Secure Computer System Design
Abstract
Secure computer system design trends are described in the article. Insufficient computer network security led to Internet segmentation to intranets, witch are separated by firewalls. Such processes oppose global network idea. To stop segmentation into secure, but closed segments, the global network security growth is needed. Network security consists of: coding, secure protocols and the trusted computer system. There are three kinds of threats: disclosure of secret information, consistency breach and denial of service. Security mechanisms and architectures are described showing the security mechanism position in the networking model. The analysis has shown that widest opportunities are to implement security mechanisms at application level, but then they depend on running services. Data link, network and transport levels enable security mechanism using without provided services influence. Transport layer security mechanisms are best for information transition through insecure media, while data link layer is most effective securing access. Network architectures are inconsistent: ISO 9478-2 relies on the OSI model and concentrates on interconnection security; SDNS proposes architecture and secure protocols supplementing the TCP/IP stack; ECMA analyse security in distributed systems. Terminology and structure of architectures are inconsistent. Ill.3, bibl.27 (in Lithuanian; summary in Lithuanian, English and Russian).
Downloads
Published
How to Cite
Issue
Section
License
The copyright for the paper in this journal is retained by the author(s) with the first publication right granted to the journal. The authors agree to the Creative Commons Attribution 4.0 (CC BY 4.0) agreement under which the paper in the Journal is licensed.
By virtue of their appearance in this open access journal, papers are free to use with proper attribution in educational and other non-commercial settings with an acknowledgement of the initial publication in the journal.
