Printer Friendly

Computer Security Basics.

The purpose of this book is to provide readers with the history of computer security - how it came about, who were the leaders in the field, and definitions of jargon. The authors' ideas are expressed clearly, they make no unfounded claims, and the history is accurate.

In the definition of computer security, the authors make the case that computer security is actually a misnomer; the term should be information security. Why? Because there are many disciplines involved beyond the protection of the computer itself.

For instance, information security involves the protection of the building housing the computer, the terminals and printers connected to the computer, the cabling, the disks and tapes holding the information, and the information's value to its owners. Basically the protection must address the three distinct aspects of computer security: the information's confidentiality (secrecy), accuracy (integrity), and availability of the data to its users when needed.

Only one element is left out in the definition of "computer security." The authors neglected to emphasize the importance of communications to the information systems and its protection, whether the information is between two computers or involves worldwide networks.

The authors' discussions of the history of the roles played in securing computer systems by the Department of Defense (DoD), the National Security Agency, the national Institute of Standards and Technology, and the creation of the then-DoD Computer Security Center in 1981 were accurate and informative. I also thought their treatment of the Computer Fraud and Abuse Act of 1986 and the Computer Security Act of 1987 was excellent.

This book is an outstanding desk reference. The purpose of explaining the history of computer security and how it has evolved has been achieved.

The presentation of the classification systems of the "Orange Book" (the government's Trusted Computer System Evaluation Criteria) in both tables and figures is well done and presented in language that is not too technical. The chapters are well presented and progress nicely, as do the acronym and glossary appendixes.

I recommend this book to fellow security practitioners, especially those who wish to know more about the protection of computer systems and the necessary laws, rules, and regulations to which they must adhere.
COPYRIGHT 1992 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1992 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Author:Keough, Howard
Publication:Security Management
Article Type:Book Review
Date:May 1, 1992
Previous Article:The Bug in the Martini Olive, and Other True Cases from the Files of Hal Lipset, Private Eye.
Next Article:Profiling for terrorists.

Related Articles
Computer Virus Handbook.
Protection Officer Training Manual Fifth Edition.
Firewalls and Internet Security: Repelling the Wily Hacker.
Investigating Computer Crime.
High-Technology Crime Investigator's Handbook: Working in the Global Information Environment.
Viruses Revealed: Understand and Counter Malicious Software. (Reviews).
Computer Security: 20 Things Every Employee Should Know.
A Security Professional's Practical Guide to the Law.
Information security illuminated.

Terms of use | Copyright © 2016 Farlex, Inc. | Feedback | For webmasters