Category : Various Text files
Archive   : CSP.ZIP
Filename : REPORTS.WP5

 
Output of file : REPORTS.WP5 contained in archive : CSP.ZIP
ÿWPCÍ
ûÿ2‰BVR‡¨ Z/TmsRmn 10pt (K)²ÿÿy.`8D,aô`ô\  PŽ]5QôPþþþþþþþÿþÿÿÿþÿÿþÿÿÿÿÿÿþÿþÿÿÿÿÿÿÿÿþÿÿ"‚ÿÿÿÿ5ÿÿÿÿÿÿÿÿÿÿÿÿÿÿ…ÿÿÿÿÿÿ^D0 ì!ÁBIBLIOGRAPHY OF COMPUTER SECURITY REPORTSƒ
ÁàÒì,Á(1976 through 1988)ƒ

Note: A bibliography is now being developed to encompass 1989.

Ôè0*0*0*°°Ô
Áà:ì-ÁAUTHORS SPECIFIEDƒ



Áàâì,ÁABUSE/MISUSE/CRIMEƒ


AUTHOR: Burnham, B.W.

TITLE: Virus Threat and Secure Code Distribution

ORGANIZATION: U.S. Department of Energy

REPORT NO.: DE85-009106/XAB
PUBLICATION DATE: 1985
CATEGORY: Abuse/Misuse/Crime

COST: $9.95

DESCRIPTION: This report discusses countermeasures
that can be taken against virus programs in a
computer system. A virus program that relocates
itself in memory and might help in defeating
security measures.



AUTHOR: Ruder, Brian and Madden, J.D.

TITLE: An Analysis of Computer Security Safeguards
For Detecting and Preventing Intentional
Computer Misuse
ORGANIZATION: National Institute of Standards and
Technology

REPORT NO.: 500-25, Order # PB 275514
PUBLICATION DATE: January 1978
CATEGORY: Abuse/Misuse/Crime

COST: $11.50

DESCRIPTION: Discusses 88 computer security
safeguards and a model for evaluating safeguards as
mechanisms for preventing misuse.








Ôh)0*0*0*°°ԌÁà¶ì.ÁACCESS CONTROLƒ

AUTHOR: Aiken, D.

TITLE: Secure User Authentication in a Distributed
Computing Environment

ORGANIZATION: U.S. Department of Energy/National
Technical Information Service

REPORT NO.: DE86-002960
PUBLICATION DATE: October 1985
CATEGORY: Access Control

COST: $9.95

DESCRIPTION: This report looks at a method for
user authentication in a distributed computing
system where information is protected from release,
modification, and replay.


AUTHOR: Arazi, Benjamin

TITLE: Processing of Encrypted Commercial Data


ORGANIZATION: National Research Institute for
Mathematical Sciences

REPORT NO.: PB82-204306
PUBLICATION DATE: September 1981
CATEGORY: Access Control

COST: $9.95

DESCRIPTION: Discusses an encryption scheme that
will help process encrytped commercial data.



AUTHOR: Brickell, E.F.

TITLE: New Knapsack-Based Cryptosystem

ORGANIZATION: National Technical Information
Service

REPORT NO.: DE83-011283
PUBLICATION DATE: 1983
CATEGORY: Access Control

COST: $9.95
Ôh)0*0*0*°°Ԍ DESCRIPTION: This paper presents a knapsack-based
cryptosystem that seems to be secure from attacks
that have violated other knapsack-based
cryptosystems.


AUTHOR: Gait, Jason

TITLE: Maintenance Testing for the Data Encryption
Standard

ORGANIZATION: National Institute of Standards and
Technology

REPORT NO.: 500-61, Order # PB 80221211
PUBLICATION DATE: August 1980
CATEGORY: Access Control

COST: $8.50

DESCRIPTION: Discusses four test that users and
manufactures can use to check the operation of data
encryption devices.


