tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 1244


Site Security Handbook

Part 4 of 4, p. 81 to 101
Prev RFC Part


prevText      Top      Up      ToC       Page 81 
7.  References

   [1] Quarterman, J., "The Matrix: Computer Networks and Conferencing
       Systems Worldwide", Pg. 278, Digital Press, Bedford, MA, 1990.

   [2] Brand, R., "Coping with the Threat of Computer Security
       Incidents: A Primer from Prevention through Recovery", R. Brand,
       available on-line from:, 8 June

   [3] Fites, M., Kratz, P. and A. Brebner, "Control and Security of

Top      Up      ToC       Page 82 
       Computer Information Systems", Computer Science Press, 1989.

   [4] Johnson, D., and J. Podesta, "Formulating a Company Policy on
       Access to and Use and Disclosure of Electronic Mail on Company
       Computer Systems", Available from: The Electronic Mail
       Association (EMA) 1555 Wilson Blvd, Suite 555, Arlington VA
       22209, (703) 522-7111, 22 October 1990.

   [5] Curry, D., "Improving the Security of Your UNIX System", SRI
       International Report ITSTD-721-FR-90-21, April 1990.

   [6] Cheswick, B., "The Design of a Secure Internet Gateway",
       Proceedings of the Summer Usenix Conference, Anaheim, CA, June

   [7] Linn, J., "Privacy Enhancement for Internet Electronic Mail: Part
       I -- Message Encipherment and Authentication Procedures", RFC
       1113, IAB Privacy Task Force, August 1989.

   [8] Kent, S., and J. Linn, "Privacy Enhancement for Internet
       Electronic Mail: Part II -- Certificate-Based Key Management",
       RFC 1114, IAB Privacy Task Force, August 1989.

   [9] Linn, J., "Privacy Enhancement for Internet Electronic Mail: Part
       III -- Algorithms, Modes, and Identifiers", RFC 1115, IAB Privacy
       Task Force, August 1989.

  [10] Merkle, R., "A Fast Software One Way Hash Function", Journal of
       Cryptology, Vol. 3, No. 1.

  [11] Postel, J., "Internet Protocol - DARPA Internet Program Protocol
       Specification", RFC 791, DARPA, September 1981.

  [12] Postel, J., "Transmission Control Protocol - DARPA Internet
       Program Protocol Specification", RFC 793, DARPA, September 1981.

  [13] Postel, J., "User Datagram Protocol", RFC 768, USC/Information
       Sciences Institute, 28 August 1980.

  [14] Mogul, J., "Simple and Flexible Datagram Access Controls for
       UNIX-based Gateways", Digital Western Research Laboratory
       Research Report 89/4, March 1989.

  [15] Bellovin, S., and M. Merritt, "Limitations of the Kerberos
       Authentication System", Computer Communications Review, October

  [16] Pfleeger, C., "Security in Computing", Prentice-Hall, Englewood

Top      Up      ToC       Page 83 
       Cliffs, N.J., 1989.

  [17] Parker, D., Swope, S., and B. Baker, "Ethical Conflicts:
       Information and Computer Science, Technology and Business", QED
       Information Sciences, Inc., Wellesley, MA.

  [18] Forester, T., and P. Morrison, "Computer Ethics: Tales and
       Ethical Dilemmas in Computing", MIT Press, Cambridge, MA, 1990.

  [19] Postel, J., and J. Reynolds, "Telnet Protocol Specification", RFC
       854, USC/Information Sciences Institute, May 1983.

  [20] Postel, J., and J. Reynolds, "File Transfer Protocol", RFC 959,
       USC/Information Sciences Institute, October 1985.

  [21] Postel, J., Editor, "IAB Official Protocol Standards", RFC 1200,
       IAB, April 1991.

  [22] Internet Activities Board, "Ethics and the Internet", RFC 1087,
       Internet Activities Board, January 1989.

  [23] Pethia, R., Crocker, S., and B. Fraser, "Policy Guidelines for
       the Secure Operation of the Internet", CERT, TIS, CERT, RFC in

  [24] Computer Emergency Response Team (CERT/CC), "Unauthorized
       Password Change Requests", CERT Advisory CA-91:03, April 1991.

  [25] Computer Emergency Response Team (CERT/CC), "TELNET Breakin
       Warning", CERT Advisory CA-89:03, August 1989.

  [26] CCITT, Recommendation X.509, "The Directory: Authentication
       Framework", Annex C.

