ing electronic storage of personal information) and potential disasters that can cause economic and even human losses. For example, new vulnerabilities are emerging as computers become more common as components of medical and transportation equipment or more interconnected as components of domestic and international financial systems. Many disasters may result from intentional attacks on systems, which can be prevented, detected, or recovered from through better security. The nation needs computer technology that supports substantially increased safety, reliability, and, in particular, security.

Security refers to protection against unwanted disclosure, modification, or destruction of data in a system and also to the safeguarding of systems themselves. Security, safety, and reliability together are elements of system trustworthiness—which inspires the confidence that a system will do what it is expected to do.

In many ways the problem of making computer and communications systems more secure is a technical problem. Unlike a file cabinet, a computer system can help to protect itself; there exists technology to build a variety of safeguards into computer systems. As a result, software, hardware, and system development presents opportunities for increasing security. Yet known techniques are not being used, and development of better techniques is lagging in the United States. From a technical perspective, making computer system technology more secure and trustworthy involves assessing what is at risk, articulating objectives and requirements for systems, researching and developing technology to satisfy system requirements, and providing for independent evaluation of the key features (to assess functionality) and their strength (to provide assurance). All of these activities interact.

Attaining increased security, in addition to being a technical matter is also a management and social problem: what is built and sold depends on how systems are designed, purchased, and used. In today's market, demand for trustworthy systems is limited and is concentrated in the defense community and industries, such as banking, that have very high levels of need for security. That today's commercial systems provide only limited safeguards reflects limited awareness among developers, managers, and the general population of the threats, vulnerabilities, and possible safeguards. Most consumers have no real-world understanding of these concepts and cannot choose products wisely or make sound decisions about how to use them. Practical security specialists and professional societies have emerged and have begun to affect security practice from inside organizations, but their impact is constrained by lack of both management



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement