There's a lot more consciousness of security today, but not a lot of understanding of what it means and how far it should go. No one loves security, but most people---managers, system administrators and users alike---are starting to feel that they'd better accept it, or at least try to understand it.

For example, most U.S. Government equipment acquisitions now require "Orange Book" (Trusted Computer System Evaluation Criteria) certification. A lot of people have a vague feeling that they ought to know about the Orange Book, but few make the effort to track it down and read it. Computer Security Basics contains a more readable introduction to the Orange Book---why it exists, what it contains, and what the different security levels are all about---than any other book or government publication.

This handbook describes complicated concepts such as trusted systems, encryption, and mandatory access control in simple terms. It tells you what you need to know to understand the basics of computer security, and it will help you persuade your employees to practice safe computing.

Contents include:

• Introduction (basic computer security concepts, security breaches such as the Internet worm).
• Computer security and requirements of the Orange Book.
• Communications and network security.
• Peripheral types of security (including biometric devices, physical controls, and TEMPEST).
• Appendices: terms, sources, user groups, and other reference material.

 Table of Contents

Preface  
About This Book  
Summary of Contents  
Acknowledgments  
Comments and Questions  

Part I. OVERVIEW  

Chapter 1. Introduction    
Attack of the Giant Worm (and Other Tales)  
What Is Computer Security?  
    A Broader Definition of Security  
    Secrecy and Confidentiality  
    Accuracy, Integrity, and Authenticity  
    Availability  
Threats to Security  
    Vulnerabilities  
    Threats  
    Countermeasures  
Why Buy Security?  
    Government Requirements  
    Information Protection  
What's A User To Do?  

Chapter 2. Some Security History    
Information and its Controls  
Computer Security:  Then and Now  
Early Computer Security Efforts  
    Tiger Teams  
    Research and Modeling  
    Secure Systems Development  
Building Toward Standardization  
    Standards for Secure Systems  
    Standards for Cryptography  
    Standards for Emanations  
Computer Security Mandates and Legislation  
    NSDD  
    NTISSP   
    Computer Fraud and Abuse Act  
    Computer Security Act  
    Searching for a Balance  
    Recent Government Security Initiatives  
Privacy Considerations  
International Security Activity  
The Growth of Modern Standards  

Part II. COMPUTER SECURITY  

Chapter 3. Computer System Security and Access Controls    
What Makes a System Secure?  
System Access:  Logging Into Your System  
    Identification and Authentication  
    Protecting Passwords  
Data Access:  Protecting Your Data  
    Discretionary Access Control  
    Mandatory Access Control  

Chapter 4. Viruses and Other Wildlife    
Viruses  
Worms  
Trojan Horses  
Bombs  
Trap Doors  
Spoofs  
Other Wildlife  
Remedies  

Chapter 5. Secure System Planning and Administration  
Administrative Security  
Overall Planning and Administration  
    Analyzing Costs and Risks  
    Planning for Disaster  
    Setting Security Rules for Employees  
    Training Users  
Day-to-day Administration  
    Performing Backups  
    Performing a Security Audit  
Separation of Duties  

Chapter 6. Inside the Orange Book    
Introduction to the Orange Book  
A Summary of Security Concepts  
    What's a Trusted System?  
    Measuring Trust  
    Trusted Computing Base  
    Security Policy  
    Security Model  
    Security Kernel  
    Security Perimeter  
Orange Book Evaluation Classes  
    Comparison of Evaluation Classes  
    Complaints About the Orange Book  
Evaluations of Secure Systems  
Security Policy Requirements  
    Discretionary Access Control  
    Object Reuse  
    Labels  
    Mandatory Access Control  
Accountability Requirements  
    Identification and Authentication  
    Trusted Path  
    Audit  
Assurance Requirements  
    Operational Assurance  
    Life-cycle Assurance  
Documentation Requirements  
    Security Features User's Guide  
    Trusted Facility Manual  
    Test Documentation  
    Design Documentation  
Summary of Classes  
    D Systems:  Minimal Security  
    C1 Systems:  Discretionary Security Protection  
    C2 Systems:  Controlled Access Protection  
    B1 Systems:  Labeled Security Protection  
    B2 Systems:  Structured Protection  
    B3 Systems:  Security Domains  
    A1 Systems:  Verified Design  
Compartmented Mode Workstations  
Government Computer Security Programs  

Part III. COMMUNICATIONS SECURITY  

Chapter 7. Encryption    
Some History  
What is Encryption?  
    Why Encryption?  
    Transposition and Substitution Ciphers  
    Cryptographic Keys:  Private and Public  
    Key Management and Distribution  
    One-time Pad  
The Data Encryption Standard  
    What is the DES?  
    Future of the DES  
Other Cryptographic Algorithms  
    Variations on the DES  
    Public Key Algorithms  
    The RSA Algorithm  
    Digital Signatures and Notaries  
    Government Algorithms  
Message Authentication  
Encryption in Banking and Financial Applications  
Government Cryptographic Programs  
    NSA  
    NIST  
    Treasury  
Cryptographic Export Restrictions  

Chapter 8. Communications and Network Security    
What Makes Communication Secure?  
    Communications Vulnerabilities  
    Communications Threats  
Modems  
Networks  
    Network Terms  
    Some Network History  
    Network Media  
OSI Model  
Network Security  
    Trusted Networks  
    Perimeters and Gateways  
    Security in Heterogeneous Environments  
    Encrypted Communications  
The Red Book and Government Network Evaluations  
    TCSEC Requirements  
    Other Security Services  
Some Network Security Projects  
    DISNet and Blacker  
    SDNS  
    Kerberos  
    Project MAX  
    Secure NFS  

Part IV. OTHER TYPES OF SECURITY  

Chapter 9. Physical Security and Biometrics    
Physical Security  
    Natural Disasters  
    Risk Analysis and Disaster Planning  
Locks and Keys:  Old and New  
    Types of Locks  
    Tokens  
    Challenge-response Systems  
    Cards:  Smart and Dumb  
Biometrics  
    Fingerprints  
    Handprints  
    Retina Patterns  
    Voice Patterns  
    Signature and Writing Patterns  
    Keystrokes  

Chapter 10. TEMPEST    
The Problem of Emanations  
The TEMPEST Program  
How To Build TEMPEST Products  
TEMPEST Standards and Restrictions  
    TEMPEST Standards  
    TEMPEST Export Restrictions  
Who Cares About TEMPEST?  
    Is TEMPEST Needed?  
    Changing TEMPEST Concepts  
Government TEMPEST Programs  

Part V. APPENDICES  

Appendix A. Acronyms    

Appendix B. Computer Security Legislation    

Appendix C. Orange Book and Other Summaries    
Orange Book (TCSEC) Requirements  
Compartmented Mode Workstation (CMW) Requirements  
System High Workstation (SHW) Requirements  
International Security (ITSEC) Requirements  

Appendix D. Government Security Programs    
Computer Security Programs  
    The Role of the NCSC  
    The Role of NIST  
    Trusted Product Evaluation Program (TPEP)  
    Evaluation of Network Products  
    Evaluations of Database Management Systems  
    Evaluations of Security Subsystem Products  
    Formal Verification Systems Evaluation Program (FVSEP)  
    Degausser Products List  
    Rating Maintenance Phase (RAMP) Program  
    System Certification and Accreditation  
    DOCKMASTER  
    Technical Vulnerability Reporting Program  
Communications Security Programs  
    Commercial COMSEC Endorsement Program  
    CCEP Eligibility  
    CCEP Program Steps  
    Government Endorsed DES Equipment Program  
    EFT Certification Program  
    Protected Network Services List  
    Off-line Systems List (OLSL)  
    Restrictions on Cryptographic Products  
TEMPEST Security Programs  
    Industrial TEMPEST Program and Preferred Products List  
    Endorsed TEMPEST Products Program  
    Endorsed TEMPEST Test Services Program  
    Endorsed TEMPEST Test Instrumentation Program  

Appendix E. A Security Source Book    
Government Publications  
    The Rainbow Series  
    Other NSA Publications  
    FIPS PUBs  
    NIST Special Publications  
    Other NIST Publications  
    Compartmented Mode Workstation (CMW) Publications  
    COMSEC Program Publications  
    TEMPEST Program Publications  
    Other Security-relevant Government Publications  
Government Program Contact Points  
    Computer Security (COMPUSEC) Programs  
    Communications Security (COMSEC) Programs  
    TEMPEST Programs  
    Other Government Contacts  
Emergency Organizations  
Standards Organizations  
Security User Groups  
Electronic Groups  
    USENET  
    Commercial Bulletin Boards  
    NCSC DOCKMASTER  
    NIST Computer Security Bulletin Board  
Computer Security Periodicals  
Computer Security Books  
    Conference Proceedings  
    Computer Security Textbooks  
    Viruses and Other Programmed Threats  
    Computer Crime and Ethics  
    Of General Interest  

Glossary  

Index  

Figures 
3-1   Self/Group/Public Controls  
3-2   Discretionary Access Control With an Access Control List  
3-3   Mandatory Access Control  
6-1   Comparison of Evaluation Classes  
6-2   Example of Labeling on Banner Page  
6-3   Sample Trusted Path Menu  
6-4   Sample Audit Output  
7-1   The Enigma Machinex  
7-2   Simple Encryption and Decryption  
7-3   A Simple Transposition Cipher  
7-4   Simple Substitution Ciphers  
7-5   Another Transposition Cipher  
7-6   The Caesar Substitution Cipher  
7-7   A Simple Example of Private Key Encryption/Decryption  
7-8   A Simple Example of Public Key Encryption/Decryption  
7-9   A One-time Pad  
7-10   How the DES Works  
8-1   Open Systems Interconnection (OSI) Model  
8-2   End-to-end Encryption  
8-3   Link Encryption  

Tables
2-1   Security-relevant Standards Organizations  
3-1   Sample Login/Password Controls  
6-1   Evaluation Classes and Sample Systems  
6-2   Discretionary Access Control (DAC) Requirements  
6-3   Identification and Authentication (I&A) Requirements  
6-4   Audit Requirements  
6-5   System Architecture Requirements  
6-6   Covert Channel Requirements  
6-7   Trusted Facility Management Requirements  
6-8   Security Testing Requirements  
6-9   Design Specification and Verification Requirements  
6-10   Configuration Management Requirements  
6-11   Trusted Facility Manual (TFM) Requirements  
6-12   Test Documentation Requirements  
6-13   Design Documentation Requirements  
8-1   OSI Model Layers and Functions  
8-2   Communications Integrity Requirements  
8-3   Denial of Service Requirements  
8-4   Compromise Protection Requirements  
B-1   Information Protection Legislation  
B-2   Computer Crime Legislation  
B-3   Privacy Legislation  
C-5   Compartmented Mode Workstation Requirements  
C-6   System High Workstation (SHW) Requirements  
C-7   Information Technology Security Evaluation Criteria (ITSEC)  
C-8   ITSEC Classes of Functionality  
C-9   ITSEC Assurance Levels  
E-1   Rainbow Series  
E-2   FIPS PUBs  
E-3   SPEC PUBs