A CDE Definition
Computer Security Act
The first step in improving the security and privacy of information contained in federal computer systems. Signed January 8, 1988 by President Reagan, the Act:
Establishes a central authority for developing guidelines for protecting unclassified, but sensitive information stored in government computers.
Requires each agency to formulate a computer security plan, tailored to its own circumstances and based on the guidelines.
Mandates that each agency provide training for its computer employees on the threats and vulnerabilities of its computer systems.
Ensures that the National Security Agency and other defense-related government agencies not control computer security standards in civilian agencies of government. See information security.
The protection of data against unauthorized access. Programs and data can be secured by issuing passwords and digital certificates to authorized users. However, passwords only validate that a correct number has been entered, not that it is the actual person. Digital certificates and biometric techniques (fingerprints, eyes, voice, etc.) provide a more secure method (see authentication). After a user has been authenticated, sensitive data can be encrypted to prevent eavesdropping (see cryptography).
Authorized Users Can Be the Most Dangerous
Although precautions can be taken to authenticate users, it is much more difficult to determine if an authorized employee is doing something malicious. Someone may have valid access to an account for updating, but determining whether phony numbers are being entered requires a great deal more processing. The bottom line is that effective security measures are always a balance between technology and personnel management. See Parkerian hexad, information assurance, security scan, security audit, audit trail, NCSC, ICSA, access control, share-level security, user-level security and social engineering.
Before/After Your Search Term
Terms By Topic
Click any of the following categories for a list of fundamental terms.