Data Security (Indiana, 1978)
Jonathan Ledlie April 26, 2000 CS 736 

This survey 
paper covers the range of internal security problems inherent in most computer 
systems in 1978, most of which are still very relevant today.  It divides this realm 
of security into four fields: access, flow, inference, and encryption.  Three 
points which I liked about this paper’s ideas are:  In the access methods section, I 
thought their assumptions themselves provided some interesting problems.  The 
requirement that “privilege information is heavily protected” reminded me of 
using root-read-only /etc/shadow files to prevent brute force attacks on 
passwords. The history-dependent access restrictions seem very similar to 
preventing inference, especially in their degree of difficulty.  I think the only 
safe way to prevent inference is to assume any user will ask all of its queries; thus, 
if the sum of these queries is more information than you want to divulge, you nee to 
restrict your queries.  Sill, generating thus sum seems intractable. The final 
paragraph of the paper challenges the reader – I think this is a good way to end a 
survey paper.  It says that no solution is perfect, but perhaps we can make our 
systems secure enough so that it is not worth the “white collar criminal’s” time to 
try to break in.  N1) The major difficulty with the paper, from today’s perspective, 
is that it does not emphasize network security enough.  Network daemons which are a 
huge tangible security problem – like in cases where their stack gets scribbled on – 
I think could have deserved a special discussion here.  They are hinted at, however, 
in the section about not giving too much access to a process which does not need it