Data Security Management in Distributed Computer Systems
Armoni, Adi, Informing Science: the International Journal of an Emerging Transdiscipline
Every organization should be concerned about protecting data against intruders, for the organization's ability to survive depends on the availability, comprehensiveness and reliability of its financial and organizational data.
Security has become more complicated with the expanded use and networking of personal computers. At present, the local networks and the connections between the large and small computers are such that each of them takes part in the application. The application as a whole appears to be located on the user's computer, but in fact each user and each application has access to, and sometimes even control over, organizational data on various computers and storage facilities. Obviously, such openness invites unauthorized use, and requires data security coordination and management (Appelton, 1997).
Unfortunately, many companies do not deal with data security and network management problems until there is a crack in the network.
To protect vital information, the companies must set up a sound security system before the network is intruded. This involves identification of the security risks, applying sufficient means of security, and teaching the users data security awareness.
The most important part of distributed systems is its joint data network which is the nerve center of the organization and tends to grow with the development of the organization and the development of technology.
Sometimes the network will connect a number of independent organizations with management and other servers to form the distributed system. For example, it is possible to describe an organizational network in a large organization with a large number of divisions and departments (Bellovin, 1997).
The increase of connections results in greater interdependency of the systems and constitutes an environment with many challenges for data security management (Herald, 1998; Guynes, 2000).
Traditional distributed systems enable users to use data and applications on distant networks without confining them to networks that they are directly connected to. In client/server systems the traditional functionality of the mainframe is divided into two:
* A user interface and a nucleus of one or more applications activated at the peripheral station defined as a "client".
* Management of the database and part of the application activated on another system defined as a "server".
Through this division each component in the network may carry out the work for which it is most suited. The two parts of the application are connected via special software enabling transfer of messages between the client and the server. Client/server applications are very flexible and allow users to access databases on various networks all via a graphic interface, which does not exist on mainframe systems (Neuman, 1998).
Data security management general problems
Unfortunately, development of data security in distributed systems takes place simultaneously with the development of the network, as described above.
Development in stages may result in an increase of the sensitive points in the network security, as described hereunder (Sanders, 2000).
In some non automatic security subsystems, manual login mechanisms force users to type their user name and password. Not only does this make the system inefficient, it even exposes the data security mechanism, for the users often write down their password on paper next to their working station, for everyone to see (White, 1999).
Furthermore, most users do not make a habit of changing their passwords every so often and continue using the same password over and over again.
Security system components in distributed computer systems
Distributed computer systems pose four main security components: security authentication, authorization, access control and encryption. …