AUTHOR: Gait, Jason

TITLE: Validating the Correctness of Hardware
Implementations of the NBS Data Encryption
Standard
ORGANIZATION: National Institute of Standards and
Technology/ National Technical
Information Service
REPORT NO.: 500-20 Order # PB 81113524
PUBLICATION DATE: November 1977
CATEGORY: Access Control

COST: $8.50

DESCRIPTION: The NBS testbed that is used for
validating the hardware implementations of the Data
Encryption Standard (DES) is described.



AUTHOR: Hartman, W.J.

TITLE: A Critique of Some Public-Key Cryptosystems


ORGANIZATION: National Telecommunications and
Information Administration

REPORT NO.: PB82-120270 Ôh)0*0*0*°°Ԍ PUBLICATION DATE: August 1981
CATEGORY: Access Control

COST: $11.95

DESCRIPTION: Discusses several cryptosystems and
ways in which these systems can be attacked.
examples of programs that attack cryptosystems are
included.


AUTHOR: McClain, W.J.

TITLE: Security of Distributed ADP Systems:
Problems and Solutions

ORGANIZATION: National Technical Information
Service

REPORT NO.: DE84-001585
PUBLICATION DATE: July 25, 1983
CATEGORY: Access Control

COST: $11.95

DESCRIPTION: Discusses the challenge in keeping a
distributed network secure and suggests that the
tools required to keep a system safe will be
available in the near future.



AUTHOR: Mullender, S.J. and Tanenbaum, A.S.

TITLE: Protection and Resource Control in
Distributed Operating Systems

ORGANIZATION: National Technical Information
Service

REPORT NO.: PB85-201671/XAB
PUBLICATION DATE: March 1983
CATEGORY: Access Control

COST: $13.50

DESCRIPTION: Discusses how a traditional object-
oriented system can be implemented on top of a
basic protection mechanism in local networks where
the computer cable has sockets in several rooms
through the building.


Ôh)0*0*0*°°Ԍ AUTHOR: Nessett, D.M.

TITLE: Factors Affecting Distributed System
Security

ORGANIZATION: U.S. Department of Energy/National
Technical Information Service

REPORT NO.: DE86-003483
PUBLICATION DATE: April 6, 1986
CATEGORY: Access Control

COST: $9.95

DESCRIPTION: This report examines the requirements
of distributed system security and critiques recent
work in this field.


AUTHOR: Power, J.M. and Wilbur, S.R.

TITLE: Authentication in a Heterogeneous
Environment

ORGANIZATION: National Technical Information
Service

REPORT NO.: PB86-135522/XAB
PUBLICATION DATE: April 30, 1985
CATEGORY: Access Control

COST: $13.50

DESCRIPTION: This report describes a way in which
authentication of users and servers of a computer
system can be accomplished. The method can be used
with simple processors or timesharing systems.


AUTHOR: Springer, E.

TITLE: Current Status of Link Access Control and
Encryption System

ORGANIZATION: U.S. Department of Energy/ National
Technical Information Service

REPORT NO.: DE84-009604
PUBLICATION DATE: 1984
CATEGORY: Access Control

COST: $9.95

Ôh)0*0*0*°°Ԍ DESCRIPTION: This report is from a summary of the
proceedings of the DOE Computer Security Conference
held on April 10, 1984. Discussed is a system that
protects unclassified sensitive data transmissions
over unprotected lines using a data encryption
standard.


AUTHOR: Wood, Helen

TITLE: The Use of Passwords for Controlled Access
to Computer Resources

ORGANIZATION: National Institute of Standards and
Technology/National Technical
Information Service
REPORT NO.: 500-9, Order # PB 266323
PUBLICATION DATE: May 1977
CATEGORY: Access Control

COST: $10.00

DESCRIPTION: Password schemes are analyzed
according to such things as lifetime and
information content. Cost considerations of
password schemes are also discussed.


Áà>ì+ÁAUDIT AND EVALUATIONƒ


AUTHOR: Bishop, M.

