Re: Draft Security Policy
Steven Blair <sblair@synoptics.com> Thu, 18 October 1990 12:58 UTC
Received: from [134.177.32.17] by NRI.NRI.Reston.VA.US id aa03578; 18 Oct 90 8:58 EDT
Received: from excalibur.synoptics.com by mvis1.synoptics.com (5.61/2.1G) id AA03046; Thu, 18 Oct 90 05:56:22 -0700
Received: by excalibur.synoptics.com (4.0/2.0N) id AA29330; Thu, 18 Oct 90 05:56:19 PDT
Message-Id: <9010181256.AA29330@excalibur.synoptics.com>
Date: Thu, 18 Oct 1990 05:56:19 -0700
From: Steven Blair <sblair@synoptics.com>
Quote-Week: Die Yuppie Scum II...the next paycheck..
To: postel@venera.isi.edu, ssphwg@NRI.Reston.VA.US
Subject: Re: Draft Security Policy
Cc: psrg-interest@venera.isi.edu, spwg@NRI.Reston.VA.US
Status: O
I can not understand why this paragraph was even included. It seems to be totally unrelated to the overall document, and would be interested to see if everyone feesl it should potentially deleted: >> Security is understood to include protection of the privacy of >> information, protection of information against unauthorized >> modification, protection of systems against denial of service, and >> protection of systems against unauthorized access or use. ["access" >> covers unauthorized database lookup, for example; "use" covers >> unauthorized logging in to a system.] Let's take this one statement at a time: >> Security is understood to include protection of the privacy of >> information OK, that's fairly clear, and by the "computer" terminology is redundant to the mission of the document. >>protection of information against unauthorized modification OK, that should be better defined, as to not leave ambiguities in that statement. >> protection of systems against denial of service HUH?? >> and protection of systems against unauthorized access or use That's the only realistic statement in the entire paragraph, to me. Mabye a better wording would be: Security includes the protection of private materials and their unauthorized use, modification, and/or access by unauthorized indviduals. Security also includes the system<->system interactions which could impair, or deny services to selected systems. steve blair sblair@synoptics.com hostmaster@synoptics.com
- Draft Security Policy Richard Pethia
- Re: Draft Security Policy postel
- Re: Draft Security Policy Steven Blair
- Re: Draft Security Policy J Paul Holbrook
- Re: Draft Security Policy Steven Blair
- Re: Draft Security Policy Robert E. Van Cleef