Need for Computer Security

Aims of the Course

Goals

To provide an overview of the need for, the technology, algorithms and standards used, to provide computer and communications security

Outline

Computer Security - Why?

IS Security Aspects

Potential Security Solutions

Personnel - Access Tokens, Biometrics

Physical - Integrated Access control

Managerial - Security Education

Data Networking - Configuration control

S/W & O/S - use "Trusted" systems

H/W - h/w handshake

Risk Assessment

[1]

Assets

Threats

                   Users                                       Hackers                    
                Terrorists                                    Criminals                   
                 Accidents                                   Ats of God                   
          Issue Motivated Groups                        Foreign Intelligence              
                                            ||
                                            ||
                                            ||
                                            \/


          Destroy                                                     Disrupt             
                                          Lose                                            
           Modify                                                     Disclose            

Vulnerabilities

Countermeasures

A check or restraint implemented to:

Countermeasures

Defence Security Policy & Standards

- DSB have developed a set of 7 SECMAN manuals 1. Policy

2. Industrial Security

3. Info Systems Security

4. Protective Security

5. Personnel Security

6. Project Security

7. Security Design & Construction Guidelines

(Facilty Security)

- designed to provide checklists and procedures to assist in implementing security in various situations

- will return to these later


[1] follow with DSB slides on: Assets, Vulnerabilities, Threats & Countermeasures
[CSC Info]
Lawrie.Brown@adfa.oz.au / 28-Feb-96