A 60-years journey focused in technology evolution and information security, to help us understand some major events and their profound impact on society. Not to persuade us, but to inspire us to think and act.
From supporting societies’ most basic human needs to enabling its most ambitious endeavors in commerce, science, and technology, lifeline services and critical infrastructures underpin modern civilization’s well-being and development. Without them, it would not be possible for governments to ensure people and businesses’ health, safety, and economic security [1]. Lifelines Read more…
The COVID-19 pandemic allows governments to employ “extraordinary measures” in favour of the public good, measure that could have significant effects in information policies (Cornelius, 2010). Government agencies around the world, along with private companies, are collecting and exploiting personal identifiable information (PII) to generate valuable insights to help support the Read more…
I developed the Corporate Service Model Canvas (ESMC) to help address some major issues linked to the lack of maturity recognised in relation to both how to define services and innovate on new value proposals. The ESMCmodel was inspired by a real use case, a customer’s Computer Security Incident Response Read more…
Assigned with the responsibility of designing and delivering a strategy for resolving (im)maturity issues for an information security services consulting company, having experience working with related management standards and best practices such like, my first actions were toward recognising some common operational symptoms of the problematic. Following, a high level Read more…
The results of a 1973 security study of the Multics Computer System are presented detailing requirements for a new access control mechanism that would allow two levels of classified data to be used simultaneously on a single Multics system. The access control policy was derived from the Department of Defense Read more…
With the advent of resource-sharing computer systems that distribute the capabilities and components of the machine configuration among several users or several tasks, a new dimension has been added to the problem of safeguarding computer-resident classified information. The basic problems associated with machine processing of classified information are not new. Read more…
This paper presents the design of a kernel for certifiably secure computer systems being built on the Digital Equipment Corporation PDP-11/45. The design applies a general purpose mathematical model of secure computer systems to an off-the-shelf computer. An overview of the model is given. The paper includes a specification of Read more…
The military has a heavy responsibility for protection of information in its shared computer systems. The military must insure the security of its computer systems before they are put into operational use. That is, the security must be “certified”, since once military information is lost it is irretrievable and there Read more…
The DoD has established a Computer Security Initiative to foster the widespread availability of trusted computer systems. An essential element of the Initiative is the identification of criteria and guidelines for evaluating the internal protection mechanisms of computer systems. This report documents a proposed set of technical evaluation criteria. These Read more…