LISTSERV - HP3000-L Archives

HP3000-L Archives

September 1998, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L September 1998, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Logon Security (was: Can't initiate new sessions now)
From:	Tom Madigan <[log in to unmask]>
Reply To:	Tom Madigan <[log in to unmask]>
Date:	Fri, 4 Sep 1998 17:58:11 EDT
Content-Type:	text/plain
Parts/Attachments:	text/plain (143 lines)

Wirt:

Try explaining that to an auditor who is breathing down your neck and looking
to rack up points with his manager.  At my former job, it appeared as if the
auditors were passing out gold stars for every roadblock that I could pop up
in front of a user.

In addition to the account and user passwords, we also had a separate password
that each user had to supply in order for him/her to access the appropriate
application menu level.  That's THREE passwords a user had to remember in
order to log in to the HP!  No wonder it was easy for me to find passwords
written on Post-It notes underneath keyboards.  I think that we're pushing the
limits of "user recall" when we ask him to key in three passwords, each of
which was unduplicated (or should be!) and each of which was changed or
required to be changed at different times.  This is considered making life
EASIER for the end user??  Geesh!!

We, too, used the "file drawer" analogy when explaining our security
considerations to auditors.  Being entrusted with the users' data, we felt
that it was our sacred duty to make sure that NO unauthorized person could
even get close to the users' data let alone alter or destroy it.  We appealed
to common sense:  it is important to safeguard data and software; it is also
important that a legitimate user can get to his data without writing his last
will and testament every time he signs on!!  Nearly always, however, the
auditor with his "take no prisoners" attitude could win simply by THREATENING
to write a "management point."

I strongly agree, however, that a system should reveal as little about its
operation or status to anyone except a legitimate member of the community. In
this regard, I remember chuckling when using the old DecSystem 10.  It was
possible, without ever having to sign on or even be an actual user, to find
out who was using the system and what they were running.

Tom Madigan
"So close to leaving" Newport News, Virginia

Wirt Atmar wrote:

> Mark Landin writes:

> 

> > One tenet of computer security is that you give unauthorized users as

> >  little information as possible about the system they are trying to

> >  access.

> >

> >  I guess I don't see having to successfully login before being told

> >  that the machine can't service your login, or that some other thing is

> >  unavailable, as being a serious problem. You may disagree, of course.

> 

> Actually, I strongly agree. I've always considered giving out any form of

> information to a non-authorized user to be a relatively profound breach of

> security.

> 

> However, I don't want that statement to be taken out of context. To change
the

> subject just a bit, I've also always believed that once a user proves his or

> her worthiness, all security considerations should completely disappear and

> the user should be free to do whatever he or she needs to do to be
productive.

> 

> If there's any trend that I've noticed over the last ten years, it's been
the

> increasing tendency of data processing managers to put an increasing number
of

> impediments between valid business users and their capacity to use data on
the

> HP3000 -- and this is killing their capacity to get their work done.

> 

> The people who are the business users are the same people who, 30 years ago,

> extracted their data from steel filing cabinets in paper form. Very few of

> these people ever set fire to the filing cabinets then and very few of them

> want to burn down the system now. And if they do -- that's precisely why you

> do backups, a protection that wasn't even readily available 30 years ago.

> 

> Ultimately, you have to trust people if any productive work is to be done.

> 

> Reasonable security precautions are one thing, irrational fears are another.

> 

> A reasonable estimate of true, placing-the-company-at-risk threats to an

> HP3000's data probably proceed in an order something like this:

> 

>          o  Fire

>          o  Unintentional, unobserved damage to a database

>          o  Flood

>          o  Intentional, malicious damage

> 

> with each category being a tenth the probability of the one above it. In
every

> particular case, the solution is obtained by maintaining good, non-rotating,

> off-site backups frequently.

> 

> Wirt Atmar

____________________________________________________________________
More than just email--Get your FREE Netscape WebMail account today at http://home.netscape.com/netcenter/mail

ATOM RSS1 RSS2

RAVEN.UTC.EDU