security may in practice by impossible to reach;thus the security ‘quality’could be relative. Within state models of security systems, security is a specific ‘state’ as is to be preserved under various operations.” The 27 essays are divided into three categories: motivation, understanding and working security issues, and database security In all there were 21 authors some of whom collaborated on more than one paper. Of the essays 8 were written by individual authors, 15 by two authors and 4 by three authors. The three editors participated in many of the essays, each contributing to at least seven different papers. The introduction to the volume has detailed summaries of the highlights of each of the essays.
0 Compulit, Inc, 1995. Au rights reserved.
274
0187-4048/95/$9.50 0 1995, Elsevier Science Ltd
Computers & Security, Vol. 14, No. 4
The volume is worth its price even Xbought for only a few of the excellent essays. Particularly well done are those by:
lLaPadula’s Computer
“Rule-Set System”,
Modelling
of a Trusted
*Weissman’s “Penetration Testing”, a paper which I strongly recommend to readers in light of the recent SATAN fiascol, l Brinkley
and Schell’s “Concepts and Terminology Commuter Securitv”. 1
,
for
,
l
“Architectures Notargiacomo’s Management Systems”, and
*Bailey’s
for MLS
Database
“A Philosophy of Security Management”.
In addition to the informative and thought-provoking essays, there is a 37-page listing of references, a 61-page glossary, and a detailed index. This book brings together in one place the essence of different aspects of security, critical model development and an insight into active research in several areas. To any student of information security, this is a must book. Even if you are in the commercial field without a need for trusted systems, this is a very worthwhile book.
PROBLEMS AND SOLUTIONS -- Q: and A: Over the yearn we have received Iettem, telephone calls, fax and electronic mail from madem about security and security-related pmblemc. We wndd like to extend that rrvice to all rudera who have hentofom not availed themaelve~ of our assistance. = kstal
address:
Dr. Harold Joseph HQhland, Compulit, Inc., 562 Croylon Road, Elmont, NY 11003-2814,
Electronic mail:
Hiiodockmaster.nccs.mil
.
l&phone:
[+l]
n
Fax:
[+ I] 516488.6868 m USCa microcomputer Fax board which is normally not activated. Therefore please telephone our office in adwmce during office hours to notify us about pendii fkx tmntnnimion.
or Highlandeacm.org
or Hiiandocable.adelphi.edu
[backup site]
51648.6868
Wasted Disk Space Q: We increased the hard disk size on several micros in our department since there was insufficient space on the old disks to add two new company programs. When we transferred the old files to the new disk we found the files took more space than earlier. And this was without the new programs. We had no viruses; we checked with two different programs. Our supplier told us that this was caused by using a larger disk. Would it help if we used SCSI disks?
‘An extended discussion of SATAN and the reaction within the information security community will be included in my next
column.
USA
e
A: I, who should know better, also fell into the same trap without thinking ahead. I recently installed a g-millisecond 1 gigabyte SCSI. My old system had a 510 Mbyte IDE drive as C and a 240 Mbyte drive as D. The D-drive was used to store temporary programs for testing or data for analysis. When adding the gigabyte drive, the old D drive was transferred to another machine. I restructured the system leaving only DOS on the 51OMB C drive and moved all the working programs to the new drive. Instead of taking some 4OOMB, the identical programs , excluding DOS, now took slightly under 500MB. The cause of the ‘program explosion’ is the cluster size which expands as hard disk capacity increases. The cluster, the basic allocation unit, is the smallest unit of
275
H. J. Highland/Random Bits & Bytes
II
II
VolUme
sire
1 IWmber
of Bytes!
