- Email: [email protected]
Random bits & bytes
Computers & Security, 11 (1992) 592-601
Random Bits & Bytes Dr Harold Joseph Highland, FIGS Editor-in-Chief
Emeritus
Computer Ethics Normally I do not start this column with a book review but here is a special book that should be read by everyone in computing, and particularly those in computer security. Although it was published earlier this year, I did not receive a copy until a warm day in July. Since it was a relatively short book, about 200 pages, I began to read it shortly after dinner. And I kept on reading it well into the night until I finished it. I have repeatedly picked it up to read a specific chapter or two before I write some articles or go to conduct a workshop. According is twofold:
to its two authors,
the basic aim of this book
[‘I
to describe some of the problems society by computers, and
[?I
to show dilemmas computer
created
for
how these problems present ethical for both computer professionals and users.
Title:
Author:
Tom Forester
Publisher:
The MIT Press, 55 Hayward Street. Cambridge, MA 02142 USA. viii+ 193 pages [softcover]. Price $12.50.
C Compul~t.
592
Inc, 1992. All rights
and Perry Morrison
This excellent volume is well-written and contains numerous well-documented ethical computer problems. The book evolved from the authors’ previous writing but particularly from their experiences when teaching two courses on the human and social context of computing to computer science students at Griffith University. Possibly my own enthusiasm for this book is the concise and interesting way the authors have presented the moral issues we face. After an introductory chapter explaining our computerized society, the authors explore numerous critical topics. Computer crime is presented without the highly emotional approach we have so often read and/or heard from specialists. Among some of the other topics are: theft of computer software, hackers and the problems they have created, computer viruses, health danger from Vl>Ts (VDUs), the invasion of privacy. I particularly liked their treatment of the unreliability of computers [see the note on quality assurance in the previous Random Bits & Bytes column]. Their analysis of Al and expert systems is free from the usual hype we find in many articles and books. The chapter on “Computerizing the Workplace” should be read by every computer security director; it definitely would help in formulating a security awareness program. The book’s many footnotes are unobtrusive and are easily missed when reading. The volume is well suited as university reading. Each chapter has suggestions for further study.Although intended for the classroom, these cases can readily be used for group discussions in the workplace. There is no single right or wrong answer to these topics; they are brain stimulators.
rrsrrvrd.
0167-4048/92/$5.00 0
1992,
Elsevier Science Publishers Ltd
Computers & Security, Vol. I 7, No. 7
The MOD Squad
-
Hacker vs Hacker
Earlier this year a federal grand jury in New York indicted five hackers on charges of breaking into some of the most sensitive computers used by major corporations in the USA and stealing their data files as well as disrupting their service. Among the known victims of this hacker ring was a Who’s Who of American business. Among the reported companies were:
pleaded not guilty during their charged with 11 counts to commit puter crimes: l
Eavesdropping switched
on phone
Eavesdropping
l
Intercepting
l
Owning computer equipment
l
Reprogramming
data transmissions cracking
Southwestern
l
BT North
l
New York Telephone
l
Stealing
passwords
l
Pacific Bell
l
Stealing
credit profiles
l
U.S. West, Inc.
l
Selling
l
Martin
l
Destroying
l
Causing
Marietta
(Tymnet)
Electronics
Information
S: Missile
Group l
from public
on data transmissions
l
America
conversations
networks
l
Bell
arra&gnment, were a number ofcom-
phone
hardware
company
and software
computer
switches
credit profiles computers
losses of $370 000
Bugle Boy Industries A Cybernetic V&ion
*ITT
of West Side Story
l
Information
America,
l
TRW
l
Transunion
l
Channel
l
New York Universiq
l
University
l
Bank of America
Information
Inc.
Services
Corporation 13, Public
Broadcasting
System
(NYC)
ofwashington
There were reports that the hackers also penetrated several U.S. government agencies,some supposedly with ‘secure’ systems.
What makes the case most interesting is not that it is the most extensive theft of computer information but the revelation of how they were caught by the authorities. Winn Schwartau. editor of Scctrrit)~ hsidcr Report [I], presented a detailed account of this incident in his newsletter. As Schwartau noted: “That’s the way the whole thingstarted;silly but it’s true. From 1980 through the end of 1991 ,a so-called ‘Hacker War’ was waged on Corporate America’s information infrastructure of computers and communications systems.” It was not until some two or three months before the arrest of the hackers that the FBI began its investigation.
The five hackers referred to themselves as Masters of I>eception and at times as Masters of 11estruction. They did not match the hacker prototype profile -educated youths ofwell-to-do parents. Instead they are a polyglot representation of Ne\v York blue-collar workers. Reportedly they used inexpensive PCs and modems. All
593
H. J. Highland/Random Bits & Bytes
To understand the ‘gang war’ aspect of the case we must go back to the former L#~n (zf Doonz, LoD, of a few years back. Several members were convicted but two, Chris Goggens and Scott Chasin were not. They started their own computer consulting company, Comsec Data, in mid- 199 1. As Schwartau reported “Corporate America could not bring itself to hire es-hackers to work on their security problems. Business was bad. Some people ripped them off; the press was negative.” “But the Comsec Data boys were busy. Very busy. They were collecting evidence and claim they turned in the accused MOD hackers to the authorities.” Schwartau published an extensive interview with the two in his newsletter. It appears that one of the members of MOD, Mark Abene, who used the code-name Phiber Optik had “offended” them. Because of Abene’s technical knowledge of hacking, he and the members of LoD reportedly agreed to exchange information. However, Phiber Optik never lived up to his end of the bargain; as. Schwartau noted: “a big no-no in underground cyberspace.”
Integrity in Automated Information [C Echicaal Report 79-9 I] pp. s+ 134
Systems
For some time, both integrity and confidentiality have been regarded as inherent parts of information security. However, in the past, more emphasis has been placed on the standardization ofconfidentiality properties oicon~puter systems. This paper shows that there is a significant amount of information available about integrity and integrity mechanisms, and that such information can be beneficial in starting to formulate standardizing criteria. It goes beyond the definition of integritv and provides material that will be useful to system designers, criteria developers, and those individuals trving to gain a better understanding of the concepts 0; data and systems integrity. This paper provides foundational mat;rial to continue the efforts toward developing criteria for building products that preserve and promote integrity. A Guide to Understanding Identification Authentication in Trusted Systems [ NCSC0 17j pp. iv+30
and TG-
“Hurt feelings, misunderstanding, he-said-she-said, yesyou-did no-I-didn’t. Using America’s information infrastructure some hackers launched some electronic attacks against other hackers. The conflict escalated and hurt innocent people and companies. A few hackers lost. They got busted.”
This volume provides a set of good practices related to identification and authentication (I A). We have written this guideline to help the vendor and evaluator community understand the requirements for I A as well as the level of detail required of I A at all classes, as described in the IIcp~vmc~~t c$Dcfiv~~* 7hrstcd Corrp~tcr Systc’rrrsEm/l/otkv/ Critc'r.icl. In‘an &l&t to provide guidante, recommc~~datio~~s are made in this technical guideline that are not requirenlents in the Criteria.
