Abstract
In order to maintain the integrity of a computing service, it is essential to assume that there is no limit to the ingenuity of men who wish to break the service's security measures and no limit to the carelessness of those parties given responsibility for maintaining its integrity.
From a statement of security requirements from the point of view of the user, the paper discusses the practicalities of satisfying these objectives. This is an extremely demanding task. However, if it is approached in a systematic manner it can often be achieved without any great increase in operating costs.
A great deal of attention has been given to security aspects of hardware and systems software, and consequently the personnel, a vulnerable area, has received little or no attention. The paper explores the contribution that end-user and computer personnel make to computer security through their routine duties. The paper identifies the need for, and the methods to achieve, a logically developed approach to security, to enable those responsible for computing, both end-users and data processing professionals, to identify, evaluate, and deal effectively with their own security requirements. The basic philosophy of physical, document and personnel security must be applied in concert, for if they are applied independently they are ineffective.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Kluwer Harrap Handbooks. ‘Handbook of security'. Kluwer Harrap, Netherlands, 1977.
Hemphill, C.F., and J.M. 'security procedures for computer systems'. Dow Jones-Irwin, Illinois, USA.
Sharrat, J.R. ‘Data control guidelines'. National Computing Centre, Manchester, England, 1974.
Hamilton, P. ‘Computer security’ Cassell Associated Business Programmes, 1972.
Hampshire Regional Health Authority. ‘Report of members enquiry into salary misappropriation at area headquarters'. Hampshire Regional Health Authority, UK, June 1977.
Computerview. ‘The ICI ransom case: some lessons to be learnt'. Computer Weekly, IPC Business Press, 9 Feb., 1978, pp2.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1978 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lane, V.P., Wright, F.G. (1978). Human resources systematically applied to ensure computer security. In: Bracchi, G., Lockemann, P.C. (eds) Information Systems Methodology. ECI 1978. Lecture Notes in Computer Science, vol 65. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-08934-9_105
Download citation
DOI: https://doi.org/10.1007/3-540-08934-9_105
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-08934-6
Online ISBN: 978-3-540-35731-5
eBook Packages: Springer Book Archive