TITLE: Analyzing the Security of an Existing
Computer System

ORGANIZATION: National Aeronautics and Space
Administration

REPORT NO.: N86-33029/7/XAB
PUBLICATION DATE: May 1986
CATEGORY: Audit and Evaluation

COST: $9.95

DESCRIPTION: This report examines ways to locate
security problems in existing computer systems by
serving as a basis for conducting thought
experiments.




Ôh)0*0*0*°°Ԍ AUTHOR: Ruthberg, Zella G. Edited by

TITLE: Audit and Evaluation of Computer Security
II: System Vulnerabilities and Controls

ORGANIZATION: National Institute of Standards and
Technology

REPORT NO.: 500-57, Order # SN 003-003-02178-4
PUBLICATION DATE: April 1980
CATEGORY: Audit and Evaluation

COST: $7.00

DESCRIPTION: This report discusses the NBS/GAO
workshop on developing improved computer security
auditing procedures.



Áà.ì+ÁCONTINGENCY PLANNINGƒ

AUTHOR: Isaac, Irene

TITLE: Guide on Selecting ADP Backup Processing
Alternatives

ORGANIZATION: National Institute of Standards and
Technology/U.S. Department of
Commerce
REPORT NO.: 500-134, Order # SN 003-003-02723-5
PUBLICATION DATE: May 1986
CATEGORY: Contingency Planning

COST: $3.75

DESCRIPTION: Addresses the issue of selecting ADP
backup processing support before the need actually
occurs. Alternative processing methods are
described along with a way to pick the best method.


Áà2ì-ÁGENERAL SECURITYƒ


AUTHOR: Berting, F.M.

TITLE: Fundamentals of Computer Security


ORGANIZATION: U.S. Department of Energy/ National
Technical Information Service

REPORT NO.: DE84-011476 Ôh)0*0*0*°°Ԍ PUBLICATION DATE: April 4, 1984
CATEGORY: General Security

COST: $9.95

DESCRIPTION: This report addresses the need for
protective measures against accidental or malicious
harm done to computers by people.



AUTHOR: Edgar, Mallory F.

TITLE: Automated Information Systems (AIS)
Security

ORGANIZATION: American Defense Preparedness
Association

REPORT NO.: None Specified
PUBLICATION DATE: August 8, 1987
CATEGORY: General Security

COST: Free

DESCRIPTION: This report examines past and
current events affecting AIS security on a
national level.


AUTHOR: Kovach, R.D., Bolczak, R., and
Tompkins, F.G.
TITLE: Model Set of Security Requirements for
Procuring and implementing Transaction
Processing Systems
ORGANIZATION: National Technical Information
Service

REPORT NO.: PB86-119989/LP
PUBLICATION DATE: January 1985
CATEGORY: General Security

COST: $13.95

DESCRIPTION: This document helps establish a
security baseline for obtaining data processing
services from a contractor.



AUTHOR: McLoughlin, Glenn J.

TITLE: Computer Crime and Security
Ôh) 0*0*0*°°Ԍ
ORGANIZATION: Congressional Research Services,
U.S. Congress

REPORT NO.: Order Code IB85155
PUBLICATION DATE: April 10, 1987
CATEGORY: General Security

COST: Free

DESCRIPTION: This report examines the topics of
threat of entering systems and damaging or stealing
data, the role of the federal government in
defining "computer crime" and "authorized access",
and whether federal protection should be extended
into both the private and federal sectors.


AUTHOR: McLoughlin, Glenn J.

TITLE: Computer Security Issues: The Computer
Security Act of 1987

ORGANIZATION: Congressional Research Service,
U.S. Congress

REPORT NO.: Order Code IB87164
PUBLICATION DATE: February 9, 1988
CATEGORY: General Security

COST: Free

DESCRIPTION: This report discusses the current
federal role in computer security and the computer
security act of 1987.


AUTHOR: Popek, G.J.

