BIBLIOGRAPHY OF COMPUTER SECURITY ARTICLES 
                        1983 THROUGH 1988

(Note:  A bibliograpghy is now being developed to encompass
1989.) 

                        AUTHORS SPECIFIED

                       ABUSE/MISUSE/CRIME

                                                             
          AUTHOR:   Associated Press                          
                                                             
          TITLE OF ARTICLE:  Jury Selection In 1st "Virus"    
                            Trial Begins                     
                                                             
          NAME OF PERIODICAL:  Washington Post                
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:   277                         
          ISSUE DATE:  September 7, 1988                      
          PAGE NUMBER(S):  C1                                 
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION:  This article is about a programmer    
         accused of using a computer "virus" to sabotage     
         thousands of records at his former work place.      

                                                        
          AUTHOR:  Atkinson, L.V.                             
                                                             
          TITLE OF ARTICLE:  Fraud:  Input Data Most          
                            Vulnerable                       
                                                             
          NAME OF PERIODICAL:  Computerworld UK               
                                                           
          VOLUME OF PERIODICAL:  2                            
          NUMBER OF PERIODICAL:  21                           
          ISSUE DATE:  September 2, 1981                      
          PAGE NUMBER(S):  10                                 
          CATEGORY:  Abuse/Misuse/Crime       
         DESCRIPTION:  Article discusses a survey which        
         found that the major danger to computers was the    
         alteration of input data.                           

                                                         
          AUTHOR:  Baker, R.H.                                
                                                             
          TITLE OF ARTICLE:  Lining Up Computer Crooks        
                                                             
          NAME OF PERIODICAL:  Micro Communications           
                                                             
          VOLUME OF PERIODICAL: 2                             
          NUMBER OF PERIODICAL: 5                             
          ISSUE DATE:  May 1985                               
          PAGE NUMBER(S):  18-22                              
          CATEGORY:  Abuse/Misuse/Crime
          DESCRIPTION:  This article looks at crime patterns  
         of microcomputer users breaking into mainframes.    
         Ways in which these patterns can be learned and then
         stopped is discussed.                               

                                                           
          AUTHOR:  Bequai, A.                                 
                                                             
          TITLE OF ARTICLE:  What to do About Crime in the    
                            Electronic Office                
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:  101                          
          NUMBER OF PERIODICAL:   1                           
          ISSUE DATE:  January 1985                           
          PAGE NUMBER(S):  101-104                            
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION:  This article discusses the important  
         role that auditing computer systems plays in        
         preventing crimes and abuse.                        


          AUTHOR:  Betts, M.                                  
                                                             
          TITLE OF ARTICLE:  Government's Computers           
                            "Highly Vulnerable" to Abuse     
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:  18                           
          NUMBER OF PERIODICAL:  40                           
          ISSUE DATE:  October 1984                           
          PAGE NUMBER(S):  4                                  
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION: Discusses how highly vulnerable the    
         federal government's computers are to abuse, and a  
         congressman who is seeking to change that           
         vulnerability.                                      

                                                             
          AUTHOR:  Blakeney, S.                               
                                                             
          TITLE OF ARTICLE: Computer Crime:  A Worldwide      
                           Concern                           
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:  17, 18                       
          NUMBER OF PERIODICAL:  52, 1                        
          ISSUE DATE:  December 26, 1983, January 1984        
          PAGE NUMBER(S): 57-60                               
          CATEGORY:  Abuse/Misuse/Crime                          
          DESCRIPTION:  This article looks at computer crime  
         as a worldwide problem. The most common types of    
         computer crimes are given along with the estimated  
         losses in various countries throughout the world.   

                                                             
          AUTHOR:   Bologna, Jack                             
                                                             
          TITLE OF ARTICLE:  Computer Related Crime: The Who, 
                            What, Where, When, Why and How   
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  10                           
          NUMBER OF PERIODICAL:   1                           
          ISSUE DATE:  Winter 1986                            
          PAGE NUMBER(S):  19-23                              
          CATEGORY:  Abuse/Misuse/Crime                       
         DESCRIPTION: This article looks at computer related 
         crime from the perspectives of the individual       
         criminal, environmental factors, organization       
         cultures, incidence rate, and security              
         countermeasures.                                    

