Subversion: The Neglected Aspect of Computer Security.

Abstract

This thesis distinguishes three methods of attacking internal protection mechanisms of computers: inadvertent disclosure, penetration, and subversion. Subversion is shown to be the most attractive to the serious attacker. Subversion is characterized by three phases of operations: the inserting of trap doors and Trojan horses, the exercising of them, and the retrieval of the resultant unauthorized information. Insertion occurs over the entire life cycle of the system from the system design phase to the production phase. This thesis clarifies the high risk of using computer systems, particularly so-called 'trusted' subsystems for the protection of sensitive information. This leads to a basis for countermeasures based on the lifetime protection of security related system components combined with the application of adequate technology as exemplified in the security kernel concept. (Author)

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 1980
Accession Number
ADA089935

Entities

People

  • Philip Alan Myers

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Ground and Sea Platforms
  • Human Systems

DTIC Thesaurus Topics

  • Classified Materials
  • Computer Access Control
  • Computer Crime
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Control Systems
  • Cybersecurity
  • Information Security
  • Maintenance Personnel
  • Object Code
  • Operating Systems
  • Security Personnel
  • Subversion
  • System Software
  • Systems Engineering

Readers

  • Cybersecurity.
  • Theoretical Analysis.

Technology Areas

  • Cyber