  [27] Farmer, D., and E. Spafford, "The COPS Security Checker System",
       Proceedings of the Summer 1990 USENIX Conference, Anaheim, CA,
       Pgs. 165-170, June 1990.

8.  Annotated Bibliography

   The intent of this annotated bibliography is to offer a
   representative collection of resources of information that will help
   the user of this handbook.  It is meant provide a starting point for
   further research in the security area.  Included are references to
   other sources of information for those who wish to pursue issues of
   the computer security environment.

Top      Up      ToC       Page 84 
8.1  Computer Law

           American Bar Association, Section of Science and
           Technology, "Guide to the Prosecution of Telecommunication
           Fraud by the Use of Computer Crime Statutes", American Bar
           Association, 1989.

           Bender, D., "Computer Law: Evidence and Procedure",
           M. Bender, New York, NY, 1978-present.

           Kept up to date with supplements.
           Years covering 1978-1984 focuses on: Computer law,
           evidence and procedures.  The years 1984 to the current
           focus on general computer law.  Bibliographical
           references and index included.

           Bloombecker, B., "Spectacular Computer Crimes", Dow Jones-
           Irwin, Homewood, IL. 1990.

           Commerce Clearing House, "Guide to Computer Law", (Topical
           Law Reports), Chicago, IL., 1989.

           Court cases and decisions rendered by federal and state
           courts throughout the United States on federal and state
           computer law.  Includes Case Table and Topical Index.

           Conly, C., "Organizing for Computer Crime Investigation and
           Prosecution", U.S. Dept. of Justice, Office of Justice
           Programs, Under Contract  Number OJP-86-C-002, National
           Institute of Justice, Washington, DC, July 1989.

           Fenwick, W., Chair, "Computer Litigation, 1985: Trial
           Tactics and Techniques", Litigation Course Handbook
           Series No. 280, Prepared for distribution at the
           Computer Litigation, 1985: Trial Tactics and
           Techniques Program, February-March 1985.

           Gemignani, M., "Viruses and Criminal Law", Communications
           of the ACM, Vol. 32, No. 6, Pgs. 669-671, June 1989.

Top      Up      ToC       Page 85 
           Huband, F., and R. Shelton, Editors, "Protection of
           Computer Systems and Software: New Approaches for Combating
           Theft of Software and Unauthorized Intrusion", Papers
           presented at a workshop sponsored by the National Science
           Foundation, 1986.

           McEwen, J., "Dedicated Computer Crime Units", Report
           Contributors: D. Fester and H. Nugent, Prepared for the
           National Institute of Justice, U.S. Department of Justice,
           by Institute for Law and Justice, Inc., under contract number
           OJP-85-C-006, Washington, DC, 1989.

           Parker, D., "Computer Crime: Criminal Justice Resource
           Manual", U.S. Dept. of Justice, National Institute of Justice,
           Office of Justice Programs, Under Contract Number
           OJP-86-C-002, Washington, D.C., August 1989.

           Shaw, E., Jr., "Computer Fraud and Abuse Act of 1986,
           Congressional Record (3 June 1986), Washington, D.C.,
           3 June 1986.

           Trible, P., "The Computer Fraud and Abuse Act of 1986",
           U.S. Senate Committee on the Judiciary, 1986.

8.2  Computer Security

           Caelli, W., Editor, "Computer Security in the Age of
           Information", Proceedings of the Fifth IFIP International
           Conference on Computer Security, IFIP/Sec '88.

           Carroll, J., "Computer Security", 2nd Edition, Butterworth
           Publishers, Stoneham, MA, 1987.

           Cooper, J., "Computer and Communications Security:
           Strategies for the 1990s", McGraw-Hill, 1989.

           Brand, R., "Coping with the Threat of Computer Security
           Incidents: A Primer from Prevention through Recovery",

Top      Up      ToC       Page 86 
           R. Brand, 8 June 1990.

           As computer security becomes a more important issue in
           modern society, it begins to warrant a systematic approach.
           The vast majority of the computer security problems and the
           costs associated with them can be prevented with simple
           inexpensive measures.  The most important and cost
           effective of these measures are available in the prevention
           and planning phases.  These methods are presented in this
           paper, followed by a simplified guide to incident
           handling and recovery.  Available on-line from:

           Cheswick, B., "The Design of a Secure Internet Gateway",
           Proceedings of the Summer Usenix Conference, Anaheim, CA,
           June 1990.

           Brief abstract (slight paraphrase from the original
           abstract): AT&T maintains a large internal Internet that
           needs to be protected from outside attacks, while
           providing useful services between the two.
           This paper describes AT&T's Internet gateway.  This
           gateway passes mail and many of the common Internet
           services between AT&T internal machines and the Internet.
           This is accomplished without IP connectivity using a pair
           of machines: a trusted internal machine and an untrusted
           external gateway.  These are connected by a private link.
           The internal machine provides a few carefully-guarded
           services to the external gateway.  This configuration
           helps protect the internal internet even if the external
           machine is fully compromised.

           This is a very useful and interesting design.  Most
           firewall gateway systems rely on a system that, if
           compromised, could allow access to the machines behind
           the firewall.  Also, most firewall systems require users
           who want access to Internet services to have accounts on
           the firewall machine.  AT&T's design allows AT&T internal
           internet users access to the standard services of TELNET and
           FTP from their own workstations without accounts on
           the firewall machine.  A very useful paper that shows
           how to maintain some of the benefits of Internet
           connectivity while still maintaining strong

Top      Up      ToC       Page 87 
           Curry, D., "Improving the Security of Your UNIX System",
           SRI International Report ITSTD-721-FR-90-21, April 1990.

           This paper describes measures that you, as a system
           administrator can take to make your UNIX system(s) more
           secure.  Oriented primarily at SunOS 4.x, most of the
           information covered applies equally well to any Berkeley
           UNIX system with or without NFS and/or Yellow Pages (NIS).
           Some of the information can also be applied to System V,
           although this is not a primary focus of the paper.  A very
           useful reference, this is also available on the Internet in
           various locations, including the directory

           Fites, M., Kratz, P. and A. Brebner, "Control and
           Security of Computer Information Systems", Computer Science
           Press, 1989.

           This book serves as a good guide to the issues encountered
           in forming computer security policies and procedures.  The
           book is designed as a textbook for an introductory course
           in information systems security.

           The book is divided into five sections: Risk Management (I),
           Safeguards: security and control measures, organizational
           and administrative (II), Safeguards: Security and Control
           Measures, Technical (III), Legal Environment and
           Professionalism (IV), and CICA Computer Control Guidelines

           The book is particularly notable for its straight-forward
           approach to security, emphasizing that common sense is the
           first consideration in designing a security program.  The
           authors note that there is a tendency to look to more
           technical solutions to security problems while overlooking
           organizational controls which are often cheaper and much
           more effective.  298 pages, including references and index.

           Garfinkel, S, and E. Spafford, "Practical Unix Security",
           O'Reilly & Associates, ISBN 0-937175-72-2, May 1991.

           Approx 450 pages, $29.95.  Orders: 1-800-338-6887
           (US & Canada), 1-707-829-0515 (Europe), email:

           This is one of the most useful books available on Unix

Top      Up      ToC       Page 88 
           security.  The first part of the book covers standard Unix
           and Unix security basics, with particular emphasis on
           passwords.  The second section covers enforcing security on
           the system.  Of particular interest to the Internet user are
           the sections on network security, which address many
           of the common security problems that afflict Internet Unix
           users.  Four chapters deal with handling security incidents,
           and the book concludes with discussions of encryption,
           physical security, and useful checklists and lists of
           resources.  The book lives up to its name; it is filled with
           specific references to possible security holes, files to
           check, and things to do to improve security.  This
           book is an excellent complement to this handbook.

           Greenia, M., "Computer Security Information Sourcebook",
           Lexikon Services, Sacramento, CA, 1989.

           A manager's guide to computer security.  Contains a
           sourcebook of key reference materials including
           access control and computer crimes bibliographies.

           Hoffman, L., "Rogue Programs: Viruses, Worms, and
           Trojan Horses", Van Nostrand Reinhold, NY, 1990.
           (384 pages, includes bibliographical references and index.)

           Johnson, D., and J. Podesta, "Formulating A Company Policy
           on Access to and Use and Disclosure of Electronic Mail on
           Company Computer Systems".

           A white paper prepared for the EMA, written by two experts
           in privacy law.  Gives background on the issues, and presents
           some policy options.

           Available from: The Electronic Mail Association (EMA)
           1555 Wilson Blvd, Suite 555, Arlington, VA, 22209.
           (703) 522-7111.

           Kent, Stephen, "E-Mail Privacy for the Internet: New Software
           and Strict Registration Procedures will be Implemented this
           Year", Business Communications Review, Vol. 20, No. 1,
           Pg. 55, 1 January 1990.

