Title: Computer Security in the Business World—Distributed Systems
Abstract: This chapter focuses on computer security in the business world distributed systems. Users of traditional time-sharing systems were drawn from a wide range of organizations, and there was a need to prevent them from gaining unauthorized access to one another's files or, to put it more positively, to make sure that any sharing of files and resources was on a controlled basis. The first step in establishing a secure enclave is to control remote log-in. Ideally, this should not be allowed at all. The problem is essentially one of user authentication. To give a high degree of protection, authentication must go beyond simply requiring the applicant to quote a password or use an encryption key. There are various ways in which this can be done. For example, applicants can be required to speak on the telephone to a colleague who knows them well and who can vouch for them. There are many reasons why it is not a sufficient form of authentication for the distant computer to require the simple quotation of a password. Security depends on the integrity of the software in the gateway and it is desirable that this should be loaded through an input device directly connected to the gateway itself. It remains true that there are serious security risks in running any central information system. However, these do not arise primarily because of possible loopholes in the software. They arise because of the danger of human error in selecting the information to be stored and in setting the access controls.
Publication Year: 1995
Publication Date: 1995-01-01
Language: en
Type: book-chapter
Indexed In: ['crossref']
Access and Citation
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot