The mechanisms for carrying out such procedures are called mandatory access controls by the DOD.


Such mechanisms are called discretionary access controls by the DOD, and user-directed, identity-based access controls by the International Organization for Standards. Also, the owner-based approach stands in contrast with the more formal, centrally administered clearance or access-authorization process of the national security community.


There are many kinds of vulnerability. Authorized people can misuse their authority. One user can impersonate another. One break-in can set up the conditions for others, for example, by installing a virus. Physical attacks on equipment can compromise it. Discarded media can be scavenged. An intruder can get access from a remote system that is not well secured, as happened with the Internet worm.


Although it might be comforting to commend the use of, or research into, quantitative risk assessment as a planning tool, in many cases little more than a semiquantitative or checklist-type approach seems warranted. Risk assessment is the very basis of the insurance industry, which, it can be noted, has been slow to offer computer security coverage to businesses or individuals (see Chapter 6, Appendix 6.2, "Insurance"). In some cases (e.g., the risk of damage to the records of a single customer's accounts) quantitative assessment makes sense. In general, however, risk assessment is a difficult and complex task, and quantitative assessment of myriad qualitatively different, low-probability, high-impact risks has not been notably successful. The nuclear industry is a case in point.


The extent of interconnection envisioned for the future underscores the importance of planning for interdependencies. For example, William Mitchell has laid out a highly interconnected vision:

Through open systems interconnection (OSI), businesses will rely on computer networks as much as they depend on the global telecom network. Enterprise networks will meet an emerging need: they will allow any single computer in any part of the world to be as accessible to users as any telephone. OSI networking capabilities will give every networked computer a unique and easily accessible address. Individual computer networks will join into a single cohesive system in much the same way as independent telecom networks join to form one global service. (Mitchell, 1990, pp. 69–72)


Other federal privacy laws include the Fair Credit Reporting Act of 1970 (P.L. 91–508), the Family Educational Rights and Privacy Act of 1974 (20 U.S.C. 1232g), the Right of Financial Privacy Act of 1978 (11 U.S.C. 1100 et seq.), the Electronic Funds Transfer Act of 1978 (15 U.S.C. 1693, P.L. 95–200), the Cable Communications Policy Act of 1984 (48 U.S.C. 551), the Electronic Communications Privacy Act of 1986 (18 U.S.C. 2511), and the Computer Matching and Privacy Protection Act of 1988 (5 U.S.C. 552a Note) (Turn, 1990). States have also passed laws to protect privacy.


This point was made by the congressional Office of Technology Assessment in an analysis of federal agency use of electronic record systems for computer matching, verification, and profiling (OTA, 1986b).


Recent cases about management perusing electronic mail messages that senders and receivers had believed were private amplify that debate (Communications Week, 1990a).

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement