Date Published: January 1978
Author(s)
Brian Ruder (SRI), J. Madden (SRI)
Editor(s)
Robert Blanc (NBS)
Stanford Research Institute (SRI) has an extensive file of actual computer misuse cases. The National Bureau of Standards asked SRI to use these cases as a foundation to develop ranked lists of computer safeguards that would have prevented or detected the recorded intentional misuses. This report provides a working definition of intentional computer misuse, a construction of a vulnerability taxonomy of intentional computer misuse, a list of 88 computer safeguards, and a model for classifying the safeguards. In addition, there are lists ranking prevention and detection safeguards, with an explanation of the method of approach used to arrive at the lists. The report should provide the computer security specialist with sufficient information to start or enhance a computer safeguard program.
Stanford Research Institute (SRI) has an extensive file of actual computer misuse cases. The National Bureau of Standards asked SRI to use these cases as a foundation to develop ranked lists of computer safeguards that would have prevented or detected the recorded intentional misuses. This report...
See full abstract
Stanford Research Institute (SRI) has an extensive file of actual computer misuse cases. The National Bureau of Standards asked SRI to use these cases as a foundation to develop ranked lists of computer safeguards that would have prevented or detected the recorded intentional misuses. This report provides a working definition of intentional computer misuse, a construction of a vulnerability taxonomy of intentional computer misuse, a list of 88 computer safeguards, and a model for classifying the safeguards. In addition, there are lists ranking prevention and detection safeguards, with an explanation of the method of approach used to arrive at the lists. The report should provide the computer security specialist with sufficient information to start or enhance a computer safeguard program.
Hide full abstract
Keywords
computer security; computer misuse; computer safeguards; computer security model; computer crime; computer fraud; privacy
Control Families
None selected