                                                             
          AUTHOR:  Bramer, W.L.                               
                                                             
          TITLE OF ARTICLE:   Computer and Data Security is   
                             Battle Cry to the '80s          
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:  103                          
          NUMBER OF PERIODICAL:  3                            
          ISSUE DATE:  March 1986                             
          PAGE NUMBER(S):  78-82                              
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION: This article discusses the number of   
         organizations that are looking at their security    
         procedures and programs to deter computer abuse. The
         three main causes of security problems are          
         described.                                          

                                                             
          AUTHOR:   Carey, Cameron                            
                                                             
          TITLE OF ARTICLE:   Data Access Control: Help or    
                             Hindrance                       
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL: 11                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  Fall 1987                              
          PAGE NUMBER(S):  18-20                              
          CATEGORY: Access Control                            
         DESCRIPTION: This article discusses limiting access 
         to data and how to make access control protection   
         more of a help than a hindrance by developing a set 
         of priorities about various classes of data.        
                                                             
          AUTHOR:   Edwards, M.                               
                                                             
          TITLE OF ARTICLE:  The Sting in a Micro's Tail      
                                                             
                                                             
          NAME OF PERIODICAL:  Practical Computing            
                                                             
          VOLUME OF PERIODICAL:  6                            
          NUMBER OF PERIODICAL:  12                           
          ISSUE DATE:  December 1983                          
          PAGE NUMBER(S):  108-109                            
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION:  How criminals exploit information     
         technology is described in this article along with  
         ways to stop them.                                  

                                                             
          AUTHOR:   Elmer-Dewitt, Phillip                     
                                                             
          TITLE OF ARTICLE: Invasion of the Data Snatchers!   
                                                             
          NAME OF PERIODICAL:  Time Magazine                  
                                                             
          VOLUME OF PERIODICAL:  123                          
          NUMBER OF PERIODICAL:  13                           
          ISSUE DATE:  September 26, 1988                     
          PAGE NUMBER(S):  62-67                              
          CATEGORY:  Abuse/Misuse/Crime                       
         DESCRIPTION:  Discusses the current threat to       
         computer systems posed by computer viruses. Computer
         viruses are defined and several examples of viruses 
         are given.                                          

                                                           
          AUTHOR:  Johnson, B.                                
                                                             
          TITLE OF ARTICLE:  Criminal Minds Keep Pace with    
                            Technology. Stop, Thief!         
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:  15, 16                       
          NUMBER OF PERIODICAL:  52, 1                        
          ISSUE DATE:  December 28, 1981, January 4, 1982     
          PAGE NUMBER(S):                                     
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION:  This article looks at some of the     
         common problems that the DP industry faces today    
         including computer security, asset protection, and  
         computer fraud prevention.                          

                                                             
          AUTHOR:   Kluepfel, Henry M.                        
                                                             
          TITLE OF ARTICLE:   Computer Security for the       
                             Abuser Friendly Environment     
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 9                             
          NUMBER OF PERIODICAL: 2                             
          ISSUE DATE:  November/December 1984                 
          PAGE NUMBER(S): 16-20                               
          CATEGORY:  Abuse/Misuse/Crime                       
         DESCRIPTION: This article discusses the underlying  
         lack of adequate controls in computer systems and   
         their relation to computer abuse and crime.         

                                                             
          AUTHOR:  Kull, D.                                   
                                                             
          TITLE OF ARTICLE:  How to Make Even E.F. Hutton     
                            Listen                           
                                                             
          NAME OF PERIODICAL:  Computer Decisions             
                                                             
          VOLUME OF PERIODICAL:  17                           
          NUMBER OF PERIODICAL:  18                           
          ISSUE DATE:  September 1985                         
          PAGE NUMBER(S):  42-50                              
          CATEGORY: Abuse/Misuse/Crime                        
          DESCRIPTION: The most effective way for an          
         organization to prevent breaches in a computer      
         system is to plug the holes that have already been  
         used to violate the system and identify the         
         intruders.                                          

                                                             
          AUTHOR:  Lasden, Martin                             
                                                             
          TITLE OF ARTICLE:  Computer Crime                   
                                                             
          NAME OF PERIODICAL:  Computer Decisions             
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  June 1981                              
          PAGE NUMBER(S):  104-106, 108 112, 116, 118, 120,   
                          122, 124                           
          CATEGORY:   Abuse/Misuse/Crime                      
          DESCRIPTION:  This article discusses actual computer
         crimes that have taken place and the factors that   
         escalate the risk of an organization from these     
         types of crime.                                     

                                                            
          AUTHOR:  Lucas, D.                                  
                                                             
          TITLE OF ARTICLE:  The Invisible Enemy              
                                                             
          NAME OF PERIODICAL:  Business Computing and         
                              Communication                  
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  February 1985                          
          PAGE NUMBER(S): 18-20                               
          CATEGORY: Abuse/Misuse/Crime                        
          DESCRIPTION: This article describes how home        
         computer users are breaking into some of Britain's  
         mainframe computers. Various procedures that can    
         protect against intrusion are also discussed by the 
         author.                                             
                                                             
          AUTHOR:  McKibbin, W.L.                             
                                                             
          TITLE OF ARTICLE:  Who Gets The Blame For Computer  
                            Crime                            
                                                             
          NAME OF PERIODICAL:  Infosystems                    
                                                             
          VOLUME OF PERIODICAL: 30                            
          NUMBER OF PERIODICAL:  7                            
          ISSUE DATE:  July 1983                              
          PAGE NUMBER(S):  34-36                              
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION: MIS managers are ultimately responsible
         for the security of their computers. Since they are 
         responsible they should make sure upper management  
         is aware of the vulnerabilities of their computers. 

                                                             
          AUTHOR:  Mylott, T.R.                               
                                                             
          TITLE OF ARTICLE:  Computer Security and the        
                            Threats from Within              
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:   101                         
          NUMBER OF PERIODICAL:   3                           
          ISSUE DATE:  March 1985                             
          PAGE NUMBER(S):   45-46, 190                        
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION: This article explains that the greatest
         computer-related danger to a company may be from    
         internal threats by employees.                      

                                                             
          AUTHOR:   White, L.                                 
                                                             
          TITLE OF ARTICLE:  Data Security - You Can't        
                            Work Without It                  
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:  19                           
          NUMBER OF PERIODICAL:  11A                          
          ISSUE DATE: March 1985                              
          PAGE NUMBER(S):  27-30                              
          CATEGORY:  Abuse/Misuse/Crime                       
          DESCRIPTION: The problem of the disgruntled employee
         or ex-employee who sabotages a computer system is   
         seen as more of a threat than an outside hacker.    

                                                             
          AUTHOR:   Zalud, Bill                               
                                                             
          TITLE OF ARTICLE:  Security and DP Cooperate to     
                            Attack Computer Crime            
                                                             
          NAME OF PERIODICAL:  Security                       
                                                             
          VOLUME OF PERIODICAL:   24                          
          NUMBER OF PERIODICAL:   10                          
          ISSUE DATE:   October 1987                          
          PAGE NUMBER(S):  52-56, & 58                        
          CATEGORY:   Abuse/Misuse/Crime                      
         DESCRIPTION: This article stresses teamwork as      
         computer crime becomes a company fact of life by    
         effectively cuts across a number of functional      
         areas.                                              

                       ACCESS CONTROL

                                                            
          AUTHOR:  Avarne, Simon                              
                                                             
          TITLE OF ARTICLE:   How to Find Out a Password      
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  12                           
          NUMBER OF PERIODICAL:   2                           
          ISSUE DATE:  Spring 1988                            
          PAGE NUMBER(S):   16-17                             
          CATEGORY:  Access Control                           
         DESCRIPTION:  This article gives examples of how to 
         discover someones password and discusses weaknesses 
         of traditional passwords.                           