>
128 MB
2,048
128 ME! -
255 MB
4,096
256 MB -
511 MB
512 MB - 1,023 MB
Drive a: 105,027,584 2,048 51,283
8,192 1
16,384
i
Fig. 1.
tot81
8lloa8tion
bytes bytes tOt8l
tot81 disk sp8ao / 8llOa8tiOn Unit 8llOa8tiOll UlIits
bytes bytes tot81
tOt8l disk sp8ae / 8llOa8tiOn Unit 8llOa8tiOn Units
bytes bytes tOt8l
tot81 disk sp8ae / 8llOa8tiOn unit 8llOa8tiOlI Units
Drive g: 251,375,616 4,096 61,371
bytes byt8s tOt8l
tot81 dimk 8p8ao / 8llOa8tiOn U8it 8llOa8tiOn Units
Drive h: 20,768,768 2,048 10,141
bytes tot81 disk sp8ae bytes' / 8llOa8tiOll Unit tOt8l 8llOa8tiOll Units
Drivs d: 401,793,024 8,192 49,047 Drive l : 527,138,816 64,348
Drive f: 527,138,816 8,192 64,348
Although you did not note the new disk capacity in your request I believe you will find that you can save critical disk space by partitioning the drive disk. In our own case we even partitioned our original 510 Mbyte disk into drives C and D. The C disk now has a 105 Mbytes capacity; its cluster size is 2048 bytes [see Fig 21 and D disk is 401 Mbytes but its cluster size is 8192. C disk not only holds DOS and the necessary device drivers and TSRs but also a very large .BAT fi$ to provide access to an extensive number of programs . The new gigabyte disk was partitioned into two drives, E and F. Both of these are 527 Mbytes in size with 8192 bytes in a cluster, as shown in the figure. Aside from these drives, the system also handles a removable hard disk drive, designated by the system as drive G, which is 251 Mbytes in size with a cluster size of 4096 bytes. And a removable floptical-disk drive, designated as H. Note that its cluster size, 2048 bytes, is the same as drive C.
spaao
tot81
/ 8lloa8tion
8,392
space that DOS uses for a tile; it size varies depending upon disk size as shown in Fig 1.
disk
bytes
bytes
Fig.
unit units
2.
As individuals begin using large hard disks [retail advertisements in our area are promoting 720 Mbyte and 850 Mbyte disks for home use] the more sectors in a cluster. Some technicians note that on average DOS wastes about half a cluster for every file on the system. Anyone ready for OS/2 or Unix?
Educational Certification 2The data in Figure 2 is readily available and is part of that generated when one uses CHKDSK for any logical drive. 3Because of test analysis of programs the system operates under both DOS and Windows, and as a stand-alone station or part of a network. Many helpful programs are stored on the hard disks in both DOS and Windows versions. Furthermore because of my interest in cryptography, modeling and simulation, random number generators as well as desktop publishing, there are well over 760 programs on the system. Some, such as WordPerfect or ProcomPlus, are used daily. Others may be used only when disaster strikes during testing and some of there for peace of mind [a few are executed when I find the name but not certain what the program does].
276
Q: I am currently doing my masters, and my research project involves information security certification under IS0 9000. The reason for this letter is that while I was studying the papers fi-om the 1993 IFIP conference, I happened to read your introductory note, and felt that you were concerned about exactly what my masters is trying to handle an internationally accepted information security certification body.
Computers & Security, Vol. 74, No. 4
A: My paper from the 1993 IFIP conference did not endorse an international information security body My concern was with educational programmes and, specifically, graduate programs at the university level. In December 1993 [Volume 12 Number 81 issue of Computers G Security, I presented information about a subcommittee of WG 11.8 working on a Master’s Degree programme in information security Despite all the current hoopla about the world as a global village, there are vast differences in information security practices throughout the world. There is also a wide discrepancy between what is taught at universities and what is done, and even needed, in the real world. Our promoting an integrated curriculum at that graduate level is based on a hope that future leaders in this field would have a common core of understanding. For those interested in more information about the programme, please see pages 735-739 of the aforementioned issue of the Journal or communicate with Professor William J_ Caelli whose E-mail address is [email protected]. A common curriculum may be a first step. But it is important to remember that each course reflects the students’s background, the teacher’s academic training, his/her interests and particularly his/her real-world experience. Having served as a department chairman, associate dean of a liberal arts college, dean of a graduate school, member of a state-wide computer education committee and chair of a national information science curriculum committee, I found that most academics had little, if any, real world experience. Acting as a consultant [without any prior real experience] or spending three to six months temporarily in the security field oft is more a disservice than having remained in the ivycovered walls of academia. Please, no flaming :-)
Virus Protection Redux Q: By now I assume that everyone has been attacked by a computer virus. Most people I believe use some anti-viral product. We recently learned that the US Department of Defense will no longer use M&fee’s product but will replace it with the one from IBM. Would you recommend we switch to IBM as well? What do you do? A: My views of John M&fee’s products as well as several others are well known by those who have
attended seminars at which I speak. But that is not the point about your first questions switch to IBM. They have an excellent package but so do several other vendors. Which package I’d use in a company would depend on several factors: [a] Who will install it - a technician or each user [data entry clerk, secretary, etc.]? b] How easy and how long is the installation process? [c] Does the install package modify the [CONFIG.SYS and/or AUTOEXEC.BAT]? it require installer response?
