The Protection of Information in Computer Systems

Last updated

The Protection of Information in Computer Systems
Created1975
Author(s)
Subject Information security

The Protection of Information in Computer Systems is a 1975 seminal publication by Jerome Saltzer and Michael Schroeder about information security. [1] [2] The paper emphasized that the primary concern of security measures should be the information on computers and not the computers itself. [3]

Contents

It was published 10 years prior to Trusted Computer System Evaluation Criteria, commonly known as the Orange Book. [4]

Design principles

The following design principles are laid out in the paper:

See also

References

  1. Smith, Richard E. (November 2012). "A Contemporary Look at Saltzer and Schroeder's 1975 Design Principles". IEEE Security & Privacy . 10 (6): 20–25. doi:10.1109/MSP.2012.85. ISSN   1540-7993. S2CID   13371996.
  2. Seeley, Nicholas. "Seminal Papers in Cybersecurity: A Review (Part 2 of 2)". Schweitzer Engineering Laboratories . Retrieved 2024-11-11.
  3. Samonas, Spyridon; Coss, David (2014). "The CIA Strikes Back: Redefining Confidentiality, Integrity and Availability in Security". Journal of Information Systems Security. 10 (3): 21–45.
  4. Smith, Sean; Marchesini, John (2007). The Craft of System Security. Pearson Education. ISBN   9780132797542.