NCSC volumes of interest
A Guide to Understanding Data Remanence in Automated Information Systems [IZ’CSC-TC02.5, I ?rr\iorr -31 pp vi++)
The Ijrsi&r Report article concluded:
For readers interested in truytcd systems several volumes have been added to the ‘Rainbo\v Series.’ A f&v are updates of earlier volumes. some published some seven years ago, and a fexv are ne\\- additions. Those interested with: National Security
in the volume
should
communicate
A~:L’IIc)~
Attention: CHl Standards. Criteria and Guidelines Division 9800 Savage Road Fort George G. Meade, Ml) 307554000, USA
594
The revised manual [superseding CSC-STIX-OU5-85 of November 19X5] is intended 6x USC by personnel responsible for the secure handling ofsensitive or classitied autoInated information system memory and secondary storage media. It is important that they be aware of the retentive properties of such media, the known risks in attempting to erase and release it, and the approved security procedures that will help prevent disclosure of sensitive or classified information.
Computers & Security, Vol. I 1, No. 7
A Guide to Writing the Security Features User’s Guide for Trusted Systems [XCSC-TG-024 pp. v+35 This new volume expands on the Trusted Computer System Evallratiort Critrria requirement for a Security Features User’s Guide by discussing the intent behind the requirement and the relationship it has to other requirements in the i’hrstcd Computer Systems Evahatiorr Criteria. The guide’s target audience is the author of the Security Features User’s Guide for a specific trusted system undergoing evaluation as a trusted product; however, many of the recommrndations apply to any system that must satis@ the TrtrstcdComputer System Evaluation Criteria requirements. A Guide to Understanding Trusted Recovery in Trusted Systems (LVCSC-TG-O02, tirsiorl I] pp. iv+57 This is the latest in a series of technical guidelines published by the National Computer Security Center. The publication provides insight to the TnrstedCornprctcr Systems Eva~~ratior~ Criteria requirements for the computer security vendor and technical evaluator. The goal of the Technical Guideline Program is to discuss each feature of the criteria in detail and to provide the proper interpretations with specific guidance. A Guide to Understanding Information System Security Officer Responsibilities for Automated Information Systems [NCSC-TG-02 7, VersiorlI] pp. vii+62 This volume helps Information System Security Officers (ISSOs) understand their responsibilities for implementing and maintaining security in a system.The system may be a remote site linked to a network, a stand-alone automated information system, or workstations interconnected via a local area network. This guideline also discusses the roles and responsibilities of other individuals who are responsible for security and their relationship to the ISSO, as defined in various component regulations and standards. Integrity-oriented Control Objectives: Proposed Revisions to the Trusted Computer System Evaluation Criteria (TCSEC), DOD 5200.2% STD [C Tehrkal Report 11 l-921 pp. vii+131 Control
objectives,
as they apply to automated
informa-
tion systems, express fundamental computer security requirements and serve as guidance to the development of more specific systems evaluation criteria. Within the Department of Defense, the control objectives contained in the Trusted Computer Systems Evaluation Criteria (TCSEC), DOD 5200.2%STD. are of primary concern to the development of product evaluation criteria. The TCSEC’s scope is currently confined to address only confidentiality protection of information. This document is intended to extend the scope of the TCSEC so that the control objectives, contained therein, will also address the protection of information and computing resource integrity. The document provides new and modified statements of control objectives along with discussion and rationale for their inclusion or revision. The basis in Federal law and policy for the revised control objectives is discussed and a summary of each law and policy used in the derivation of the revisions is provided. The document is intended to be used as a strawman to foster further research and debate leading to a new standard for evaluation criteria that encompasses both integrity and confidentiality.
For the ecology minded This Journal is devoted to computer security but without the security of our environment there will be little need for computer security. Anyone who has been in a mainframe centre is aware of the spewing forth of printed pages from high speed printers. The laser printer with our microcomputer uses countless reams of paper every month. Here is a security product to aid our environment. TreeSaver [2] is a unique sofnvare utility for laser printers to save the forests and help reduce paper costs. It is possible to print two, three, four or more pages on a single sheet of paper. In “photo reduction” mode, we obtain readable copies of material, especially of shortlived and/or temporary copy. The utility works with many different word processors, including WordPerfect,
programs dI3ase,
and
121 Discovercraft, Inc, 1516 Oak Street, Alameda, Telephone: 510-76’1-2902. Fax: 510-769-0149.
CA 94501
USA.
595
H. J. Highland/Random Bits & Bytes
\k_r
during printed
4
JRtNl RERPR VIRQJ VTLUJ HAOER PFGBC 'J.RFM Sf!EVGFNFFV RAQJF DHMI EAFJV FFbBA FFGBCTBSUY
w-.ugc
BEMU NGJRF GNEffiBCBZO QRQJ MOJV ATJW Ym TAROG NETRG FJMJ FWEG WHFR GJBG9 AFCE.?DFSBE HPXOIDNALHGIHI) LCRAH
aRo1 BSSNG CEZDF ORM OJIlR
RCHET RGFNG M?EEF vK(;w GZICQJRAVAG FNECR u3BZO ED)HAMM3coN
bl?EE%R EGLNA UlAoG VATN MS2
HlETX ALTST WIK sM)YP VSTIY
VXISJ WTX-V KJCOZ KXYDR M)HRu
XLlMl JSXJH NGTUZ cBw(D NPTBA
OoIXd IRGIG SITM JSTKY N0RD TKLUX BSNF'YBmZl FYXIU TTEJO
MTLIV GTJCX MJHTU DPYEQ ZNKSG MCDE PYBDR cLM)I RiTS.4UJTPV
KVXUI MYZIV R*x)I DILPL WCIt!
MGT RU4tD IQITL LIM CRKNX
KXJYC PYBID XJIRG M)TNG KTvNS
Lotus 1-2-3, I’FS ProSeries and QA. The is application independent and even handles and graphics images, scaling them very quickly
TreeSaver is available for $X9.93 $49.95 for DeskJet printers,plus charge.
Problems and solutions -
Postal
address:
Dr. H arold Joseph
Highland,
of a doublr-
Compulit,
for Laserjet printers and a handling and shipping
Q: and A:
Over the years we have received letters, telephone calls, fax and electronic security-related problems they face. We would like to extend that service availed themselves of our assistance.
[l]
1 is an illustration
Those who remember the small microcomputer mnuals which were introduced by IBM will find this product very useful. I prefer to keep all program documentation in this form and have plenty ofold manuals from old programs Lvhich are obsolete and no longer used. The company sells pre-punched paper on which one can print two pages at a time. I do this whenever 1 receive the documentation for a program on disk.
FiLgure 1.
Quicken, program soft fonts
Fig
Producing Manuals
Ii
XLFCM STBJB GTJPK OYSXO UITCU
printing. page.
mail from readers about security to all readers who have heretofore
Inc, 56 2 Croydon
Road,
Ehnont,
NY
and not
1 1003-38
l-l,
USA [2] Electronic mail: [email protected] [3] Telex:
[email protected] [m Internet address which
[+ l] 650.106.5013
[which
is routed
through
[which is interconnected with Internet] or is used as a backup; this mail is read less frequently]. MCI
High-
mail].
