A survey of security issues in office computation and the application of secure computing models to office systems

With the proliferation of office information systems (OIS) into almost every area of industry and government, it is important to design systems that offer a guarantee of privacy and security to their users. The same solutions and research pertaining to traditional data-processing environments cannot, in most cases, be applied directly to the OIS envitonment. Many OIS do not provide the hardware/software controls necessary to protect information from anyone who gains physical access to the system. Furthermore, users of an OIS cannot be expected to possess a clear understanding of the system, its operating characteristics, or even the implication of interconnecting component devices. This paper examines the typical OIS environment with a view toward the provision of a secure operating architecture. Important security problems faced by OIS are enumerated and explained. We argue that the OIS environment presents a different problem to solve in a security sense from when working with a traditional nondistributed system. Existing solutions found in large scale operating systems and networks cannot simply be scaled down and moved to an OIS, if for no other reason than the architecture's inability to support locks and multiple system states. An architecture of both software and hardware controls must be built for this new environment using concepts from large scale operating systems but recognizing the limitations and constraints of OIS. While we emphasize the security issues, we look at alternative technologies that can be combined to provide a solution.