Case Study 1, Infosec

1. Look up “the paper that started the study of computer security.”  Prepare a summary of the key points.  What in this paper specifically addresses security in areas previously unexamined?

Key Points

* Rapid increase in crime related activities related to peer-to-peer networks.

* Not dealing with system configurations, but the security of those systems

* Hardware and software must be augmented and refined to provide continued levels protection while functioning in a secure environment

* Regardless of how advanced computing technologies progress, there will always exist vulnerabilities within the hardware and software.

* Leakage points exist within hardware, software, communication (within the central processor), organizational, and ecological points.

* Access control has to occur throughout the entire system by named task forces and must be flexible, responsive, auditable, reliable, manageable, adaptable, dependable, and assure configuration integrity.

The paper titled the “Rand Report R-609” was sponsored by the Department of Defense and broke down and defined numerous controls between computer security and the procedures and policies needed to be implemented to address the rising subject of computer and information security.

The Rand Report specifically identifies how cheaply and quickly one can physically removed or erase sensitive information whereas it could not be done so easily in the past. The paper also states that there needs to be continued development upon the current internal encryption devices, hardware configurations between different types of users, more comprehensive controls to be proactive on security rather than reactive, and also implement new machine architectures that minimally affect the efficiency and cost of systems.

2. Consider the information stored on your personal computer. For each of the terms listed, find an example and document it: threat, threat agent, vulnerability, exposure, risk, attack,...