A practical approach to system security devices

https://doi.org/10.1016/0167-4048(84)90051-8Get rights and content

Abstract

Security devices, both hardware and software, are needed to improve the security of telecommunications networks and application processing systems. Use of security devices should be built into the systems design process for better effectiveness at a reduced cost. But the protection of existing applications may require “add-on” security. This article provides the security planner with practical and technical guidance to address both network and application security requirements.

References (15)

  • Adelman and Aple II Bust Public Crypt. Code

    (Oct. 4, 1982)
  • Central Computing Facility Passwork Management: A Status Report

    (March 1981)
  • Computer Auditing, Coopers & Lybrand, N.Y.C., N.Y. no date...
  • Hal Becker

    Data Network Security: Everyones Problem

    (September 1980)
  • Data Security Through Cryptography

    (October 1977)
  • DES Modes of Operation

    (December 1980)
  • Guidelines for Implementing and Using the NBS Data Encryption Standard

    (April 1981)
There are more references available in the full text version of this article.

Cited by (1)

The opinions expressed in this article are those of Mr. Moulton. They are not necessarily those of the Standard Oil Company of Ohio. The material presented in this article was developed, in part, in conjuction with a publication, Handbook of Computer Security Controls: A Practical Guide, which will be published by Prentice-Hall, Inc.

*

Rolf T. Moulton is Manager, Data Center Security for the Cleveland Data Center of the Standard Oil Company of Ohio. In this capacity, he is responsible for both data security and physical security. The responsibilities include policy and guidelines development, data access control planning and administration, EDP disruption contingency planning and administration. and physical access control. Prior to joining the Standard Oil Company, Mr. Moulton was Director of the Computer Security Services Unit of the New York City Department of Investigation where he was responsible for citywide development and enforcement of computer security policies and standards, EDP investigative auditing, and for the supervision of computer-related abuse investigations.

Mr. Moulton holds the Certificate in Data Processing (CDP) and is a certified Information Systems Auditor (CISA).

View full text