Top      Up      ToC       Page 89 
           Lu, W., and M. Sundareshan, "Secure Communication in
           Internet Environments: A Hierachical Key Management Scheme
           for End-to-End Encryption", IEEE Transactions on
           Communications, Vol. 37, No. 10, Pg. 1014, 1 October 1989.

           Lu, W., and M. Sundareshan, "A Model for Multilevel Security
           in Computer Networks", IEEE Transactions on Software
           Engineering, Vol. 16, No. 6, Page 647, 1 June 1990.

           National Security Agency, "Information Systems Security
           Products and Services Catalog", NSA, Quarterly Publication.

           NSA's catalogue contains chapter on: Endorsed Cryptographic
           Products List; NSA Endorsed Data Encryption Standard (DES)
           Products List; Protected Services List; Evaluated Products
           List; Preferred Products List; and Endorsed Tools List.

           The catalogue is available from the Superintendent of
           Documents, U.S. Government Printing Office, Washington,
           D.C.  One may place telephone orders by calling:
           (202) 783-3238.

           United States Congress, Office of Technology Assessment,
           "Defending Secrets, Sharing Data: New Locks and Keys for
           Electronic Information", OTA-CIT-310, October 1987.

           This report, prepared for congressional committee considering
           Federal policy on the protection of electronic information, is
           interesting because of the issues it raises regarding the
           impact of technology used to protect information.  It also
           serves as a reasonable introduction to the various encryption
           and information protection mechanisms.  185 pages.  Available
           from the U.S. Government Printing Office.

           Palmer, I., and G. Potter, "Computer Security Risk
           Management", Van Nostrand Reinhold, NY, 1989.

           Pfleeger, C., "Security in Computing", Prentice-Hall,
           Englewood Cliffs, NJ, 1989.

           A general textbook in computer security, this book provides an
           excellent and very readable introduction to classic computer

Top      Up      ToC       Page 90 
           security problems and solutions, with a particular emphasis on
           encryption.  The encryption coverage serves as a good
           introduction to the subject.  Other topics covered include
           building secure programs and systems, security of database,
           personal computer security, network and communications
           security, physical security, risk analysis and security
           planning, and legal and ethical issues.  538 pages including
           index and bibliography.

           Shirey, R., "Defense Data Network Security Architecture",
           Computer Communication Review, Vol. 20, No. 2, Page 66,
           1 April 1990.

           Spafford, E., Heaphy, K., and D. Ferbrache, "Computer
           Viruses: Dealing with Electronic Vandalism and Programmed
           Threats", ADAPSO, 1989. (109 pages.)

           This is a good general reference on computer viruses and
           related concerns.  In addition to describing viruses in
           some detail, it also covers more general security issues,
           legal recourse in case of security problems, and includes
           lists of laws, journals focused on computers security,
           and other security-related resources.

           Available from: ADAPSO, 1300 N. 17th St, Suite 300,
           Arlington VA 22209.  (703) 522-5055.

           Stoll, C., "Stalking the Wily Hacker", Communications
           of the ACM, Vol. 31, No. 5, Pgs. 484-497, ACM,
           New York, NY, May 1988.

           This article describes some of the technical means used
           to trace the intruder that was later chronicled in
           "Cuckoo's Egg" (see below).

           Stoll, C., "The Cuckoo's Egg", ISBN 00385-24946-2,
           Doubleday, 1989.

           Clifford Stoll, an astronomer turned UNIX System
           Administrator, recounts an exciting, true story of how he
           tracked a computer intruder through the maze of American
           military and research networks.  This book is easy to
           understand and can serve as an interesting introduction to
           the world of networking.  Jon Postel says in a book review,

Top      Up      ToC       Page 91 
           "[this book] ... is absolutely essential reading for anyone
           that uses or operates any computer connected to the Internet
           or any other computer network."

           Vallabhaneni, S., "Auditing Computer Security: A Manual with
           Case Studies", Wiley, New York, NY, 1989.

8.3  Ethics

           Computer Professionals for Social Responsibility, "CPSR
           Statement on the Computer Virus", CPSR, Communications of the
           ACM, Vol. 32, No. 6, Pg. 699, June 1989.

           This memo is a statement on the Internet Computer Virus
           by the Computer Professionals for Social Responsibility

           Denning, Peter J., Editor, "Computers Under Attack:
           Intruders, Worms, and Viruses",  ACM Press, 1990.

           A collection of 40 pieces divided into six sections: the
           emergence of worldwide computer networks, electronic breakins,
           worms, viruses, counterculture (articles examining the world
           of the "hacker"), and finally a section discussing social,
           legal, and ethical considerations.

           A thoughtful collection that addresses the phenomenon of
           attacks on computers.  This includes a number of previously
           published articles and some new ones.  The previously
           published ones are well chosen, and include some references
           that might be otherwise hard to obtain.  This book is a key
           reference to computer security threats that have generated
           much of the concern over computer security in recent years.

           Ermann, D., Williams, M., and C. Gutierrez, Editors,
           "Computers, Ethics, and Society", Oxford University Press,
           NY, 1990.  (376 pages, includes bibliographical references).

           Forester, T., and P. Morrison, "Computer Ethics: Tales and
           Ethical Dilemmas in Computing", MIT Press, Cambridge, MA,
           1990.  (192 pages including index.)

Top      Up      ToC       Page 92 
           From the preface: "The aim of this book is two-fold: (1) to
           describe some of the problems created by society by computers,
           and (2) to show how these problems present ethical dilemmas
           for computers professionals and computer users.

           The problems created by computers arise, in turn, from two
           main sources: from hardware and software malfunctions and
           from misuse by human beings.  We argue that computer systems
           by their very nature are insecure, unreliable, and
           unpredictable -- and that society has yet to come to terms
           with the consequences.  We also seek to show how society
           has become newly vulnerable to human misuse of computers in
           the form of computer crime, software theft, hacking, the
           creation of viruses, invasions of privacy, and so on."

           The eight chapters include "Computer Crime", "Software
           Theft", "Hacking and Viruses", "Unreliable Computers",
           "The Invasion of Privacy", "AI and Expert Systems",
           and "Computerizing the Workplace."  Includes extensive
           notes on sources and an index.

           Gould, C., Editor, "The Information Web: Ethical and Social
           Implications of Computer Networking", Westview Press,
           Boulder, CO, 1989.

           Internet Activities Board, "Ethics and the Internet",
           RFC 1087, IAB, January 1989.  Also appears in the
           Communications of the ACM, Vol. 32, No. 6, Pg. 710,
           June 1989.

           This memo is a statement of policy by the Internet
           Activities Board (IAB) concerning the proper use of
           the resources of the Internet.  Available on-line on
           host, directory rfc, filename rfc1087.txt.
           Also available on host, directory RFC,
           filename RFC1087.TXT-1.

           Martin, M., and R. Schinzinger, "Ethics in Engineering",
           McGraw Hill, 2nd Edition, 1989.

           Massachusetts Institute of Technology, "Teaching Students
           About Responsible Use of Computers", MIT, 1985-1986.  Also
           reprinted in the Communications of the ACM, Vol. 32, No. 6,
           Pg. 704, Athena Project, MIT, June 1989.

Top      Up      ToC       Page 93 
           This memo is a statement of policy by the Massachusetts
           Institute of Technology (MIT) on the responsible use
           of computers.

           National Institute of Standards and Technology, "Computer
           Viruses and Related Threats: A Management Guide", NIST
           Special Publication 500-166, August 1989.

           National Science Foundation, "NSF Poses Code of Networking
           Ethics", Communications of the ACM, Vol. 32, No. 6, Pg. 688,
           June 1989.  Also appears in the minutes of the regular
           meeting of the Division Advisory Panel for Networking and
           Communications Research and Infrastructure, Dave Farber,
           Chair, November 29-30, 1988.

           This memo is a statement of policy by the National Science
           Foundation (NSF) concerning the ethical use of the Internet.

           Parker, D., Swope, S., and B. Baker, "Ethical Conflicts:
           Information and Computer Science, Technology and Business",
           QED Information Sciences, Inc., Wellesley, MA. (245 pages).

   Additional publications on Ethics:

   The University of New Mexico (UNM)

      The UNM has a collection of ethics documents.  Included are
      legislation from several states and policies from many

         Access is via FTP, IP address  Look in the
         directory /ethics.

8.4  The Internet Worm

           Brock, J., "November 1988 Internet Computer Virus and the
           Vulnerability of National Telecommunications Networks to
           Computer Viruses", GAO/T-IMTEC-89-10, Washington, DC,
           20 July 1989.

           Testimonial statement of Jack L. Brock, Director, U. S.
           Government Information before the Subcommittee on
           Telecommunications and Finance, Committee on Energy and

Top      Up      ToC       Page 94 
           Commerce, House of Representatives.

           Eichin, M., and J. Rochlis, "With Microscope and Tweezers:
           An Analysis of the Internet Virus of November 1988",
           Massachusetts Institute of Technology, February 1989.

