Access Restriction

Author Al-Dossary, G.M.
Source IEEE Xplore Digital Library
Content type Text
Publisher Institute of Electrical and Electronics Engineers, Inc. (IEEE)
File Format PDF
Copyright Year ©1989
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Computer programming, programs & data ♦ Technology ♦ Engineering & allied operations ♦ Other branches of engineering
Subject Keyword Computer viruses ♦ Computer industry ♦ Computer security ♦ Microcomputers ♦ Viruses (medical) ♦ Access control ♦ Availability ♦ Computer aided instruction ♦ Computer networks ♦ Productivity
Abstract A computer virus can be a vicious and insidious form of code. It has the ability to replicate itself, to attach itself to othercode, to spread through a computer system or network, and often to initiate a harmful series of instructions when a "trigger"point is reached. Viruses can have a major impact on productivity because of the steadily increasing dependence of industrial, business, and government functions on the availability and integrity of data processing systems. Al though mainframe computers have been the target of virus attacks less often than microcomputers up until now, there is no room for complacency when the stakes are so high. Tne novelty, the technical nature, and the tendency to romanticize this phenomenon, have resulted in a "black box" syndrome ("I don't know what's going on in there.") and a feeling of overwhelming impotence in the business community. The risk of viruses can be reduced. One approach is to examine the constituentpartsfrom which a virus is composed, and to design a, comprehensive defense which reckons with each of these parts. The protection chain will only be as strong as its weakest link. the author of this paper suggests a classification scheme which is useful in understanding the components of a virus and useful methods for maintaining the integrity of a computer system. This paper outlines basic prevention, detection, and cor rection techniques which are available today to reduce the threat of damages caused by viruses. These include software vaccines" or filters; encryption, access controlsoftware (eg. RACF, ACF2, and Top Secret); "test-to-production" con trol procedures; back-up and recovery procedures; person nel selection and review controls; and physical access control. The concepts presented in this paper conform to the "Frusted Computer System Evaluation Criteria" developed by the United States Computer Security Center and use examples from major published virus incidents to illustrate the notice of control weaknesses, The paper concludes that no working computer system is impregnable but that much can be done by industry to make most computer systems less inviting to attacks from viruses. A bibliography is included for further study.
Description Author affiliation: Saudi Arameo (Al-Dossary, G.M.)
Educational Role Student ♦ Teacher
Age Range above 22 year
Educational Use Research ♦ Reading
Education Level UG and PG
Learning Resource Type Article
Publisher Date 1989-10-03
Rights Holder Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Size (in Bytes) 651.73 kB
Page Count 9
Starting Page 23
Ending Page 31

Source: IEEE Xplore Digital Library