system Does
[d] Is calling the program automated, or does one have to rely on user? [e] If an alert occurs [finding a virus or even a false alert] what response is required by the user? [fl Is a checksum program invoked as well as a scanner? These are only few of many questions which need to be answered about any such product. Too many organizations put too much trust in their use ofscanners. Most are poor against stealth and polymorphic viruses. Sorry but I cannot provide a simplistic lo-point checklist for product selection. Possibly the problem can be understood by my answer to your second question “What do you do?” My operation is not a typical office but in a way reflects a set of procedures that can be used. Also since I have tested numerous anti-virus products I found some routines in one product better [faster, take less memory, easier menu, etc.] than those others. I therefore have a ‘mix and match’ policy one program from one package, another from a different package, etc. Also I am thankful to several producers who send me disks providing updates to the virus list. Let me explain my own machine operations which would reflect operations in different offices in an outside company: [1] Daily operations, a closed system environment, since there are no disks from the outside. [2] Adding and/or modifying software on the system for normal, updates of existing programs or adding new ones.
277
H. J. Highland/Random Bits & Bytes
[3] Testing analysis, the evaluating and/or hardware product.
a new software
Protective Measures
PI In
normal daily operations there are no floppy disks coming into the system or moving from computer to computer. Any floppies that are written to are for ‘export’, to be sent to outside parties, such as this copy that goes to Elsevier in Oxford. Although all floppy disks available for use have been scanned and even though the hard disks have been scanned and checksummed. I nonetheless continue to use two anti-virus tools. I should note that I have a copy on disk ofboth the partition table of each hard disk and the system’s BIOS.
[al I use VirusGuard4,
a 6K TSR. It scans memory, boot and partition sectors, hidden system files, COMMAND.COM as well as executable programs including OVl, BIN, DLL, etc. It also checks for viruses before every program load, when a file is copied and a floppy disk when it is inserted into a drive. Although not needed for daily operation, I use an additional co mmand line option - /write=yes - which checks files before written to catch viruses being unpacked fi-om compressed archive files. This is essential for all other operations. It is also handy when I unzip E-mail material.
[b] NofBoot5 prevent a warm reboot of the system if there is a floppy disk in drive A. Both of these are ‘hold over’ procedures from the days when my daily operations involved using scanned disks; they are extra insurance. The memory and disk scan by VirusGuard is exceedingly fast and each boot or reboot produces the screen shown in F& 3. [2] When it is necessary to update an existing program in use or add a new one, additional anti-virus procedures are used; it is one of the multiple configuration used under MS-DOS. Three additional TSRs are used.
%ut of Dr. Solomon’s Toolkit by S&S International. Berkley Court, Mill Street, Berkhamsted, Herdordshire, HP4 2HB, UK. ?-his is part of the FixUtilities, a fieewam package from A. Padgett Peterson, PO Box 1203, Windermere, FL 34786 USA; the package is available on many bulletin boards.
278
Clmcking VIRZMN Mnor]l
scuumd,
OK
driver
110 rirusos
found in -a-y.
3172 Virus08 + 2985 Variants Memory
residant portion occu~irs
plus 226 OUARD.DRV
bytes for a copy
of
= 6157
just 9060 bytes
your onviro-t.
stormd in IN9 memory for famt aceas=. /?nu!cE=YEs
/cOPY=~S
Fig. 3.