                                                             
          AUTHOR:  Betts, M.                                  
                                                             
          TITLE OF ARTICLE:  NBS Releases Standards For       
                            Managing Password Security       
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   28                          
          ISSUE DATE:  July 1985                              
          PAGE NUMBER(S):  19                                 
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION:  This article talks about how the      
         National Bureau of Standards has completed a two-   
         part publication dealing with password systems.     

                                                             
          AUTHOR:   Bowmen, Terry                             
                                                             
          TITLE OF ARTICLE:  Undercarpet Fiber Optics         
                                                             
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  11                           
          NUMBER OF PERIODICAL:   2                           
          ISSUE DATE:  Spring 1987                            
          PAGE NUMBER(S):  23-26                              
          CATEGORY:  Access Control                           
         DESCRIPTION: This article discusses how fiber optics
         offer better security than copper cable undercarpet.
         It also includes how to plan an undercarpet system. 

                                                             
          AUTHOR:   Clyde, Allen R.                           
                                                             
          TITLE OF ARTICLE:  Insider Threat on Automated      
                            Information Systems              
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  11                           
          NUMBER OF PERIODICAL:   4                           
          ISSUE DATE:  Fall 1987                              
          PAGE NUMBER(S):  11-14                              
          CATEGORY:  Access Control                           
         DESCRIPTION:  This articles discusses activities to 
         detect sources of abuse that are not widely         
         implemented.                                        


                                                             
          AUTHOR: Davidson, Thomas L. and                     
                 White, Clinton E. Jr.                       
          TITLE OF ARTICLE:  How to Improve Network Security  
                                                             
          NAME OF PERIODICAL:  Infosystems                    
                                                             
          VOLUME OF PERIODICAL:  30                           
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE: June 1983                               
          PAGE NUMBER(S):  110-112                            
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION: This article discusses the need to     
         protect network systems using software locks,       
         authorization schemes, logs, and data encryption.   


                                                            
          AUTHOR: Diamond, F.H.                               
                                                             
          TITLE OF ARTICLE: Computer Network Security:  The   
                           Need Was Never Greater            
                                                             
          NAME OF PERIODICAL:   Office                        
                                                             
          VOLUME OF PERIODICAL:  102                          
          NUMBER OF PERIODICAL:  2                            
          ISSUE DATE:  August 1985                            
          PAGE NUMBER(S):  94-99                              
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION: This article discusses the advantages  
         of using the callback approach in computer networks 
         to prevent hackers from getting onto a system.      


                                                             
          AUTHOR:  Fisher, M.J.                               
                                                             
          TITLE OF ARTICLE: New Security Device "Fingers"     
                           Culprit                           
                                                             
          NAME OF PERIODICAL:   MIS Week                      
                                                             
          VOLUME OF PERIODICAL:  6                            
          NUMBER OF PERIODICAL:  35                           
          ISSUE DATE:  September 1985                         
          PAGE NUMBER(S):   12                                
          CATEGORY:   Access Control                          
                                 
         DESCRIPTION:  This article describes a new product  
         that uses a fingerprint device to verify a user's   
         identity and then allow access on the computer      
         system.                                             


                                                             
          AUTHOR:  Horgan, J.                                 
                                                             
          TITLE OF ARTICLE:  Thwarting The Information Thiefs 
                                                             
          NAME OF PERIODICAL:  IEEE Spectrum                  
                                                             
          VOLUME OF PERIODICAL:  22                           
          NUMBER OF PERIODICAL:  7                            
          ISSUE DATE: July 1985                               
          PAGE NUMBER(S):  30-41                              
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION:  Many organizations are protecting     
         their communication output from electronic          
         interception by trying to detect and foil the       
         surveillance using a variety of methods.            