           Provides a detailed dissection of the worm program.  The
           paper discusses the major points of the worm program then
           reviews strategies, chronology, lessons and open issues,
           Acknowledgments; also included are a detailed appendix
           on the worm program subroutine by subroutine, an
           appendix on the cast of characters, and a reference section.

           Eisenberg, T., D. Gries, J. Hartmanis, D. Holcomb,
           M. Lynn, and T. Santoro, "The Computer Worm", Cornell
           University, 6 February 1989.

           A Cornell University Report presented to the Provost of the
           University on 6 February 1989 on the Internet Worm.

           U.S. General Accounting Office, "Computer Security - Virus
           Highlights Need for Improved Internet Management", United
           States General Accounting Office, Washington, DC, 1989.

           This 36 page report (GAO/IMTEC-89-57), by the U.S.
           Government Accounting Office, describes the Internet worm
           and its effects.  It gives a good overview of the various
           U.S. agencies involved in the Internet today and their
           concerns vis-a-vis computer security and networking.

           Available on-line on host, directory
           pub, filename GAO_RPT; and on, directory nsfnet,
           filename GAO_RPT.TXT.

           The Helminthiasis of the Internet, RFC 1135,
           USC/Information Sciences Institute, Marina del Rey,
           CA, December 1989.

           This report looks back at the helminthiasis (infestation
           with, or disease caused by parasitic worms) of the
           Internet that was unleashed the evening of 2 November 1988.
           This document provides a glimpse at the infection,its
           festering, and cure.  The impact of the worm on the Internet
           community, ethics statements, the role of the news media,

Top      Up      ToC       Page 95 
           crime in the computer world, and future prevention is
           discussed.  A documentation review presents four publications
           that describe in detail this particular parasitic computer
           program.  Reference and bibliography sections are also
           included.  Available on-line on host
           directory rfc, filename rfc1135.txt.  Also available on
           host, directory RFC, filename RFC1135.TXT-1.

           Seeley, D., "A Tour of the Worm", Proceedings of 1989
           Winter USENIX Conference, Usenix Association, San Diego, CA,
           February 1989.

           Details are presented as a "walk thru" of this particular
           worm program.  The paper opened with an abstract,
           introduction, detailed chronology of events upon the
           discovery of the worm, an overview, the internals of the
           worm, personal opinions, and conclusion.

           Spafford, E., "The Internet Worm Program: An
           Analysis", Computer Communication Review, Vol. 19,
           No. 1, ACM SIGCOM, January 1989.  Also issued as Purdue
           CS Technical Report CSD-TR-823, 28 November 1988.

           Describes the infection of the Internet as a worm
           program that exploited flaws in utility programs in
           UNIX based systems.  The report gives a detailed
           description of the components of the worm program:
           data and functions.  Spafford focuses his study on two
           completely independent reverse-compilations of the
           worm and a version disassembled to VAX assembly language.

           Spafford, G., "An Analysis of the Internet Worm",
           Proceedings of the European Software Engineering
           Conference 1989, Warwick England, September 1989.
           Proceedings published by Springer-Verlag as: Lecture
           Notes in Computer Science #387.  Also issued
           as Purdue Technical Report #CSD-TR-933.

8.5  National Computer Security Center (NCSC)

   All NCSC publications, approved for public release, are available
   from the NCSC Superintendent of Documents.

           NCSC = National Computer Security Center

Top      Up      ToC       Page 96 
           9800 Savage Road
           Ft Meade, MD 20755-6000

           CSC = Computer Security Center:
           an older name for the NCSC

           NTISS = National Telecommunications and
           Information Systems Security
           NTISS Committee, National Security Agency
           Ft Meade, MD 20755-6000

           Department of Defense, "Password Management Guideline",
           CSC-STD-002-85, 12 April 1985, 31 pages.

           The security provided by a password system depends on
           the passwords being kept secret at all times.  Thus, a
           password is vulnerable to compromise whenever it is used,
           stored, or even known.  In a password-based authentication
           mechanism implemented on an ADP system, passwords are
           vulnerable to compromise due to five essential aspects
           of the password system: 1) a password must be initially
           assigned to a user when enrolled on the ADP system;
           2) a user's password must be changed periodically;
           3) the ADP system must maintain a 'password
           database'; 4) users must remember their passwords; and
           5) users must enter their passwords into the ADP system at
           authentication time.  This guideline prescribes steps to be
           taken to minimize the vulnerability of passwords in each of
           these circumstances.