[4] Fax: [+ l] 516.4XH.6K6X [Because we use a Fax board in our microcomputer this requires letting the telephone begin Fax transmission. This service is available only during office ring once and hanging up. Within 3 minutes hours.]
Multiple
Cot&urations
Q: Because puters are attempting require for ductivity. CONFIG.SYS
596
many of the ne\v programs for microcommemory hogs, we have great difficulty in to run them because of the many TSRs we security, virus protection and boosting proTherefore lye have to use different and AUTOEXECBAT files for pro-
gram times
execution. Because of the programs we now have six diKerent set-up.
WC run
at
Some users forget to restore our basic configuration when they have completed running one of the larger programs. When they reboot the system it comes up without the necessary virus protection and productivity tools. Is there any simple way to overcome this difficulty?
Computers & Security, Vol.
Fig.
A: One way is to use an upper memory manager but we realize that this may not always work. We use several elements of anti-virus programs but a few must be loaded in lower memory. We found a solution by installing “EasyBoot” (3) which permits us to use several diGrent configurations but always restores the system to its basic configuration, ready for the next rebooting. On our system we have five configurations [1]
Conventional drives and program.
available:
MA 02146,
7
2
[2]
Windows configuration which does not work with our high-speed cache but uses the DOS version.
(31
Fast-Load co&guration which eliminates several drivers and TSRs so that we can access our system quickly.
[41
FAX configuration to install our Fax board quickly when we expect to receive a facsimile message. We do not have this program active at all times.
t51
No-Print-Queue eliminates a megabyte
configuration with all necessary TSRs and a high-speed cache
131 Clear Software. Inc. 385 Elliot Street, Newton, Single unit price LS$19.95.
7 1, No.
configuration which of hard disk file since that
USA.
597
H. J. Highland/Random Bits & Bytes
queue program conflicts with operations which are performed
[61
certain security periodically.
Minimum configuration in which there are a very limited number of device drives and TSKs so that we have almost 640K of lower memory available to program evaluation.
The EasyBoot program is in our path statement and calling the program causes a reboot screen, shown in Fig 2, to appear. Selecting the proper letter causes the system to reboot with the desired configuration. We have added one additional line to each of the non-conventional configurations; this copies the conventional AUTOEXEC.BAT and CONFIG.SYS files to the C-drive so that our standard configuration is used on any reboot.
Name Name
1 2 3 4 5 6 7 8 9 A B C
of of
Input Output
File? b:pyro.asc File? b:pyro.new
EXIT WordPerfect to another format Aevlsable-Form-Text (IBM DCA Format) to #ordPerfect Final-Form-Tert (IBM OCA Format) to WordPerfect Navy OIF Standard to WordPerfect WordStar 3.3 to WordPerfect MultIMate Advantage II to WordPerfect Seven-Bit Transfer Format to WordPerfect WordPerfect 4.2 to WordPerfect 5.1 Mall Merge to WordPerfect Secondary Merge Spreadsheet DIF to WordPerfect Secondary Merge Word 4. to WordPerfect DxplayWrlte to WordPerfect
Enter
number
of
Conversion
It is also possible to obtain a choice in configurations by having this program appear immediately upon boot-up. It appears immediately after the CONFIG.SYS file has been executed. If you have a long CONFIG.SYS file it is best to replace the basic CONFIG.SYS with a short ‘dummy’ file so that it will appear more quickly. One final note about excess files on the hard disk. When EasyBoot is installed it creates 15 copies of the AUTOEXEC.BAT and CONFIG.SYS fdes. These can be edited to meet one’s needs. Any boot options that are not used [shown as “Set is not defined”] can be deleted from the hard disk.
desired
Fig. 3
Name Name
1 2 3 4 5 6 7 8
of of
Input Output
File? b:test File? b:test.new
EXIT Revisable-Form-Text (IBM DCA Format) Final-Form-Text (IBM DCA Format) Navy DIF Standard WordStar 3.3 MultiMate Advantage II Seven-Eat Transfer Format ASCII Text File WordPerfect Secondary Merge to Spreadsheet
Enter
number
of
output
file
fornlat
DIF
desired
Data File Converter Q: We have standardized our word processing using Wordl’e&ct, version 5.1. In the past we used Word 4 as well as an earlier version of WordPerfect. Periodically we have to search our old files for updating and this requires conversion. Also we transmit a number of our documents and need to convert them into ASCII format. Is there any program we can use within our current version 5.1 to transform older documents and to prepare transmission copy without exiting from WordPerfect?
598
Fig. 4
A: In Volume 1 1 Number 5 we recommended two file conversion programs to one of our readers. You might be interested in WordPerfect’s File Conversion utility. [4] Using this utility anyone can shell to DOS [Ctrl+Fl]. It is then possible to change to the WI’ directory and call the conversion program. Fig 3 shows the initial screen where one is prompted for the path and names of the input and output files. Twelve conversion choices are available. Once this is made conversion is done by the program. Ifyou wish to go from WordPerfect to another format, Fig 4 appears with its eight choices.
Computers & Security, Vol. I 1, No. 7
NTIS volumes of interest The National Technical Information Service (NTIS) is a self-supporting agency of the US Department of Commerce. It provides access to the results of both US and foreign government-sponsored research and development and engineering activities. For copies of any of the publications we consider of interest to computer security directors and personnel, you can communicate with: U.S. Department of Commerce National Technical Information 5285 Port Royal Road Springfield, VA 22161, USA Orders: +I 703 487-4650 Telex: 89-9405 or 64617 FAX: +l 703 321-8547
Service
Traceability and Conformance in Secure Systems G.P. Randell and C.T. Sennett, Royal Signals and Radar Establishment, Malvern (UK), August 1991,3Ipp., ADA242 176/6/WCC. Traceability in a software intensive system is the ability to link statements of requirement with the implementation objects which satisfy them and the means used to demonstrate conformance. This report discusses the problems of maintaining traceability when developing large secure systems and the ways in which technology may be used to support it. What One Should Know About Public Key Algorithms - Today T. Beth, S. Vanstone and G. Agnew, Europaisches Inst. I% Systemsicherheit, Karlsruhe (Germany), 1989, 17pp., TIB/A9 l-02 I 5 1/WCC. The importance of the concept of public key algorithms has been well recognized by the general public of users and the industry. Although the superior usefulness of public key algorithms for the purposes ofdata confidentiality, integrity and authenticity has been well recognized, the availability of commercial products is still somewhat behind the outstanding results that have been provided by the research community during the last few years. The purpose of this talk is to give an introduction to the technology of current public algorithms. Emphasis will be placed on a comparison of the RSA- and DL- based public key systems especially in
view of the features of the most advanced ECDL-systern. (Available from TIB Hanover: RR 631(1990,4).) Integrity and Security in an Ada Runtime Environment R.L. Brown, Research Inst. for Advanced Computer Science, Moffett Field, CA, USA, June 1991, 9pp., N92-10313/4/WCC. A review is provided of the Formal Methods group discussions. It was stated that integrity is not a pure mathematical dual of security. The input data is part of the integrity domain. The group provided a road map for research. One item of the road map and the final position statement are closely related to the space shuttle and space station. The group’s position is to use a safe subset of Ada. Examples of safe sets include the Army Secure Operating System and the Penelope Ada verification tool. It is recommended that a conservative attitude is required when writing Ada code for life and property critical systems. Security in ISDN W.E. Burr, National Inst. of Standards and Technology, Gaithersburg MD, USA, September 1991,77pp., PB9211639I/WCC. The Integrated Services Digital Network (ISDN) standards will provide worldwide digital communications service and will play a key role in the transition to electronic documents and business transactions. ISDN has been developed with little thought to security. ISDN security will become a pressing concern for both government and business. ISDN’s digital nature facilitates adding security, but the deployment of ISDN in the public network is well under way and the present investment in ISDN equipment, as well as the commercial necessity to deploy ISDN in a timely manner, contains how security features may be added. ISDN security standards should take advantage of, and be compatible with, emerging standards for Open Systems Interconnection (OSI) security. International Standard 7498-2 defines five security services for OSI: Confidentiality, Access Control, Authentication, Data Integrity and Non-repudiation. The challenge of ISDN security is to extend these concepts to all ISDN applications, including voice use of the public network. Terminal-toterminal link encryption provides a powerful ISDN security mechanism because of ISDN’s ability to provide circuit switched connections throughout the
599
H. J. Highland/Random Bits & Bytes
world.