[a] VirStop.EXE’s6 primary purpose is to prevent the execution of programs infected with known viruses. It is a standard TSR and intercepts the so-called ‘Load-and-execute’ function. This means that whenever an attempt is made to run a program VIRSTOP gets a chance to examine it first, using a simple but fast search to check for viruses and will abort the execution ofthe program, display a message and return an error. It does not make an accurate identification; F-PROT.EXE is necessary for that purpose. It will also prevent warm boot if a disk is in drive A. [b] VBSaver7 is used as anti-stealth virus protection. [c] TSRMON8 rtiesident
prevents any program from going unless it is hsted m an accompanying
Note that VirusGuard and Vi&top are duplicated efforts. Similarly TSRMON is a replication. This action is taken as an added precaution. Possibly the most important
‘VirStop is part of the F-Prot package. The English-language shareware version of the F-PROT anti-virus program is free of charge for any individual using it on his/her personally owned computer, which is not used for commercial purposes. F-PROT Professional is a commercial version and includes a strong list of features and additional tools in addition to the ones included in the shamware version. Frisk Software International, Postholf 7180, IS-127 Reykjavik, Iceland. ‘This is part of the Doctor package from Thompson Network Software, PO Box 669306, Marietta, GA 30066-0106 USA. *Part of Panda Pro available firorn Panda Systems, 801 Wilson Road, Wilmington, DE 19803 USA.
Computers & Security, Vol. 14, No. 4
‘shield’ during installing compressed files is VirusGuard with the write option invoked to scan files as they are decompressed and before they are written to the hard disk. [3] The most critical anti-virus steps are taken when testing new software and/or hardware. I have encountered programs that trash the FAT, others that encrypted the MBR but failed to decrypt when uninstalled, caused the monitor to change colours periodically although no request to do so was made. Naturally a full backup of data files flocated now on drive D] is made; all other disks have ‘permanent’ backups [more in next issue]. [a] I use Padgett Peterson’s Disk Secure program to encrypt the hard disk’s MBR. I do not use it regularly because I have had to do four low level reformats of hard disks when encrypted boot records failed. I have not had that experience with Disk Secure but periodically found that the system alter$d its configuration without any ‘human’ action. Not certain of the cause [neither are our technical support team], I sleep sounder with an unencrypted MBR. [b]
10
Monitor constantly monitors Int 13, intercepting potentially destructive activities,such as a format call, a writer to the MBR; it even prevents a write to the FAT ifimproper chaining is present. [Note to anyone using this program; disable it before attempting to format a floppy disk.]
[c] Mirror” produces two copies of the boot record, root directory and the FAT. The first is the most recent copy and the second is the prior or backup copy. It is called immediately before any testing begins. If the root directory or FAT are clobbered at any stage, it is possible to recover; in this case to the state just prior to the program testing.
9No changes were severe enough to prevent booting the system. The more annoying ones include the disabling of LPTl and COMl even if the setup program has not been run. “Also part of Panda Pro “Part of PCTooZs by Central Point Software, 15220 N.W. Greenbrier Parkway, Suite 200, Beaverton, OR 97006-9937 USA.
InfoSec Basics Packing 29 chapters and an extensive annotated bibliography into 400 pages is a Herculean task but that is what Edward Amoroso did in this volume. It is very unlikely that anyone in computer security would be unable to find something ofvalue in this comprehensive, readable volume. The book was developed over a number of years. The ‘notes’started out as those needed for a one hour lecture on computer security at AT&T. It evolved into a U-day seminar and eventually into a graduate course in computer security. That course is taught by the author at two different colleges in the State of New Jersey. The volume has been refined over a period of semesters. In reading the volume it was obvious that the author honed his copy over time and he was aided by comments and suggestions horn students and colleagues.
Title: Author. Publisher:
Fundamentals of Computer Security Technology Edward Amoroso AT&T Laboratories - P T R Prentice Hall Inc, Englewood Cl&, NJ, 1994. xxii+ 404 pp. baperback] .
Each chapter is compactly written but nonetheless is well structured and easy to read. I was amused when I found that the author suggested “that some technical background is helpful in this area”. This book is not designed for someone who is not computer literate. The 33-page annotated bibliography is exceedingly helpful to anyone looking into almost any topic in information security. In addition, the author, f?om my viewpoint, has been brave enough to select the 25 greatest works in computer security. He does admit that his selection of criteria were fimdamentally subjective and “subject to error”. If anyone is interested in building a core library in this field, this list is a good starting point although I do not agree with all his suggestions. Finally, some of our academic readers might find this volume an interesting choice for a textbook - the problems are meanin@.