TITLE: Secure Reliable Processing Systems


ORGANIZATION: National Technical Information
Service

REPORT NO.: AD-A140 150/4
PUBLICATION DATE: February 21, 1984
CATEGORY: General Security

COST: $18.95

DESCRIPTION: This report, technical in nature,
examines research done at UCLA that focused on
computer security and distributed computer systems Ôh)
0*0*0*°°Ԍ including networks, operating systems, and data
management.



AUTHOR: Story, Frank

TITLE: ADP Security: Executive Training


ORGANIZATION: Kaiser Engineers Hanford
Contact: Frank Story, IS Manager

REPORT NO.:
PUBLICATION DATE: 1987
CATEGORY: General Security

COST:

DESCRIPTION: This is a copy of material
distributed at the May 1987 Computer Security
Conference in Albuquerque, NM. Includes reasons for
computer crime, the computer criminal profile, and
computer security emphasis items.


ÁàÎì.ÁLAW AND ETHICSƒ

AUTHOR: Bailey, D.

TITLE: Attacks on Computers: Congressional
Hearings and Pending Legislation

ORGANIZATION: National Technical Information
Service

REPORT NO.: DE84-007468
PUBLICATION DATE: April 30, 1984
CATEGORY: Law and Ethics

COST: $6.50

DESCRIPTION: This report is a summary of the
hearings of the 98th Congress, First Session that
dealt with the introduction of six bills on
computer security. Also summarized are computer
crime bills that were pending.






Ôh) 0*0*0*°°ԌÁà¸ì*ÁMICROCOMPUTER SECURITYƒ


AUTHOR: Steinauer, Dennis D.

TITLE: Security of Personal Computer Systems: A
Management Guide

ORGANIZATION: National Institute of Standards and
Technology

REPORT NO.: 500-120. Order # SN 003-003-02627-0
PUBLICATION DATE: January 1985
CATEGORY: Microcomputer Security

COST: $3.00

DESCRIPTION: This publication is intended for
managers and users of small systems. Advice is
given concerning the physical protection of a
system as well as the protection of software and
data.

ÁàJì2ÁPRIVACYƒ

AUTHOR: Goldstein, Robert and Seward, Henry

TITLE: A Computer Model to Determine Low Cost
Techniques to Comply with the Privacy Act
of 1974
ORGANIZATION: National Institute of Standards and
Technology/National Technical
Information Service
REPORT NO.: 76-985 Order # PB 250755
PUBLICATION DATE: February 1976
CATEGORY: Privacy

COST: $10.00

DESCRIPTION: This report gives a computer model
that simulates the cost of implementing the Privacy
Act using alternative approaches for applying
safeguards. The computer model can be changed to
show varying circumstances.


AUTHOR: Moore, Gwendolyn, Kuhns, John,
Treffzs, Jeffrey and Montgomery, Christine
TITLE: Accessing Individual Records from Personal
Data Files Using Nonunique Identifiers

ORGANIZATION: U.S. Department of Commerce /
National Technical Information
Service Ôh) 0*0*0*°°Ԍ REPORT NO.: 500-2, Order # PB 263176
PUBLICATION DATE: February 1977
CATEGORY: Privacy

COST: $19.00

DESCRIPTION: This report analyzes ways for
retrieving personal information using identifiers
such as name, address, etc. Shows the accuracy of
various methods.

Áà8ì.ÁRISK MANAGEMENTƒ

AUTHOR: Baker, A.L.

TITLE: Application of Risk Assessment


ORGANIZATION: U.S. Department of Energy/ National
Technical Information Service

REPORT NO.: DE83-001983
PUBLICATION DATE: 1982
CATEGORY: Risk Management

COST: $9.95

DESCRIPTION: This report describes the results of
the program that was initiated to provide tools to
DOE facilities for use in complying with guidelines
concerning risk assessment.


AUTHOR: Corynen, G.C.