A users is
for the needed
for
authentication security.
Human Factors in Network Security F.B. Jones, Naval Postgraduate School, Monterey USA, March 1991,ll Opp., ADA243 110/4/WCC.
of
CA,
Human factors, such as ethics and education, are inportant in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls. Object-Oriented Approach to Security Policies and their Access Controls for Database Management D.K. Hsiao, Naval Postgraduate School, Monterey CA, USA, September 1991,38pp., AD-A243 268/O/WCC. The constructs of the object-oriented data model seem to be good candidates for the specifications of the need-to-know and multilevel security policies and their respective access control requirements.This report demonstrates such specifications. The implication of this demonstration may be profound, since for the first time multiple security policies and their respective access controls may be realized and supported in a single object-oriented database management system. Computer Security: Unauthorized Access to a NASA Scientific Network. Report to the Chairman, Committee on Science, Space, and Technology, House of Representatives S.W. Bowlin, General Accounting Office, Washington DC, Information Management and Technology Div., November 1989,l c)pp_, N92-13673/8/WCC. SPAN is a worldwide computer network linking computers used by scientists conducting NASA space and earth science research. Authorized users from almost anywhere in the world can connect to a computer on SPAN using a home computer and the public telephone system. NASA records show that between 1981 and March 1989. unauthorized users successfully gained access dozens of times to SPAN computers located at NASA and another Federal agency. Because
600
SPAN was designed
to facilitate
the exchange
of scientific information, NASA has to balance the desire for convenience and openness with the need to protect valuable scientific data from unauthorized users. NASA has taken or is in the process of taking some actions in response to the security incidents, but they have not performed a security risk analysis for SPAN and therefore do not know the extent of the network’s vulnerabilities or the kinds and level of security precautions that should be taken. The General Accounting Office (GAO) recommends that the NASA Administrator should: (1) ensure that a risk analysis of SPAN is perfbrmcd and documented; (2) ensure that NASA, in cooperation with the SPAN users, institutes the security measures developed as a result of the risk analysis;and (3) continue to report the computer security area as a material internal control weakness in the year’s report to the President and the Congress, and discuss the actions that will be taken to correct the weakness. Establishing a Computer Security Incident Response Capability (CIRC) J.P. Wac, National Inst. of Standards and Technology (CBS), Gaithersburg MD. USA, November 1991, p., PB92-12314O/WCC. Government agencies and other organizations have begun to augment their computer security efforts because of increased threats to computer security. Incidents involving these threats, including computer viruses, malicious user activity, and vulnerabilities associated with high technology, require a skilled and rapid response before they can cause significant damage.These increased computer security efforts, described here as Computer Security Incident Response Capabilities (CSIRCs) have as a primary focus the goal of reacting quickly and etliciently to computer security incidents. CIRC efforts provide agencies with a centralized and cost-effective approach to handling computer security incidents so that future problems can be efficiently resolved and prevented. While the risks to computer security have increased, agencies have also become more dependent on computers. Many systems in widespread use today do not contain safeguards to guarantee protection from these threats. Additionally. as systems become more complex, they are more prone to vulnerabilities that can increase the risk of malicious exploitation. Due to greater avai-
Computers & Security, Vol. I I, No. 7
lability of computers, users are often de facto system managers; however many have neither the requisite skills nor time to manage their systems effectively. These factors make it clear that agencies need to augment their computer security capabilities before they suffer from serious computer security problems that can harm their missions, result in significant expense, and tarnish their images. A CIRC can help agencies resolve computer security problems in a way that is both efficient and cost-effective. Combined with policies for centralized reporting, a CIRC can reduce waste and duplication while providing a better posture against potentially devastating threats. A CIRC is a proactive approach to computer security, one that combines reactive capabilities with active steps to prevent future incidents from occurring. Bibliography for Computer Security, Integrity, and Safety R.L. Brown, Research Inst. for Advanced Computer Science, Moffett Field, CA, USA, August 1991,62 pp., N92-12439/5/WCC. A bibliography ofcomputer security,integrity and safety issues is given. The bibliography is divided into the following sections: recent national publications; books; journals, magazine articles and miscellaneous reports; conferences, proceedings and tutorials; and government documents and contractor reports. Integrating Security in a Group Oriented Distributed System M. Reiter, K. Birman and L. Gong, Cornell University, Ithica, NY, USA, October 1991, 27pp., N9214656/2/WCC. A distributed security architecture is proposed for incorporation into group oriented distributed systems and, in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to preserve the Isis abstractions in hostile environments. These abstractions include process groups and causal and atomic group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus here is on the security architecture; particular security protocols and cryptosysterns are not emphasized.
Professor Harold Joseph Highland, FICS is Managmg IXrrctor ofCompulit. Inc. [Ehnont. NY, USA] and heads I[$ MIcrocomputer Security Laboratory. He retired over a decade ago \vlth the rank of IIistin@shed Professor from the State University of Ne\v York. He is the foundins editor of Computers & Security. Ac Editor-in-Chief Emeritus. he \vrnes hit “K
Chamnan of IFIP/WG 11.8 on information and trainmg, an international committee industry government and unnwsities,
@President non-profit l
of the Virus organizanon,
Chairman
of thr ACM
l Associate Queensland l
and cperchrs Dr. Highland security. He is:
Public
Security
Intrrnational
conducts
trcurlty education of rnembcrs from
Instnute,
an
international
Plan Task Force,
of the Information Security Research Centre of Unwersity of Technoloq [Brisbane, Australial, and
Information
Offxer
Federation for Information on information securq.
of IFII’ITC l’rocrssmg’s
I1 [the International
Technical
Committee
11)
Professor Highland 1s cour~rd to the Computer Security Technical Comnnttre of the Chinese Computer Federation [Beijing. l’l
601
Random Bits & Bytes Dr Harold Joseph Highland, FIGS Editor-in-Chief
Emeritus
Computer Ethics Normally I do not start this column with a book review but here is a special book that should be read by everyone in computing, and particularly those in computer security. Although it was published earlier this year, I did not receive a copy until a warm day in July. Since it was a relatively short book, about 200 pages, I began to read it shortly after dinner. And I kept on reading it well into the night until I finished it. I have repeatedly picked it up to read a specific chapter or two before I write some articles or go to conduct a workshop. According is twofold:
to its two authors,
the basic aim of this book
[‘I
to describe some of the problems society by computers, and
[?I
to show dilemmas computer
created
for
how these problems present ethical for both computer professionals and users.
Title:
Author:
Tom Forester
Publisher:
The MIT Press, 55 Hayward Street. Cambridge, MA 02142 USA. viii+ 193 pages [softcover]. Price $12.50.
C Compul~t.
592
Inc, 1992. All rights
and Perry Morrison
This excellent volume is well-written and contains numerous well-documented ethical computer problems. The book evolved from the authors’ previous writing but particularly from their experiences when teaching two courses on the human and social context of computing to computer science students at Griffith University. Possibly my own enthusiasm for this book is the concise and interesting way the authors have presented the moral issues we face. After an introductory chapter explaining our computerized society, the authors explore numerous critical topics. Computer crime is presented without the highly emotional approach we have so often read and/or heard from specialists. Among some of the other topics are: theft of computer software, hackers and the problems they have created, computer viruses, health danger from Vl>Ts (VDUs), the invasion of privacy. I particularly liked their treatment of the unreliability of computers [see the note on quality assurance in the previous Random Bits & Bytes column]. Their analysis of Al and expert systems is free from the usual hype we find in many articles and books. The chapter on “Computerizing the Workplace” should be read by every computer security director; it definitely would help in formulating a security awareness program. The book’s many footnotes are unobtrusive and are easily missed when reading. The volume is well suited as university reading. Each chapter has suggestions for further study.Although intended for the classroom, these cases can readily be used for group discussions in the workplace. There is no single right or wrong answer to these topics; they are brain stimulators.
rrsrrvrd.
0167-4048/92/$5.00 0
1992,
Elsevier Science Publishers Ltd
Computers & Security, Vol. I 7, No. 7
The MOD Squad
-
Hacker vs Hacker
Earlier this year a federal grand jury in New York indicted five hackers on charges of breaking into some of the most sensitive computers used by major corporations in the USA and stealing their data files as well as disrupting their service. Among the known victims of this hacker ring was a Who’s Who of American business. Among the reported companies were:
pleaded not guilty during their charged with 11 counts to commit puter crimes: l
Eavesdropping switched
on phone
Eavesdropping
l
Intercepting
l
Owning computer equipment
l
Reprogramming
data transmissions cracking
Southwestern
l
BT North
l
New York Telephone
l
Stealing
passwords
l
Pacific Bell
l
Stealing
credit profiles
l
U.S. West, Inc.
l
Selling
l
Martin
l
Destroying
l
Causing
Marietta
(Tymnet)
Electronics
Information
S: Missile
Group l
from public
on data transmissions
l
America
conversations
networks
l
Bell
arra&gnment, were a number ofcom-
phone
hardware
company
and software
computer
switches
credit profiles computers
losses of $370 000
Bugle Boy Industries A Cybernetic V&ion
*ITT
of West Side Story
l
Information
America,
l
TRW
l
Transunion
l
Channel
l
New York Universiq
l
University
l
Bank of America
Information
Inc.
Services
Corporation 13, Public
Broadcasting
System
(NYC)
ofwashington
There were reports that the hackers also penetrated several U.S. government agencies,some supposedly with ‘secure’ systems.
What makes the case most interesting is not that it is the most extensive theft of computer information but the revelation of how they were caught by the authorities. Winn Schwartau. editor of Scctrrit)~ hsidcr Report [I], presented a detailed account of this incident in his newsletter. As Schwartau noted: “That’s the way the whole thingstarted;silly but it’s true. From 1980 through the end of 1991 ,a so-called ‘Hacker War’ was waged on Corporate America’s information infrastructure of computers and communications systems.” It was not until some two or three months before the arrest of the hackers that the FBI began its investigation.
The five hackers referred to themselves as Masters of I>eception and at times as Masters of 11estruction. They did not match the hacker prototype profile -educated youths ofwell-to-do parents. Instead they are a polyglot representation of Ne\v York blue-collar workers. Reportedly they used inexpensive PCs and modems. All
593
H. J. Highland/Random Bits & Bytes
To understand the ‘gang war’ aspect of the case we must go back to the former L#~n (zf Doonz, LoD, of a few years back. Several members were convicted but two, Chris Goggens and Scott Chasin were not. They started their own computer consulting company, Comsec Data, in mid- 199 1. As Schwartau reported “Corporate America could not bring itself to hire es-hackers to work on their security problems. Business was bad. Some people ripped them off; the press was negative.” “But the Comsec Data boys were busy. Very busy. They were collecting evidence and claim they turned in the accused MOD hackers to the authorities.” Schwartau published an extensive interview with the two in his newsletter. It appears that one of the members of MOD, Mark Abene, who used the code-name Phiber Optik had “offended” them. Because of Abene’s technical knowledge of hacking, he and the members of LoD reportedly agreed to exchange information. However, Phiber Optik never lived up to his end of the bargain; as. Schwartau noted: “a big no-no in underground cyberspace.”
Integrity in Automated Information [C Echicaal Report 79-9 I] pp. s+ 134
Systems
For some time, both integrity and confidentiality have been regarded as inherent parts of information security. However, in the past, more emphasis has been placed on the standardization ofconfidentiality properties oicon~puter systems. This paper shows that there is a significant amount of information available about integrity and integrity mechanisms, and that such information can be beneficial in starting to formulate standardizing criteria. It goes beyond the definition of integritv and provides material that will be useful to system designers, criteria developers, and those individuals trving to gain a better understanding of the concepts 0; data and systems integrity. This paper provides foundational mat;rial to continue the efforts toward developing criteria for building products that preserve and promote integrity. A Guide to Understanding Identification Authentication in Trusted Systems [ NCSC0 17j pp. iv+30
and TG-
“Hurt feelings, misunderstanding, he-said-she-said, yesyou-did no-I-didn’t. Using America’s information infrastructure some hackers launched some electronic attacks against other hackers. The conflict escalated and hurt innocent people and companies. A few hackers lost. They got busted.”
This volume provides a set of good practices related to identification and authentication (I A). We have written this guideline to help the vendor and evaluator community understand the requirements for I A as well as the level of detail required of I A at all classes, as described in the IIcp~vmc~~t c$Dcfiv~~* 7hrstcd Corrp~tcr Systc’rrrsEm/l/otkv/ Critc'r.icl. In‘an &l&t to provide guidante, recommc~~datio~~s are made in this technical guideline that are not requirenlents in the Criteria.
NCSC volumes of interest
A Guide to Understanding Data Remanence in Automated Information Systems [IZ’CSC-TC02.5, I ?rr\iorr -31 pp vi++)
The Ijrsi&r Report article concluded:
For readers interested in truytcd systems several volumes have been added to the ‘Rainbo\v Series.’ A f&v are updates of earlier volumes. some published some seven years ago, and a fexv are ne\\- additions. Those interested with: National Security
in the volume
should
communicate
A~:L’IIc)~
Attention: CHl Standards. Criteria and Guidelines Division 9800 Savage Road Fort George G. Meade, Ml) 307554000, USA
594
The revised manual [superseding CSC-STIX-OU5-85 of November 19X5] is intended 6x USC by personnel responsible for the secure handling ofsensitive or classitied autoInated information system memory and secondary storage media. It is important that they be aware of the retentive properties of such media, the known risks in attempting to erase and release it, and the approved security procedures that will help prevent disclosure of sensitive or classified information.
Computers & Security, Vol. I 1, No. 7
A Guide to Writing the Security Features User’s Guide for Trusted Systems [XCSC-TG-024 pp. v+35 This new volume expands on the Trusted Computer System Evallratiort Critrria requirement for a Security Features User’s Guide by discussing the intent behind the requirement and the relationship it has to other requirements in the i’hrstcd Computer Systems Evahatiorr Criteria. The guide’s target audience is the author of the Security Features User’s Guide for a specific trusted system undergoing evaluation as a trusted product; however, many of the recommrndations apply to any system that must satis@ the TrtrstcdComputer System Evaluation Criteria requirements. A Guide to Understanding Trusted Recovery in Trusted Systems (LVCSC-TG-O02, tirsiorl I] pp. iv+57 This is the latest in a series of technical guidelines published by the National Computer Security Center. The publication provides insight to the TnrstedCornprctcr Systems Eva~~ratior~ Criteria requirements for the computer security vendor and technical evaluator. The goal of the Technical Guideline Program is to discuss each feature of the criteria in detail and to provide the proper interpretations with specific guidance. A Guide to Understanding Information System Security Officer Responsibilities for Automated Information Systems [NCSC-TG-02 7, VersiorlI] pp. vii+62 This volume helps Information System Security Officers (ISSOs) understand their responsibilities for implementing and maintaining security in a system.The system may be a remote site linked to a network, a stand-alone automated information system, or workstations interconnected via a local area network. This guideline also discusses the roles and responsibilities of other individuals who are responsible for security and their relationship to the ISSO, as defined in various component regulations and standards. Integrity-oriented Control Objectives: Proposed Revisions to the Trusted Computer System Evaluation Criteria (TCSEC), DOD 5200.2% STD [C Tehrkal Report 11 l-921 pp. vii+131 Control
objectives,
as they apply to automated
informa-
tion systems, express fundamental computer security requirements and serve as guidance to the development of more specific systems evaluation criteria. Within the Department of Defense, the control objectives contained in the Trusted Computer Systems Evaluation Criteria (TCSEC), DOD 5200.2%STD. are of primary concern to the development of product evaluation criteria. The TCSEC’s scope is currently confined to address only confidentiality protection of information. This document is intended to extend the scope of the TCSEC so that the control objectives, contained therein, will also address the protection of information and computing resource integrity. The document provides new and modified statements of control objectives along with discussion and rationale for their inclusion or revision. The basis in Federal law and policy for the revised control objectives is discussed and a summary of each law and policy used in the derivation of the revisions is provided. The document is intended to be used as a strawman to foster further research and debate leading to a new standard for evaluation criteria that encompasses both integrity and confidentiality.
For the ecology minded This Journal is devoted to computer security but without the security of our environment there will be little need for computer security. Anyone who has been in a mainframe centre is aware of the spewing forth of printed pages from high speed printers. The laser printer with our microcomputer uses countless reams of paper every month. Here is a security product to aid our environment. TreeSaver [2] is a unique sofnvare utility for laser printers to save the forests and help reduce paper costs. It is possible to print two, three, four or more pages on a single sheet of paper. In “photo reduction” mode, we obtain readable copies of material, especially of shortlived and/or temporary copy. The utility works with many different word processors, including WordPerfect,
programs dI3ase,
and
121 Discovercraft, Inc, 1516 Oak Street, Alameda, Telephone: 510-76’1-2902. Fax: 510-769-0149.
CA 94501
USA.
595
H. J. Highland/Random Bits & Bytes
\k_r
during printed
4
JRtNl RERPR VIRQJ VTLUJ HAOER PFGBC 'J.RFM Sf!EVGFNFFV RAQJF DHMI EAFJV FFbBA FFGBCTBSUY
w-.ugc
BEMU NGJRF GNEffiBCBZO QRQJ MOJV ATJW Ym TAROG NETRG FJMJ FWEG WHFR GJBG9 AFCE.?DFSBE HPXOIDNALHGIHI) LCRAH
aRo1 BSSNG CEZDF ORM OJIlR
RCHET RGFNG M?EEF vK(;w GZICQJRAVAG FNECR u3BZO ED)HAMM3coN
bl?EE%R EGLNA UlAoG VATN MS2
HlETX ALTST WIK sM)YP VSTIY
VXISJ WTX-V KJCOZ KXYDR M)HRu
XLlMl JSXJH NGTUZ cBw(D NPTBA
OoIXd IRGIG SITM JSTKY N0RD TKLUX BSNF'YBmZl FYXIU TTEJO
MTLIV GTJCX MJHTU DPYEQ ZNKSG MCDE PYBDR cLM)I RiTS.4UJTPV
KVXUI MYZIV R*x)I DILPL WCIt!
MGT RU4tD IQITL LIM CRKNX
KXJYC PYBID XJIRG M)TNG KTvNS
Lotus 1-2-3, I’FS ProSeries and QA. The is application independent and even handles and graphics images, scaling them very quickly
TreeSaver is available for $X9.93 $49.95 for DeskJet printers,plus charge.
Problems and solutions -
Postal
address:
Dr. H arold Joseph
Highland,
of a doublr-
Compulit,
for Laserjet printers and a handling and shipping
Q: and A:
Over the years we have received letters, telephone calls, fax and electronic security-related problems they face. We would like to extend that service availed themselves of our assistance.
[l]
1 is an illustration
Those who remember the small microcomputer mnuals which were introduced by IBM will find this product very useful. I prefer to keep all program documentation in this form and have plenty ofold manuals from old programs Lvhich are obsolete and no longer used. The company sells pre-punched paper on which one can print two pages at a time. I do this whenever 1 receive the documentation for a program on disk.
FiLgure 1.
Quicken, program soft fonts
Fig
Producing Manuals
Ii
XLFCM STBJB GTJPK OYSXO UITCU
printing. page.
mail from readers about security to all readers who have heretofore
Inc, 56 2 Croydon
Road,
Ehnont,
NY
and not
1 1003-38
l-l,
USA [2] Electronic mail: [email protected] [3] Telex:
[email protected] [m Internet address which
[+ l] 650.106.5013
[which
is routed
through
[which is interconnected with Internet] or is used as a backup; this mail is read less frequently]. MCI
High-
mail].
[4] Fax: [+ l] 516.4XH.6K6X [Because we use a Fax board in our microcomputer this requires letting the telephone begin Fax transmission. This service is available only during office ring once and hanging up. Within 3 minutes hours.]
