Security Controls for Computer Systems: Report of Defense Science Board Task Force on Computer Security
Oct 1, 1979
An analysis of the needs for trusted computer systems in the civilian agencies of the federal government, in state and local governments, and in the private sector. Trusted systems are ADP systems that contain sufficient hardware and software integrity to support simultaneous processing of multiple levels of defense classified information and/or information sensitive for other reasons. Protection of programs and data involves a variety of security techniques, administrative and operational procedures, and computer-communication security techniques. Trusted systems that can be shown to provide defined levels of protection can solve problems of safeguarding assets and resources in computer systems, assure compliance with certain laws and regulations, enable enforcement of management control, and assure the safety and integrity of computer-controlled processes or systems. They can also provide operational economies and marketing advantages and enhance an organization's public image. This report provides a rationale for development of trusted systems as off-the-shelf items in standard product lines.