TITLE: Methodology for Assessing the Security
Risks Associated with Computer Sites and
Networks
ORGANIZATION: National Technical Information
Service

REPORT NO.: DE82-019806
PUBLICATION DATE: June 23, 1982
CATEGORY: Risk Management

COST: $13.95

DESCRIPTION: This report presents a methodology
that managers can use to assess the security risks
of a computer complex by emphasizing the need for
determination of harms to a system.


Ôh)
0*0*0*°°Ԍ AUTHOR: Neugent, William, Gilligan, John,
Hoffman, Lance and Ruthberg, Zella G.
TITLE: Technology Assessment: Methods for
Measuring the Level of Computer Security

ORGANIZATION: U.S. Department of Commerce/National
Institute of Standards and
Technology
REPORT NO.: 500-133 Order # SN 003-003-02686-7
PUBLICATION DATE: October 10, 1985
CATEGORY: Risk Management

COST: $8.00

DESCRIPTION: This technology assessment provides
an evaluation of methods for measuring the level of
computer security in computer applications,
systems, and installations.


AUTHOR: Smith, S.T. and Lim, J.J.

TITLE: Framework for Generating Expert Systems to
Perform Computer Security Risk Analysis

ORGANIZATION: U.S. Department of Energy/National
Technical Information Service

REPORT NO.: DE85-01434/XAB
PUBLICATION DATE: 1985
CATEGORY: Risk Management

COST: $9.95

DESCRIPTION: This report discusses physical and
electronic security. It looks at natural hazards,
direct human actions, and indirect human actions
such as breach of security from an unauthorized
person.


ÁàBì,ÁSECURITY MANAGEMENTƒ


AUTHOR: Helling, William D.

TITLE: Computer Security for the Computer Systems
Manager

ORGANIZATION: National Technical Information
Service

REPORT NO.: AD-A126 768/1
PUBLICATION DATE: December 1982 Ôh)0*0*0*°°Ԍ CATEGORY: Security Management

COST: $13.95

DESCRIPTION: This report discusses basic concepts
of computer security and risk analysis for the
computer systems managers. Countermeasures against
computer problems are also presented.


AUTHOR: McCann, S. Anthony & Kusserow, Richard P.
Co-Project Managers

TITLE: Model Framework For Management Control
Over Automated Information Systems

ORGANIZATION: President's Council on Management
Improvement and the President's
Council on Integrity and Efficiency

PUBLICATION DATE: August 1987
CATEGORY: Security Management

COST: Free

DESCRIPTION: This report synthesizes for managers
the multitude of directives which contain over-
lapping and sometimes confusing guidance on how to
protect automated information system operations.


ÁàZ ì"ÁSOFTWARE AND OPERATING SYSTEM SECURITYƒ

AUTHOR: Gosler, J.R.

TITLE: Software Protection: Myth or Reality


ORGANIZATION: U.S. Department of Energy/ National
Technical Information Service

REPORT NO.: DE86-003719/XAB
PUBLICATION DATE: November 1, 1985
CATEGORY: Software and Operating System Security

COST: $9.95

DESCRIPTION: This paper looks at the advantages and
disadvantages of various technologies employed in
protection schemes for software.



Ôh)0*0*0*°°Ԍ AUTHOR: Landwehr, Carl E.

TITLE: Best available Technologies (BAT) for
Computer Security

ORGANIZATION: Naval Research Laboratory/ National
Technical Information Service

REPORT NO.: AD-A109 189/1
PUBLICATION DATE: December 21, 1981
CATEGORY: Software and Operating System Security

COST: $11.95

DESCRIPTION: This report is aimed at the developer
of secure software computer systems and makes
suggestions about the design of these systems.
Summarized are several specific techniques and
applications.


AUTHOR: Linden, Theodore

TITLE: Operating Systems Structures to Support
Security and Reliable Software

ORGANIZATION: National Institute of Standards and
Technology/National Technical
Information Service
REPORT NO.: Tech, Note 919, Order # PB 257421
PUBLICATION DATE: August 1976
CATEGORY: Software and Operating System Security

COST: $10.00

DESCRIPTION: This report looks at two system
structuring techniques that will help in developing
a secure computer system.