279
H. J. Highland/Random Bits & Bytes
Computer Viruses I have not reviewed computer virus books to any extent during the past two or three years because I was once told that ::ifiyou cannot say something nice, do not say anything. The Slade Guide to Computer Viruses is however an exceptional volume. Written primarily for the general reader, it nonetheless contains a fairly high degree of technical data presented in a highly readable manner. There is much useful information without becoming paranoid in combating computer viruses and Trojan horses - sound information in reducing the threat of viral infection and well as reacting when a virus has struck. In addition the volume has a fairly complete index arranged for the non-technical reader. Title:
Author: Publisher
Guide to Computer Viruses: How to Avoid The, How to Get Rid of Them and How to Get Help. Robert Slade Springer-Verlag, New York, NY, 1994. xvii+472 pp. [paperback], includes one software disk. Price: US$29.
More than half of the book consists of a series of worthwhile appendices. The author starts this portion of the book off with a section on the “Frequently Asked Questions” to which he provides concise and accurate answers. Possibly the heart of the appendices is the one containing the reviews of “Antivirus Products”. Almost 30% ofthe book [140 out of the 472 pages] are devoted to product reviews by the author. The evaluations are critical and 10 factors are evaluated on a scale from 1 (poor) to 4 (very good). Some of the products no longer exist and others have been updated; the bane of any published book and also the problem of a single person doing all the evaluations. In reviewing this book, I compared some of my own product evaluations with those of the author. I found
‘33emg told and therefore doing does not necessarily follow. Since time is limited for reading, I ofien abandon a book after picking three or four random sections and reading several pages. Ifthe book appears well written and of interest, I then resort to the traditional way of reading, starting with the title page. Should note that I do this well even when selecting books for leisure reading. 280
that we are generally more or less in agreement. Whether I can say that my criteria for evaluation are more objective than the author is difficult to determine. However, I have always felt that a single review, no matter how well the criteria list has been honed, may still be too subjective. The author is a technician, well versed in microcomputers. He certainly is not the average user who might have different priorities. The author also includes a helpful, detailed directory of antiviral vendors including telephone numbers and Email addresses for those interested in obtaining more information.
NTIS Volumes of Interest The National Technical Information Service (NTIS) is a self-supporting agency of the US Department of Commerce. It provides access to the results of both US and foreign government-sponsored research and development and engineering activities. For copies of any of the publications we consider of interest to computer security directors and personnel, you can communicate with: Orders: +l 703 487-4650 US Denartment of Commerce Natio& Technical Inf~ormationService Telex: 89-9405 or 64617 FAX: +1 703 321-8547 5285 Port RwaI Road SPringfieId,V~22161
Securing Electronic Mail: The Risks and Future of Electronic Mail S.A. Weeber, Lawrence Livermore National Lab, CA, March 1993,16pp.,DE93017187/WCC. The network explosion of the past decade has significantly affected how many of us conduct our data to data work. We increasingly rely on network services such as electronic mail, file transfer, and network newsgroups to collect and distribute information. Unfortunately, few of the network services in use today were designed with the security issues of large heterogeneous networks in mind. In particular, electronic mail, although heavily relied upon, is notoriously insecure. Messages can be forged, snooped, and even altered by users with only a moderate level of system proficiency. The level of trust that can be assigned at present to these services needs to be caremlly considered.
Computers & Security, Vol. 14, No. 4
In the past few years, standards and tools ave begun to appear addressing the security concerns of electronic mail. Principal among these are RFCs 1421,1422,1423 and 1424, which propose Internet standards in the areas of message encipherment, key management, and algorithms for privacy enhanced mail (PEM). Additionally, three PEM systems, offering varying levels of compliance with the PEM RFC’s, have also recently emerged: PGP, RIPEM, and TIS/PEM. This paper addresses the motivations and requirements for more secure electronic mail and evaluates the suitability of the currently available PEM systems.