           NCSC, "A Guide to Understanding AUDIT in Trusted Systems",
           NCSC-TG-001, Version-2, 1 June 1988, 25 pages.

           Audit trails are used to detect and deter penetration of
           a computer system and to reveal usage that identifies
           misuse.  At the discretion of the auditor, audit trails
           may be limited to specific events or may encompass all of
           the activities on a system.  Although not required by
           the criteria, it should be possible for the target of the
           audit mechanism to be either a subject or an object.  That
           is to say, the audit mechanism should be capable of
           monitoring every time John accessed the system as well as
           every time the nuclear reactor file was accessed; and
           likewise every time John accessed the nuclear reactor

Top      Up      ToC       Page 97 
           NCSC, "A Guide to Understanding DISCRETIONARY ACCESS CONTROL
           in Trusted Systems", NCSC-TG-003, Version-1, 30 September
           1987, 29 pages.

           Discretionary control is the most common type of access
           control mechanism implemented in computer systems today.
           The basis of this kind of security is that an individual
           user, or program operating on the user's behalf, is
           allowed to specify explicitly the types of access other
           users (or programs executing on their behalf) may have to
           information under the user's control.  [...]  Discretionary
           controls are not a replacement for mandatory controls.  In
           any environment in which information is protected,
           discretionary security provides for a finer granularity of
           control within the overall constraints of the mandatory

           NCSC, "A Guide to Understanding CONFIGURATION MANAGEMENT
           in Trusted Systems", NCSC-TG-006, Version-1, 28 March 1988,
           31 pages.

           Configuration management consists of four separate tasks:
           identification, control, status accounting, and auditing.
           For every change that is made to an automated data
           processing (ADP) system, the design and requirements of the
           changed version of the system should be identified.  The
           control task of configuration management is performed
           by subjecting every change to documentation, hardware, and
           software/firmware to review and approval by an authorized
           authority.  Configuration status accounting is responsible
           for recording and reporting on the configuration of the
           product throughout the change.  Finally, though the process
           of a configuration audit, the completed change can be
           verified to be functionally correct, and for trusted
           systems, consistent with the security policy of the system.

           NTISS, "Advisory Memorandum on Office Automation Security
           Guideline", NTISSAM CONPUSEC/1-87, 16 January 1987,
           58 pages.

           This document provides guidance to users, managers, security
           officers, and procurement officers of Office Automation
           Systems.  Areas addressed include: physical security,
           personnel security, procedural security, hardware/software
           security, emanations security (TEMPEST), and communications

Top      Up      ToC       Page 98 
           security for stand-alone OA Systems, OA Systems
           used as terminals connected to mainframe computer systems,
           and OA Systems used as hosts in a Local Area Network (LAN).
           Differentiation is made between those Office Automation
           Systems equipped with removable storage media only (e.g.,
           floppy disks, cassette tapes, removable hard disks) and
           those Office Automation Systems equipped with fixed media
           (e.g., Winchester disks).

Additional NCSC Publications:

           National Computer Security Center, "Glossary of Computer
           Security Terms", NCSC-TG-004, NCSC, 21 October 1988.

           National Computer Security Center, "Trusted
           Computer System Evaluation Criteria", DoD 5200.28-STD,
           CSC-STD-001-83, NCSC, December 1985.

           National Computer Security Center, "Guidance for
           Applying the Department of Defense Trusted Computer System
           Evaluation Criteria in Specific Environments",
           CSC-STD-003-85, NCSC, 25 June 1985.

           National Computer Security Center, "Technical Rationale
           Behind CSC-STD-003-85: Computer Security Requirements",
           CSC-STD-004-85, NCSC, 25 June 85.

           National Computer Security Center, "Magnetic Remanence
           Security Guideline", CSC-STD-005-85, NCSC, 15 November 1985.

           This guideline is tagged as a "For Official Use Only"
           exemption under Section 6, Public Law 86-36 (50 U.S. Code
           402).  Distribution authorized of U.S. Government agencies
           and their contractors to protect unclassified technical,
           operational, or administrative data relating to operations
           of the National Security Agency.

           National Computer Security Center, "Guidelines for Formal
           Verification Systems", Shipping list no.: 89-660-P, The
           Center, Fort George G. Meade, MD, 1 April 1990.

Top      Up      ToC       Page 99 
           National Computer Security Center, "Glossary of Computer
           Security Terms", Shipping list no.: 89-254-P, The Center,
           Fort George G. Meade, MD, 21 October 1988.

