Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Security implications of personal computer connectivity

Technical Report ·
OSTI ID:6685815
To prepare for future investigations into the security implications of interconnecting personal computers (PCs) and specific sensitive and classified Department of State computer systems and networks, the Joint Center for Information Security Technology has performed a study of the effect that linking PCs to typical host computers or networks can have on the security of both the PCs and host systems. This report summarizes the findings of the study, which consisted of an extensive literature survey and a thorough examination of several capabilities present in a PC that do not exist in a typical computer video display terminal (VDT). Significant host vulnerabilities result from the PC's intelligence and programmability, its local storage capability, its hardware and software configurability, and its ability to accommodate a wide variety of peripheral devices. The most significant requirement for a safe connection identified by this report is a carefully designed, implemented, and maintained PC hardware and software configuration control program. Critical consequences of this connection will be to increase the scope of responsibility and the background preparation required of the PC and host Information System Security Officers. This phase of the study was not intended to produce specific recommendations for correcting identified vulnerabilities, but it is clear that allowing connection of PCs to any given host without implementing a set of security controls carefully matched to the particular systems being interconnected is dangerous. Each of the issues raised in this report should be examined for applicability to the specific connection being considered.
Research Organization:
Oak Ridge National Lab., TN (USA)
DOE Contract Number:
AC05-84OR21400
OSTI ID:
6685815
Report Number(s):
ORNL/TM-10978; ON: DE89003423
Country of Publication:
United States
Language:
English

Similar Records

Introduction to EIA's personal computers and software: Student text
Technical Report · Fri Sep 02 00:00:00 EDT 1988 · OSTI ID:6821242
Personal computer security software tools
Technical Report · Wed Jun 01 00:00:00 EDT 1988 · OSTI ID:6905666
Personal computer applications in DIII-D neutral beam operation
Journal Article · Fri Aug 01 00:00:00 EDT 1986 · Rev. Sci. Instrum.; (United States) · OSTI ID:5405361

Related Subjects

99 GENERAL AND MISCELLANEOUS
990220* -- Computers
Computerized Models
& Computer Programs-- (1987-1989)
COMPUTER NETWORKS
COMPUTERS
DIGITAL COMPUTERS
INFORMATION SYSTEMS
MICROCOMPUTERS
PERSONAL COMPUTERS
SECURITY