Multiple
Cot&urations
Q: Because puters are attempting require for ductivity. CONFIG.SYS
596
many of the ne\v programs for microcommemory hogs, we have great difficulty in to run them because of the many TSRs we security, virus protection and boosting proTherefore lye have to use different and AUTOEXECBAT files for pro-
gram times
execution. Because of the programs we now have six diKerent set-up.
WC run
at
Some users forget to restore our basic configuration when they have completed running one of the larger programs. When they reboot the system it comes up without the necessary virus protection and productivity tools. Is there any simple way to overcome this difficulty?
Computers & Security, Vol.
Fig.
A: One way is to use an upper memory manager but we realize that this may not always work. We use several elements of anti-virus programs but a few must be loaded in lower memory. We found a solution by installing “EasyBoot” (3) which permits us to use several diGrent configurations but always restores the system to its basic configuration, ready for the next rebooting. On our system we have five configurations [1]
Conventional drives and program.
available:
MA 02146,
7
2
[2]
Windows configuration which does not work with our high-speed cache but uses the DOS version.
(31
Fast-Load co&guration which eliminates several drivers and TSRs so that we can access our system quickly.
[41
FAX configuration to install our Fax board quickly when we expect to receive a facsimile message. We do not have this program active at all times.
t51
No-Print-Queue eliminates a megabyte
configuration with all necessary TSRs and a high-speed cache
131 Clear Software. Inc. 385 Elliot Street, Newton, Single unit price LS$19.95.
7 1, No.
configuration which of hard disk file since that
USA.
597
H. J. Highland/Random Bits & Bytes
queue program conflicts with operations which are performed
[61
certain security periodically.
Minimum configuration in which there are a very limited number of device drives and TSKs so that we have almost 640K of lower memory available to program evaluation.
The EasyBoot program is in our path statement and calling the program causes a reboot screen, shown in Fig 2, to appear. Selecting the proper letter causes the system to reboot with the desired configuration. We have added one additional line to each of the non-conventional configurations; this copies the conventional AUTOEXEC.BAT and CONFIG.SYS files to the C-drive so that our standard configuration is used on any reboot.
Name Name
1 2 3 4 5 6 7 8 9 A B C
of of
Input Output
File? b:pyro.asc File? b:pyro.new
EXIT WordPerfect to another format Aevlsable-Form-Text (IBM DCA Format) to #ordPerfect Final-Form-Tert (IBM OCA Format) to WordPerfect Navy OIF Standard to WordPerfect WordStar 3.3 to WordPerfect MultIMate Advantage II to WordPerfect Seven-Bit Transfer Format to WordPerfect WordPerfect 4.2 to WordPerfect 5.1 Mall Merge to WordPerfect Secondary Merge Spreadsheet DIF to WordPerfect Secondary Merge Word 4. to WordPerfect DxplayWrlte to WordPerfect
Enter
number
of
Conversion
It is also possible to obtain a choice in configurations by having this program appear immediately upon boot-up. It appears immediately after the CONFIG.SYS file has been executed. If you have a long CONFIG.SYS file it is best to replace the basic CONFIG.SYS with a short ‘dummy’ file so that it will appear more quickly. One final note about excess files on the hard disk. When EasyBoot is installed it creates 15 copies of the AUTOEXEC.BAT and CONFIG.SYS fdes. These can be edited to meet one’s needs. Any boot options that are not used [shown as “Set is not defined”] can be deleted from the hard disk.
desired
Fig. 3
Name Name
1 2 3 4 5 6 7 8
of of
Input Output
File? b:test File? b:test.new
EXIT Revisable-Form-Text (IBM DCA Format) Final-Form-Text (IBM DCA Format) Navy DIF Standard WordStar 3.3 MultiMate Advantage II Seven-Eat Transfer Format ASCII Text File WordPerfect Secondary Merge to Spreadsheet
Enter
number
of
output
file
fornlat
DIF
desired
Data File Converter Q: We have standardized our word processing using Wordl’e&ct, version 5.1. In the past we used Word 4 as well as an earlier version of WordPerfect. Periodically we have to search our old files for updating and this requires conversion. Also we transmit a number of our documents and need to convert them into ASCII format. Is there any program we can use within our current version 5.1 to transform older documents and to prepare transmission copy without exiting from WordPerfect?
598
Fig. 4
A: In Volume 1 1 Number 5 we recommended two file conversion programs to one of our readers. You might be interested in WordPerfect’s File Conversion utility. [4] Using this utility anyone can shell to DOS [Ctrl+Fl]. It is then possible to change to the WI’ directory and call the conversion program. Fig 3 shows the initial screen where one is prompted for the path and names of the input and output files. Twelve conversion choices are available. Once this is made conversion is done by the program. Ifyou wish to go from WordPerfect to another format, Fig 4 appears with its eight choices.
Computers & Security, Vol. I 1, No. 7
NTIS volumes of interest The National Technical Information Service (NTIS) is a self-supporting agency of the US Department of Commerce. It provides access to the results of both US and foreign government-sponsored research and development and engineering activities. For copies of any of the publications we consider of interest to computer security directors and personnel, you can communicate with: U.S. Department of Commerce National Technical Information 5285 Port Royal Road Springfield, VA 22161, USA Orders: +I 703 487-4650 Telex: 89-9405 or 64617 FAX: +l 703 321-8547
Service
Traceability and Conformance in Secure Systems G.P. Randell and C.T. Sennett, Royal Signals and Radar Establishment, Malvern (UK), August 1991,3Ipp., ADA242 176/6/WCC. Traceability in a software intensive system is the ability to link statements of requirement with the implementation objects which satisfy them and the means used to demonstrate conformance. This report discusses the problems of maintaining traceability when developing large secure systems and the ways in which technology may be used to support it. What One Should Know About Public Key Algorithms - Today T. Beth, S. Vanstone and G. Agnew, Europaisches Inst. I% Systemsicherheit, Karlsruhe (Germany), 1989, 17pp., TIB/A9 l-02 I 5 1/WCC. The importance of the concept of public key algorithms has been well recognized by the general public of users and the industry. Although the superior usefulness of public key algorithms for the purposes ofdata confidentiality, integrity and authenticity has been well recognized, the availability of commercial products is still somewhat behind the outstanding results that have been provided by the research community during the last few years. The purpose of this talk is to give an introduction to the technology of current public algorithms. Emphasis will be placed on a comparison of the RSA- and DL- based public key systems especially in
view of the features of the most advanced ECDL-systern. (Available from TIB Hanover: RR 631(1990,4).) Integrity and Security in an Ada Runtime Environment R.L. Brown, Research Inst. for Advanced Computer Science, Moffett Field, CA, USA, June 1991, 9pp., N92-10313/4/WCC. A review is provided of the Formal Methods group discussions. It was stated that integrity is not a pure mathematical dual of security. The input data is part of the integrity domain. The group provided a road map for research. One item of the road map and the final position statement are closely related to the space shuttle and space station. The group’s position is to use a safe subset of Ada. Examples of safe sets include the Army Secure Operating System and the Penelope Ada verification tool. It is recommended that a conservative attitude is required when writing Ada code for life and property critical systems. Security in ISDN W.E. Burr, National Inst. of Standards and Technology, Gaithersburg MD, USA, September 1991,77pp., PB9211639I/WCC. The Integrated Services Digital Network (ISDN) standards will provide worldwide digital communications service and will play a key role in the transition to electronic documents and business transactions. ISDN has been developed with little thought to security. ISDN security will become a pressing concern for both government and business. ISDN’s digital nature facilitates adding security, but the deployment of ISDN in the public network is well under way and the present investment in ISDN equipment, as well as the commercial necessity to deploy ISDN in a timely manner, contains how security features may be added. ISDN security standards should take advantage of, and be compatible with, emerging standards for Open Systems Interconnection (OSI) security. International Standard 7498-2 defines five security services for OSI: Confidentiality, Access Control, Authentication, Data Integrity and Non-repudiation. The challenge of ISDN security is to extend these concepts to all ISDN applications, including voice use of the public network. Terminal-toterminal link encryption provides a powerful ISDN security mechanism because of ISDN’s ability to provide circuit switched connections throughout the
599
H. J. Highland/Random Bits & Bytes
world.