           National Computer Security Center, "Trusted UNIX Working
           Group (TRUSIX) rationale for selecting access control
           list features for the UNIX system", Shipping list no.:
           90-076-P, The Center, Fort George G. Meade, MD, 1990.

           National Computer Security Center, "Trusted Network
           Interpretation", NCSC-TG-005, NCSC, 31 July 1987.

           Tinto, M., "Computer Viruses: Prevention, Detection, and
           Treatment", National Computer Security Center C1
           Technical Report C1-001-89, June 1989.

           National Computer Security Conference, "12th National
           Computer Security Conference: Baltimore Convention Center,
           Baltimore, MD, 10-13 October, 1989: Information Systems
           Security, Solutions for Today - Concepts for Tomorrow",
           National Institute of Standards and National Computer
           Security Center, 1989.

8.6  Security Checklists

           Aucoin, R., "Computer Viruses: Checklist for Recovery",
           Computers in  Libraries, Vol. 9, No. 2, Pg. 4,
           1 February 1989.

           Wood, C., Banks, W., Guarro, S., Garcia, A., Hampel, V.,
           and H. Sartorio, "Computer Security:  A Comprehensive Controls
           Checklist", John Wiley and Sons, Interscience Publication,

8.7  Additional Publications

   Defense Data Network's Network Information Center (DDN NIC)

      The DDN NIC maintains DDN Security bulletins and DDN Management

Top      Up      ToC       Page 100 
      bulletins online on the machine: NIC.DDN.MIL.  They are available
      via anonymous FTP.  The DDN Security bulletins are in the
      directory: SCC, and the DDN Management bulletins are in the
      directory: DDN-NEWS.

      For additional information, you may send a message to:
      NIC@NIC.DDN.MIL, or call the DDN NIC at: 1-800-235-3155.

           Defense Data Network, "BSD 4.2 and 4.3 Software Problem
           Resolution", DDN MGT Bulletin #43, DDN Network Information
           Center, 3 November 1988.

           A Defense Data Network Management Bulletin announcement
           on the 4.2bsd and 4.3bsd software fixes to the Internet

           DCA DDN Defense Communications System, "DDN Security
           Bulletin 03", DDN Security Coordination Center,
           17 October 1989.

   IEEE Proceedings

           "Proceedings of the IEEE Symposium on Security
           and Privacy", published annually.

      IEEE Proceedings are available from:

              Computer Society of the IEEE
              P.O. Box 80452
              Worldway Postal Center
              Los Angeles, CA  90080

   Other Publications:

      Computer Law and Tax Report
      Computers and Security
      Security Management Magazine
      Journal of Information Systems Management
      Data Processing & Communications Security
      SIG Security, Audit & Control Review

Top      Up      ToC       Page 101 
9.  Acknowledgments

   Thanks to the SSPHWG's illustrious "Outline Squad", who assembled at
   USC/Information Sciences Institute on 12-June-90: Ray Bates (ISI),
   Frank Byrum (DEC), Michael A. Contino (PSU), Dave Dalva (Trusted
   Information Systems, Inc.), Jim Duncan (Penn State Math Department),
   Bruce Hamilton (Xerox), Sean Kirkpatrick (Unisys), Tom Longstaff
   (CIAC/LLNL), Fred Ostapik (SRI/NIC), Keith Pilotti (SAIC), and Bjorn
   Satdeva (/sys/admin, inc.).

   Many thanks to Rich Pethia and the Computer Emergency Response Team
   (CERT); much of the work by Paul Holbrook was done while he was
   working for CERT.  Rich also provided a very thorough review of this
   document.  Thanks also to Jon Postel and USC/Information Sciences
   Institute for contributing facilities and moral support to this

   Last, but NOT least, we would like to thank members of the SSPHWG and
   Friends for their additional contributions: Vint Cerf (CNRI),
   Dave Grisham (UNM), Nancy Lee Kirkpatrick (Typist Extraordinaire),
   Chris McDonald (WSMR), H. Craig McKee (Mitre), Gene Spafford (Purdue),
   and Aileen Yuan (Mitre).

10.  Security Considerations

   If security considerations had not been so widely ignored in the
   Internet, this memo would not have been possible.

11.  Authors' Addresses

   J. Paul Holbrook
   CICNet, Inc.
   2901 Hubbard
   Ann Arbor, MI 48105

   Phone: (313) 998-7680

   Joyce K. Reynolds
   University of Southern California
   Information Sciences Institute
   4676 Admiralty Way
   Marina del Rey, CA 90292

   Phone: (213) 822-1511