Accession Number:

ADA089935

Title:

Subversion: The Neglected Aspect of Computer Security.

Descriptive Note:

Master's thesis,

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

1980-06-01

Pagination or Media Count:

114.0

Abstract:

This thesis distinguishes three methods of attacking internal protection mechanisms of computers inadvertent disclosure, penetration, and subversion. Subversion is shown to be the most attractive to the serious attacker. Subversion is characterized by three phases of operations the inserting of trap doors and Trojan horses, the exercising of them, and the retrieval of the resultant unauthorized information. Insertion occurs over the entire life cycle of the system from the system design phase to the production phase. This thesis clarifies the high risk of using computer systems, particularly so-called trusted subsystems for the protection of sensitive information. This leads to a basis for countermeasures based on the lifetime protection of security related system components combined with the application of adequate technology as exemplified in the security kernel concept. Author

Subject Categories:

  • Computer Programming and Software
  • Computer Hardware
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE