Showing papers in "Computers & Security in 1986"

TL;DR: A survey of methods and technologies available today to enhance network security is presented in this article, including information security strategy, computer security and its relation to network security, data communications security, and data encryption.

TL;DR: Girling's strategy for one-time keywords for authentication forwarding is combined with a proxy login mechanism to obtain a reliable method for network authentication that does not depend on the transmission of passwords.

TL;DR: The various data security features supported by the relational database language SQL are described, which cover the following aspects: user authorities, integrity, recovery and locking.

TL;DR: This paper addresses two issues of concern to those responsible for ensuring that the safeguards incorporated into application software are adequate and appropriate.

TL;DR: The problem of authenticating messages in applications in which senders and receivers communicate over unprotected channels is considered, and new techniques from the area of public-key cryptography are devised to determine that messages indeed originate at the claimed source and have not been tampered with on the way.

TL;DR: A chosen-plaintext attack was used to break the encoding; the encryption method could be derived easily from the enciphering of carefully chosen plaintext programs and a pair of MBASIC programs able to decrypt a protected program for any interpreter was developed.

TL;DR: This paper examines the exposure of an information system to an attack by a ''Trojan Horse'' and trapdoors and outlines some new encryption-based mechanisms that can reduce risks and losses caused by such attacks.

TL;DR: The key storage capacity of a terminal is determined and a scheme for reducing this storage capacity is presented and the consequences of this reduction scheme are discussed and illustrated by an example.

TL;DR: In this paper, the authors present directions for exploring these problems further: a societal risk analysis, a focus on one or more critical computer systems, and the formation of interdisciplinary discussion forums.

TL;DR: There is a need for intensive training programmes in this area, following an interdisciplinary team approach modelled on the MBA Degree, with an international clearing house for the creation and exchange of case studies for training Computer Crime Investigators.

TL;DR: The future world will be so tightly stitched together by its information threads that a combination of approaches to protecting privacy will be essential.

TL;DR: This paper describes representative functions that security modules perform, the benefits to be derived when security modules are deployed, and some current and future applications of this new technology.

TL;DR: This report presents a management overview of the problems and issues related -to software reuse, and provides a description of software reusability and its scope.

TL;DR: The author presents some new concepts which will enable the software developers to measure not only the degree of security being built into the software, but also its direct impact on reliability.

TL;DR: This article presents an accountant's views of selected issues related to six internal control categories: transmission controls, access controls, file management, encryption, activity monitoring, and applications controls.

TL;DR: A series of tests over security and audit personnel demands that senior management know what they can expect from signatures from more than 350 subjects found the error their audit department and have a way of derates in the most recent test.

TL;DR: The contents of such a course are suggested, with reference to existing courses conducted by the FBI and RCMP, where people from different disciplines, emerge with a good knowledge of each others' capabilities.

TL;DR: This paper spells out the risks run by computing centres under MVS installing home-grown user SuperVisor Calls, and a set of design requirements is formulated with which these user SVCs must comply if they are to be considered secure.

TL;DR: The problems created by the facilities of Electronic Funds Transfer are considered in relation to the role of auditors seeking to ensure that correct and secure operations occur when a computer takes over major record processing activities within an organisation.

TL;DR: It is argued in this paper that security is by no means an entirely technical issue and the human factors affecting data security issues should be reflected in the design of a system and its management.

TL;DR: This paper suggests that audit management utilize decision support systems, management information systems and management science models to identify and project the deterioration of controls that can occur.