End-User Computing Security Guidelines Previous Screen Ron Hale Payoff Providing Effective Security in an End-User Computing Environment Is a Challenge
86-10-10 End-User Computing Security Guidelines Previous screen Ron Hale Payoff Providing effective security in an end-user computing environment is a challenge. First, what is meant by security must be defined, and then the services that are required to meet management's expectations concerning security must be established. This article examines security within the context of an architecture based on quality. Problems Addressed This article examines security within the context of an architecture based on quality. To achieve quality, the elements of continuity, confidentiality, and integrity need to be provided. Confidentiality as it relates to quality can be defined as access control. It includes an authorization process, authentication of users, a management capability, and auditability. This last element, auditability, extends beyond a traditional definition of the term to encompass the ability of management to detect unusual or unauthorized circumstances and actions and to trace events in an historical fashion. Integrity, another element of quality, involves the usual components of validity and accuracy but also includes individual accountability. All information system security implementations need to achieve these components of quality in some fashion. In distributed and end-user computing environments, however, they may be difficult to implement. The Current Security Environment As end-user computing systems have advanced, many of the security and management issues have been addressed. A central administration capability and an effective level of access authorization and authentication generally exist for current systems that are connected to networks. In prior architectures, the network was only a transport mechanism. In many of the systems that are being designed and implemented today, however, the network is the system and provides many of the security services that had been available on the mainframe.
[Show full text]