A Case Study Of Evaluating Security In An Open Systems Environment
Author
Daniel Tobat,Errol S Weiss
Abstract
The goal of this paper is to describe a case study of a computer
security evaluations effort conducted on a system known as the
Office Automation Network (OAN). The OAN is representative of many
of today's networked systems by being a heterogeneous mix of
system components connected to open systems such as the Internet.
The OAN differs from the typical systems in that security was a
design and implementation objective, and that it was subjected to an
extensive six month evalutation effort by an experienced vulnerablility
testing team. The vulnerablility testing yielded some surprising
results which demostrated that it is possible in today's environment
to have an Automated Information System (AIS) connected to open
systems such as the Internet and still have an effective security
posture.
Journal
19th NISSC Precedings 1996
Publication Date
0000-00-00
Location
A hard-copy of this is in the Papers Cabinet