Design Alternatives for Computer Network Security, Volume 1; Volume 13The Bureau, 1978 - 159 pages |
From inside the book
Results 1-5 of 22
Page 29
... direct data path over which one may send arbitrary con- trol information . This scheme has potential problems of misuse due to the general nature of the data that can be sent on the path . Since encipherment and decipherment by the ...
... direct data path over which one may send arbitrary con- trol information . This scheme has potential problems of misuse due to the general nature of the data that can be sent on the path . Since encipherment and decipherment by the ...
Page 30
... direct data path , but with a predefined set of legal data elements which may be sent . An " indirect " data path in which one specifies the name of a pre - stored control string to be activated ( the pre - storing can be by either ...
... direct data path , but with a predefined set of legal data elements which may be sent . An " indirect " data path in which one specifies the name of a pre - stored control string to be activated ( the pre - storing can be by either ...
Page 40
... direct service to their users , but primarily provide terminal or RJE access to the network and its wide variety of resources . * Regular HOST's may or may not have directly attached terminals : but as shown in the figure such terminals ...
... direct service to their users , but primarily provide terminal or RJE access to the network and its wide variety of resources . * Regular HOST's may or may not have directly attached terminals : but as shown in the figure such terminals ...
Page 46
... direct access to the resource that is to be pro- tected , ( 2 ) the initial cryptographic keying functions of the SC are lost ( they will be shown to add significant security ) , and ( 3 ) the HOST sees the requestor's authenticators ...
... direct access to the resource that is to be pro- tected , ( 2 ) the initial cryptographic keying functions of the SC are lost ( they will be shown to add significant security ) , and ( 3 ) the HOST sees the requestor's authenticators ...
Page 50
... direct implementation . Even though one could map this structure into the single - dimension address space of a computer , the matrix is typically very sparse , and only the non - zero triples of user- object , capabilities need be ...
... direct implementation . Even though one could map this structure into the single - dimension address space of a computer , the matrix is typically very sparse , and only the non - zero triples of user- object , capabilities need be ...
Common terms and phrases
access authorization access control access control matrix access group additional addressing approach aspects audit information basic buffer capabilities checking clear text communications net communications network communications path connection creation considered control commands control information control messages crypto cryptographic devices data and control Data Encryption Standard data processing dialog distributed domain enciphered encipherment encryption devices ensure entities error control fail-secure functions gateway handled HOST computers HOST-level HOST's ICD's identification/authentication implicit initial interface involved issues matrix methods mini-HOST mode multiplexed N-th party accesses N-th party authentication network control programs Network Security Center node object one-time passwords operation pair passwords performed physical and procedural possible private key problems procedural controls processor profile information protection protocol Reference Monitor relay request requestor requirements resource SC-to-SC SC's scheme security control mechanism separate sequence numbers server structure structured programming terminal tradeoffs updates usage utilized
Popular passages
Page iv - In no case does such identification imply recommendation or endorsement by the National Bureau of Standards...