A users is
for the needed
for
authentication security.
Human Factors in Network Security F.B. Jones, Naval Postgraduate School, Monterey USA, March 1991,ll Opp., ADA243 110/4/WCC.
of
CA,
Human factors, such as ethics and education, are inportant in network information security. This thesis determines which human factors have significant influence on network security. Those factors are examined in relation to current security devices and procedures. Methods are introduced to evaluate security effectiveness by incorporating the appropriate human factors into network security controls. Object-Oriented Approach to Security Policies and their Access Controls for Database Management D.K. Hsiao, Naval Postgraduate School, Monterey CA, USA, September 1991,38pp., AD-A243 268/O/WCC. The constructs of the object-oriented data model seem to be good candidates for the specifications of the need-to-know and multilevel security policies and their respective access control requirements.This report demonstrates such specifications. The implication of this demonstration may be profound, since for the first time multiple security policies and their respective access controls may be realized and supported in a single object-oriented database management system. Computer Security: Unauthorized Access to a NASA Scientific Network. Report to the Chairman, Committee on Science, Space, and Technology, House of Representatives S.W. Bowlin, General Accounting Office, Washington DC, Information Management and Technology Div., November 1989,l c)pp_, N92-13673/8/WCC. SPAN is a worldwide computer network linking computers used by scientists conducting NASA space and earth science research. Authorized users from almost anywhere in the world can connect to a computer on SPAN using a home computer and the public telephone system. NASA records show that between 1981 and March 1989. unauthorized users successfully gained access dozens of times to SPAN computers located at NASA and another Federal agency. Because
600
SPAN was designed
to facilitate
the exchange
of scientific information, NASA has to balance the desire for convenience and openness with the need to protect valuable scientific data from unauthorized users. NASA has taken or is in the process of taking some actions in response to the security incidents, but they have not performed a security risk analysis for SPAN and therefore do not know the extent of the network’s vulnerabilities or the kinds and level of security precautions that should be taken. The General Accounting Office (GAO) recommends that the NASA Administrator should: (1) ensure that a risk analysis of SPAN is perfbrmcd and documented; (2) ensure that NASA, in cooperation with the SPAN users, institutes the security measures developed as a result of the risk analysis;and (3) continue to report the computer security area as a material internal control weakness in the year’s report to the President and the Congress, and discuss the actions that will be taken to correct the weakness. Establishing a Computer Security Incident Response Capability (CIRC) J.P. Wac, National Inst. of Standards and Technology (CBS), Gaithersburg MD. USA, November 1991, p., PB92-12314O/WCC. Government agencies and other organizations have begun to augment their computer security efforts because of increased threats to computer security. Incidents involving these threats, including computer viruses, malicious user activity, and vulnerabilities associated with high technology, require a skilled and rapid response before they can cause significant damage.These increased computer security efforts, described here as Computer Security Incident Response Capabilities (CSIRCs) have as a primary focus the goal of reacting quickly and etliciently to computer security incidents. CIRC efforts provide agencies with a centralized and cost-effective approach to handling computer security incidents so that future problems can be efficiently resolved and prevented. While the risks to computer security have increased, agencies have also become more dependent on computers. Many systems in widespread use today do not contain safeguards to guarantee protection from these threats. Additionally. as systems become more complex, they are more prone to vulnerabilities that can increase the risk of malicious exploitation. Due to greater avai-
Computers & Security, Vol. I I, No. 7
lability of computers, users are often de facto system managers; however many have neither the requisite skills nor time to manage their systems effectively. These factors make it clear that agencies need to augment their computer security capabilities before they suffer from serious computer security problems that can harm their missions, result in significant expense, and tarnish their images. A CIRC can help agencies resolve computer security problems in a way that is both efficient and cost-effective. Combined with policies for centralized reporting, a CIRC can reduce waste and duplication while providing a better posture against potentially devastating threats. A CIRC is a proactive approach to computer security, one that combines reactive capabilities with active steps to prevent future incidents from occurring. Bibliography for Computer Security, Integrity, and Safety R.L. Brown, Research Inst. for Advanced Computer Science, Moffett Field, CA, USA, August 1991,62 pp., N92-12439/5/WCC. A bibliography ofcomputer security,integrity and safety issues is given. The bibliography is divided into the following sections: recent national publications; books; journals, magazine articles and miscellaneous reports; conferences, proceedings and tutorials; and government documents and contractor reports. Integrating Security in a Group Oriented Distributed System M. Reiter, K. Birman and L. Gong, Cornell University, Ithica, NY, USA, October 1991, 27pp., N9214656/2/WCC. A distributed security architecture is proposed for incorporation into group oriented distributed systems and, in particular, into the Isis distributed programming toolkit. The primary goal of the architecture is to preserve the Isis abstractions in hostile environments. These abstractions include process groups and causal and atomic group multicast. Moreover, a delegation and access control scheme is proposed for use in group oriented systems. The focus here is on the security architecture; particular security protocols and cryptosysterns are not emphasized.
Professor Harold Joseph Highland, FICS is Managmg IXrrctor ofCompulit. Inc. [Ehnont. NY, USA] and heads I[$ MIcrocomputer Security Laboratory. He retired over a decade ago \vlth the rank of IIistin@shed Professor from the State University of Ne\v York. He is the foundins editor of Computers & Security. Ac Editor-in-Chief Emeritus. he \vrnes hit “K
Chamnan of IFIP/WG 11.8 on information and trainmg, an international committee industry government and unnwsities,
@President non-profit l
of the Virus organizanon,
Chairman
of thr ACM
l Associate Queensland l
and cperchrs Dr. Highland security. He is:
Public
Security
Intrrnational
conducts
trcurlty education of rnembcrs from
Instnute,
an
international
Plan Task Force,
of the Information Security Research Centre of Unwersity of Technoloq [Brisbane, Australial, and
Information
Offxer
Federation for Information on information securq.
of IFII’ITC l’rocrssmg’s
I1 [the International
Technical
Committee
11)
Professor Highland 1s cour~rd to the Computer Security Technical Comnnttre of the Chinese Computer Federation [Beijing. l’l
601