You can't eliminate accidents, but you can make provisions for recovering from them. Backup
procedures, which include making copies of the storage media which contain your programs and
important files, are a key element of computer security.
Users should make backup copies any time they process any information, but unfortunately it often
takes the loss of an important file before users become "converts" to the routine of regular backup.
The commander and ISSO for each unit will establish procedures for regular and systematic backup,
but as a "rule of thumb:"
1. As soon as you get a new program, back it up. An accident can damage a brand new
program disk, so make the backup b you use the program even once. Make a backup, then try the
program.
2. Each time you change or update a fib, back it up. if your disk is damaged after you have
made extensive changes, you may forget what you changed and the updated information may be lost.
At a minimum, it will take you considerable time and effort to reconstruct the changes.
3. If you store all of your programs and information on your computers hard disk, make sure
that you have all of your programs and all of your information on backup floppy disks.
4. Keep in mind that an accident might damage all your disks, to include your backups. So,
make yourself more than one set of backups and keep them in different locations.
Part G: Technologies of Computer Protection
The following gives a brief description of the main technologies of defense and some of their potential
vulnerabilities. In describing vulnerabilities, this course does not mean to suggest that the
technologies are riddled with holes or useless, only that they may not be foolproof. Particular
attention is given to two recent technologies, location-based authentication and key escrow
encryption.
Authentication. These technologies are used to determine the authenticity of users, network nodes,
and documents. They are typically based on knowledge of secret information such as a password,
PIN, or cryptographic key, possession of a device such as an access token or crypto card; and
biometrics such as a thumb print or iris pattern. While all of these methods are valuable, they also
have limitations Secret information may be vulnerable to guessing and cracking, hardware tokens to
theft, and biometrics to false positives, false negatives, and replay. In addition, authentication
controls are potentially vulnerable to subversion or by-pass.
Location- based authentication. International Series Research, inc. of Boulder, Colorado, has
developed a new technology for authentication, called CyberLocatorTM, which uses space geodetic
methods to authenticate the physical locations of users, network nodes, and documents. This is
accomplished through a location signature sensor, which uses signals from the Global
Previous Page