AUTHOR: Rushby, J.M. and Randell, B.

TITLE: Distributed Secure System


ORGANIZATION: National Technical Information
Service

REPORT NO.: PB84-141126
PUBLICATION DATE: 1982
CATEGORY: Software and Operating System Security

COST: $13.50
Ôh)0*0*0*°°Ԍ DESCRIPTION: This report, in tutorial detail, talks
about the design of a distributed computing UNIX
system that helps impose a multilevel security
policy.


ÁàZì+ÁAUTHORS NOT SPECIFIEDƒ

Áàâì,ÁABUSE/MISUSE/CRIMEƒ


AUTHOR: Not Specified

TITLE: Federal Information Systems Remain Highly
Vulnerable to Fraudulent, Wasteful,
Abusive, and Illegal Practices

ORGANIZATION: U.S. General Accounting Office,

REPORT NO.: MASAD-82-18
PUBLICATION DATE: April 21, 1982
CATEGORY: Abuse/Misuse/Crime

COST: Free (if less than 5 ordered)

DESCRIPTION: This report concludes the inadequate
protection over computers and networks leave
systems vulnerable to fraudulent, wasteful, and
and illegal purposes.


Áà¶ì.ÁACCESS CONTROLƒ

AUTHOR: Not Specified

TITLE: Defending Secrets, Sharing Data, New Locks
and Keys for Electronic Informatiom

ORGANIZATION: Office of Technology Assessments,
U.S. Congress
REPORT NO.:
PUBLICATION DATE: 1987
CATEGORY: Access Control

COST: $8.50

DESCRIPTION: Examines the vulnerability of
communications and computer systems and the trends
in technology for safeguarding information in these
systems.



Ôh)0*0*0*°°ԌÁà>ì+ÁAUDIT AND EVALUATIONƒ

AUTHOR: Not Specified

TITLE: Federal Agencies Still Need To Develop
Greater Computer Audit Capabilities

ORGANIZATION: U.S. General Accounting Office

REPORT NO.: AFMD-82-7
PUBLICATION DATE: October 16, 1981
CATEGORY: Audit and Evaluation

COST: Free (if less than 5 ordered)

DESCRIPTION: This report focuses on the progress by
both the Federal Inspector General and internal
audit organizations in reaching their computer
audit requirements. Included are recommendations
for identifying and meeting the necessary auditing
needs.


AUTHOR: Not Specified

TITLE: Flaws in Controls Over The Supplemental
Security Income Computerized System Causes
Millions in Erroneous Payments
ORGANIZATION: U.S. General Accounting Office,
P.O. Box 6015
Gaithersburg, MD 20877
(202) 275-6241
REPORT NO.: HRD-79-104
PUBLICATION DATE: August 9, 1979
CATEGORY: Audit and Evaluation

COST: Free (if less than 5 ordered)

DESCRIPTION: This report describes how federal
automated information systems with inadequate
security controls are vulnerable to mission
impairments.


AUTHOR: Not Specified

TITLE: Information Systems: Agencies Overlook
Security Controls During Development

ORGANIZATION: U.S. General Accounting Office,
P.O. Box 6015
Gaithersburg, MD 20877
(202) 275-6241
REPORT NO.: GAO/IMTEC-88-11 Ôh)0*0*0*°°Ԍ PUBLICATION DATE: May 31, 1988
CATEGORY: Audit and Evaluation

COST: Free (if less than 5 ordered)

DESCRIPTION: This report shows some agencies who
were not meeting federal criteria and good system
development practices for providing reasonable
assurance that appropriate security controls were
incorporated into their automated information
systems.


AUTHOR: Not Specified

TITLE: Information Systems: Security in Federal
Civilian Agencies

ORGANIZATION: U.S. General Accounting Office,
U.S. Congress

REPORT NO.: GAO/T-IMTEC-87-7
PUBLICATION DATE: May 19, 1987
CATEGORY: Audit and Evaluation

COST: Free (if less than 5 ordered)

DESCRIPTION: This report provides a review of the
practices used by federal civilian agencies in
identifying and incorporating appropriate security
controls in automated information systems.


