The system used. For simple batch processing number

The security control in resource sharing system was major
threat in 1960’s.It was becoming a topic of concern to defense contractors and
to military operations. Thus, Advanced Research Project Agency (ARPA) formed a
task force under the
support of Defense Science Board which was later published by The Rand
Corporation to study and recommend hardware and software safeguard
information in multi-access resource sharing computer system.

With the emerging fashion of resource sharing computer
system that distributes machine configuration among several users, a new
dimension has been added to the problem of safeguarding computer stored
information. Rapid increase in use of resource sharing system introduced
security complexities.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

From the start of wide use of computers in military and
defense to the current date, when the resource sharing is done worldwide, more
and more complexities are being introduced. Firstly, security problem is not
unique to any one type of computer system but is applied to the spectrum of
computational technology. Secondly, resource sharing system has become medium
through which external users can easily penetrate data and program. Thus the
protection of data and program is done by designers and manufacturer of
resource sharing through time to time by updating hardware and software.
Security system should be variant according to the type of computer system
used. For simple batch processing number of jobs and transactions were
processed manually. Thus, when the sensitive materials harm can cause in erase
of data in no time i.e. sensitive information were directly linked to physical
devices. To protect those sensitive data the materials were removed from the
system. But in advanced multiprogramming system, all the jobs were assigned by
the system itself thus in data protection the physical devices i.e. hardware
and software should be updated time to time. According to user capabilities,
the computer system is divided into many kinds. File query system enables user
to execute limited application program in system which cannot be altered by
user. Interpretive system provide user the programming capability only in terms
of the input symbols that computer operation denotes. Compiler system provide
user to program in limited languages and compiler was added for computer to
understand those languages. Full programming system gave user extensive
programing capability. These division of computer system brought a series of
vulnerabilities both in hardware and software. There can be accidental
disclosure of component’s equipment which has sensitive information or can
deliberately penetrate of the information or system itself by another
user.  Third party can actively penetrate
the party’s information by getting into their system and getting their private
information. The third party also may monitor the information of a system or
communication channel without any attempt to interfere or manipulate system.

System designers has great role in making the computer
channel secure. The system designers must be aware of all the points of
vulnerabilities and must look out all possible leakage points to provide
adequate mechanism and prevent the accidental events. The leakage points can be
classified into five groups: physical surroundings, hardware, software,
communicational links and organizational procedures. Safeguarding information
in computer system is achieved by combination of protection features aimed at
different areas of leakage points. Physical protection can be achieved by
protecting computer equipment and its terminals such as removable printouts,
punch cards, etc. Hardware leakage are the malfunction that can directly result
in leakage or failure of security protection mechanism elsewhere in system.
These type of failure mostly affect malfunctioning of circuits for such
protection as bound registers, memory read-write protect, privileged mode
operation or priority interrupt causing , for example: single bit error.
Software leakage include all vulnerabilities directly related to the software
in computer system. Operating system and supplementary programs that supports
operating system contain the software safeguard from which most leakage is
done. Communication leaking includes the central processor, switching center
and remote terminal as a potential vulnerability.  Wire trapping can be used to steal
information.

Regarding
the policy consideration and recommendation the study has various conclusions
for maintaining, storing and safeguarding the classified information and data.
It is concluded that the head of the department is responsible for the proper
operation of the secured computer system. The system should only be handled by
the authorized designated personnel. The computer system shall grant access
only to the authorized personnel having proper security clearance. While the
information are stored in a computer system it should be protected with
specific keys, password and authentication .The information should be properly
verified, carefully handled and maintained and should be regularly monitored.
Anyone using that classified information shall be required to identify
himself/herself and to authenticate his identity at any time requested. The
information and data must be structured in an organized way with proper
labeling and classification under some strict security parameter .where required
by applicable regulation, receipts shall be obtained from any users who have
received classified information from the system. Allocation, use and erasure of
storage resources of all types of computing shall be handled by the system and
operational procedure so that the information cannot be leaked anyway. The
taskforce has also suggested that specific proper test and techniques is the
necessity to ensure proper sanitization of storage media. With the increasing
threat it is compulsory for having certified system for measuring, testing, and
evaluating the effectiveness of security and controlling features of a system.
Just keeping the information secured is not enough, it should be inspected
regularly so that no any alteration, duplication, misconduct and leakage will
happen. Also the system must be maintained timely by the designated authority.