Cryptography and Cryptosystems (Latest citations from the NTIS Bibliographic Database) NERAC Inc,Tolland CT,November 1993,239 citations minimum; updated with each order, PB94-853363. The bibliography contains citations concerning the theory, design, operation, performance and applications of cryptography and cryptographic equipment systems. Both analog and digital cryptographic methods and apparatus are considered. Some attention is given to algorithms for cryptography and to encryption or enciphering and decryption techniques. Military and civilian applications are described, including secure communications and security for computer information and data processing.
Automated Code
Assistance for Detecting
Malicious
R. Crawford, l? Kerchen, K. Levitt, R. Olsson and M. Archer,Lawrence Livermore National Lab, CAJune 3 8, 1993,14pp., DE93018106WCC. This paper gives an update on the continuing work on the Malicious Code Testbed (MCT). The MCT is a semi-automated tool, operating in a simulated, cleanroom environment, that is capable of detecting many types of malicious code, such as viruses, Trojan horses, and time/logic bombs. The MCT allows security analysts to check a program before installation, thereby avoiding any damage a malicious program might inflict.
Information
Surety for Today and Tomorrow
SK. Fletcher, Sandia National Labs, Albuquerque 1993,5pp., DE93017647, WCC.
NM,
Information Surety is the enhancement ofthe confidentiality, integrity and availability of information and software systems. It is attained through sequential steps: identification of software reliability requirements and information protection needs, designing for a balanced level of risk throughout the system, and application of appropriate software and hardware technologies and procedures. The ability to apply these steps when developing systems is impaired by a general lack of understanding of surety issues by system developers, and by the fact that there are many separate areas of knowledge involved that are not currently integrated into a disciplined approach (e.g. risk assessment, information access control in computers and networks, secure messaging, trusted software development).
Professor Harold Joseph Highland, FICS, FACM is a dinosaur who was graduated from the university and commissioned in 1938. He is Managing Director of Compulit, Inc. [Ehnont, NY, USA] and heads its Microcomputer Security Laboratory. Almost 15 years ago he retired with the academic rank of Distinguished Professor from The Technical College of the State University of New York. He is founding editor of Computers G Security and now serves as Editor-in-Chief Emeritus. He also serves on the editorial board of six professional magazines in the United States and overseas. Over the years he has wrinen for TheNew York Times and other newspapers, and has worked as a research statistician, TV producer, economist, consumer magazine editor and publisher, book editor and interior designer. He turned to academia in 1957 and became a Dean of a university graduate school. Dr. Highland was the first recipient of the IFIP Kristian Beckman Award made in public recognition of an individual, who has significantly contributed to the development of international information security He also received the IFIP Outstanding Service Award and in 1994 received ISSA’s Thomas Fitzgerald Award in recognition of his contribution to infosec. For his work in modeling/simulation and generating and testing of random numbers, he received The Distinguished Service Award from The Institute of Management Sciences College of Simulation, a Special Recognition Award f?om the Board of Directors of The Winter Simulation Conference and the ACM/SIGSIM Award for Special Service for his leadership and work during the classical period of modeling and simulation. A prolific author he has written several hundred technical articles and papers as well as 27 books. Several of his books have been translated into Japanese, German, French, Italian, Dutch, Russian,
281
H. J. Highland/Random Bits & Bytes
and Finnish. In addition to his writing, speeches and workshops,Dr. Highland serves as Counsel to the Computer Security Technical Committee of the Chinese Computer Federation peijing, PRC] and to other government agencies in the US and overseas.He is also a member of the International Committee on Information Security Crime-Related Investigations and Intelligence [ISCRI].
of Sciences WAS], the IEEE’s Computer Society [IEEEKS], American Association for the Advancement of Science [A&AS], The Internet Society [ISOC], The Internet Security association [ISA], Computer Professionals for Social Responsibility [CPRS], Information Systems Security Association [ISSA] and the Association for Corporate Computing Technical Professionals.
Dr. Highland is the only American Fellow of the Irish Computer Society [ICS] and is also a Fellow of the Association for Computer Machinery [ACM]. He is also a member of the New York Academy
More complete biographical data can be found in Who’s who in the World,Who’s WhoinAmerika, who’s WhoinScienceandTechnology,Who’s Who in American Education, and Who’s Who in the East.
282