AUTHOR: Not Specified

TITLE: Weak Financial Controls Make The Community
Services Administration Vulnerable to
Fraud and Abuse

ORGANIZATION: U.S. General Accounting Office,
P.O. Box 6015
Gaithersburg, MD 20877
(202) 275-6241
REPORT NO.: FGMSD-80-73
PUBLICATION DATE: August 22, 1980
CATEGORY: Audit and Evaluation

COST: Free (if less than 5 ordered)

DESCRIPTION: This report shows how computer
security weaknesses in the Community Services
Administration exceedingly vulnerable to fraud and
abuse.
Ôh)0*0*0*°°ԌÁà2ì-ÁGENERAL SECURITYƒ


AUTHOR: Not Specified

TITLE: ADP and Telecommunications


ORGANIZATION: General Services Administration/
Government Services Administration

REPORT NO.: GSA Bulletin FPMR F-148
PUBLICATION DATE: January 10, 1983
CATEGORY: General Security

COST:

DESCRIPTION: Computer security publications that
have been used in developing ADP security
management programs are listed in this bulletin.



AUTHOR: Not Specified

TITLE: Center for Computer Security: Computer
Security Group Conference

ORGANIZATION: National Technical Information
Service

REPORT NO.: DE84-012992
PUBLICATION DATE: June 1982
CATEGORY: General Security

COST: $11.95

DESCRIPTION: This report comes from a conference on
computer security and covers various security
issues including security management,
certification, risk analysis, contingency planning,
and other related topics.


AUTHOR: Not Specified

TITLE: Computer Security Models


ORGANIZATION: National Technical Information
Service

REPORT NO.: ADA 166 920/LP
PUBLICATION DATE: September 1984 Ôh)0*0*0*°°Ԍ CATEGORY: General Security

COST: $13.95

DESCRIPTION: This report provides a basis for
evaluating security models as they relate to secure
computer system development. Included is a summary
of existing models plus some general considerations
when designing and using security models.


AUTHOR: Not Specified

TITLE: Glossary for Computer Systems Security


ORGANIZATION: U.S. Department of Commerce /
National Technical Information
Service
REPORT NO.: FIPS PUB 39
PUBLICATION DATE: February 1984
CATEGORY: General Security

COST: $7.00

DESCRIPTION: This glossary contains approximately
170 computer security terms and definitions.


AUTHOR: Not Specified

TITLE: Security of Automated Information Systems

ORGANIZATION: U.S. Nuclear Regulatory Commission

REPORT NO.: NRC Appendix 2301, Part II
PUBLICATION DATE: July 25, 1985
CATEGORY: General Security

COST: $3.20

DESCRIPTION: This report applies to NRC or NRC
contractors that have computer centers, personal
computers, or sensitive application systems that
process unclassified sensitive data.


AUTHOR: Not Specified

TITLE: Trusted Computer Systems - Glossary

ORGANIZATION: National Technical Information
Service
REPORT NO.: ADA 108 829/LP Ôh)0*0*0*°°Ԍ PUBLICATION DATE: March 1981
CATEGORY: General Security

COST: $9.95

DESCRIPTION: This glossary emphasizes terms that
relate to the formal specification and verification
of trusted computer systems.


Áà¸ì*ÁMICROCOMPUTER SECURITYƒ


AUTHOR: Not Specified

TITLE: PC Security Considerations

ORGANIZATION: Government Printing Office, Contact:
Superintendent of Documents
REPORT NO.: GPO Stock # 008-000-00439-1
PUBLICATION DATE: 1985
CATEGORY: Microcomputer Security

COST: $1.00

DESCRIPTION: This report provides a general
discussion of a number of issues that are
pertinent to microcomputer security in the home
and business environment.



Áà
ì&ÁPHYSICAL SECURITY AND HARDWAREƒ

AUTHOR: Not Specified

TITLE: Computer Surety - Computer System
Inspection Guidance
ORGANIZATION: Lawrence Livermore National
Laboratory/U.S. Nuclear Regulatory
Commission
REPORT NO.: NUREG/CR-2288
PUBLICATION DATE: March 1983
CATEGORY: Physical Security and Hardware

COST: $10.00

DESCRIPTION: Details inspection methods for the
Physical Protection Project by the U.S. NRC from
the perspective of the physical protection
inspectors. Includes glossary of computer terms
along with threats and computer vulnerabilities.

Ôh)0*0*0*°°ԌÁà8ì.ÁRISK MANAGEMENTƒ


AUTHOR: Not Specified

TITLE: Technical Risk Assessment - The Status of
Current DOD Efforts
ORGANIZATION: U.S. General Accounting Office


REPORT NO.: PEMD-86-5
PUBLICATION DATE: April 3, 1986
CATEGORY: Risk Management

COST: Free (if less than 5 ordered)

DESCRIPTION: This report offers six
recommendations concerning basic risk assessment
concepts, policies, and procedures for the
Department of Defense.


ÁàBì,ÁSECURITY MANAGEMENTƒ


AUTHOR: Not Specified

TITLE: Government-Wide Guidelines and Management
Assistance Center Needed to Improve ADP
Systems Development
ORGANIZATION: U.S. General Accounting Office

REPORT NO.: AFMD-81-20
PUBLICATION DATE: February 20, 1981
CATEGORY: Security Management

COST: Free (if less than 5 ordered)

DESCRIPTION: This document suggest a framework of
procedures for managing systems development and
reiterates the need for a management assistance
center for computer software and systems
development.


AUTHOR: Not Specified

TITLE: Management, Security, and Congressional
Oversight

ORGANIZATION: Government Printing Office Contact:
Superintendent of Documents

REPORT NO.: OTA-CIT-297 Ôh)0*0*0*°°Ԍ PUBLICATION DATE: February 1986
CATEGORY: Security Management

COST: Free (if less than 5 ordered)

DESCRIPTION: This report is a review of 142 agency
components finding similar weaknesses in
information security controls and management
practices made by the 1986 Office of Technology
Assessment.


AUTHOR: Not Specified

TITLE: Solving Social Security's Computer
Problems: Comprehensive Corrective
Action Plan & Better Management Needed
ORGANIZATION: U.S. General Accounting Office,
U.S. Congress

REPORT NO.: HRD-82-19
PUBLICATION DATE: December 10, 1981
CATEGORY: Security Management

COST: Free (if less than 5 ordered)

DESCRIPTION: This report informs how flaws in
controls in systems used by the Social Security
Administration caused millions of dollars in
erroneous payments.


ÁàZ ì"ÁSOFTWARE AND OPERATING SYSTEM SECURITYƒ


AUTHOR: Not Specified

TITLE: An Approach to Determining Computer
Security Requirements for Navy Systems

ORGANIZATION: Naval Research Laboratory / Defense
Technical Information Center
REPORT NO.: ADA 155750
PUBLICATION DATE:
CATEGORY: Software and Operating System Security

COST: $5.00

DESCRIPTION: This report shows how to meet a
particular requirement level as defined in the DOD
trusted computer evaluation criteria by proposing
a technique for mapping a specific system
architecture and application environment.


  3 Responses to “Category : Various Text files
Archive   : CSP.ZIP
Filename : REPORTS.WP5

  1. Very nice! Thank you for this wonderful archive. I wonder why I found it only now. Long live the BBS file archives!

  2. This is so awesome! 😀 I’d be cool if you could download an entire archive of this at once, though.

  3. But one thing that puzzles me is the “mtswslnkmcjklsdlsbdmMICROSOFT” string. There is an article about it here. It is definitely worth a read: http://www.os2museum.com/wp/mtswslnk/