                                                            
          AUTHOR:   Jackson, Carl B.                          
                                                             
          TITLE OF ARTICLE:  Passwords:  Comments from the    
                            Information Systems Security     
                            Association                      
          NAME OF PERIODICAL:   Security                      
                                                             
          VOLUME OF PERIODICAL:  24                           
          NUMBER OF PERIODICAL:   7                           
          ISSUE DATE:  July 1987                              
          PAGE NUMBER(S):  105                                
          CATEGORY:   Access Control                          
         DESCRIPTION: Discusses relevant security issues and 
         how to bring an appropriate degree of LAN           
         information security to your organization.          


                                                             
          AUTHOR:  Kontur, J.S. and Letham, L.                
                                                             
          TITLE OF ARTICLE:  Locking Up System Security       
                                                             
                                                             
          NAME OF PERIODICAL:  Electronic Week                
                                                             
          VOLUME OF PERIODICAL:   58                          
          NUMBER OF PERIODICAL:   7                           
          ISSUE DATE:  February 18, 1985                      
          PAGE NUMBER(S):  68-72                              
          CATEGORY:   Access Control                          
                                 
         DESCRIPTION:  This article describes a system that  
         cannot be broken into by unauthorized users. It uses
         a random-number generator and encryption logic.     


                                                             
          AUTHOR:  Korzeniowski, P.                           
                                                             
          TITLE OF ARTICLE: Security Dynamics Releases Two-   
                           Part Security System              
                                                             
          NAME OF PERIODICAL:   Computerworld                 
                                                             
          VOLUME OF PERIODICAL:  19                           
          NUMBER OF PERIODICAL:  42                           
          ISSUE DATE: October 1985                            
          PAGE NUMBER(S):  19, 23                             
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION:  This article discusses a product      
         Security Dynamics has designed that is an           
         inexpensive security protection device which keeps  
         hackers out of systems.                             

                                                            
          AUTHOR:  McCarthy, Charles J.                       
                                                             
          TITLE OF ARTICLE:  Passwords                        
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 10                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  Fall 1986                              
          PAGE NUMBER(S):  13-14                              
          CATEGORY:  Access Control                           
         DESCRIPTION:  This article discusses the two primary
         password configurations passwords defined by user,  
         and passwords assigned to a user. It shows the      
         differences between these two from a security view. 

                                                             
          AUTHOR:  Meason, Robert                             
                                                             
          TITLE OF ARTICLE:  System Security at the Terminal  
                                                             
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  10                           
          NUMBER OF PERIODICAL:   4                           
          ISSUE DATE:  Fall 1986                              
          PAGE NUMBER(S):  16-17                              
          CATEGORY:   Access Control                          
         DESCRIPTION: This article discusses considerations  
         of MIS management protection of the processor from  
         access by unauthorized users.                       

                                                             
          AUTHOR:  Muzerall, Joseph V. and Carty, Thomas J.   
                                                             
          TITLE OF ARTICLE:   COMSEC and Its Need for Key     
                             Management                      
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 11                            
          NUMBER OF PERIODICAL:  2                            
          ISSUE DATE:  Spring 1987                            
          PAGE NUMBER(S):  11-14                              
          CATEGORY:  Access Control                           
         DESCRIPTION: This article explains the establishment
         of a standard set of protection mechanisms for both 
         the classified and private user communities.        

                                                             
          AUTHOR:  Schiller, Michael                          
                                                             
          TITLE OF ARTICLE:  Security at the Touch of a       
                            Finger                           
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  July/August 1985                       
          PAGE NUMBER(S): 15-17                               
          CATEGORY:  Access Control                           
         DESCRIPTION:  This article discusses using biometric
         security systems for high-tech solutions to access  
         control problems.                                   

                                                             
          AUTHOR:  Schmonsees, Robert J.                      
                                                             
          TITLE OF ARTICLE: Identification and Authentication:
                           The Security Challenge of the 80's
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE: March/April, 1985                       
          PAGE NUMBER(S):  22-23                              
          CATEGORY:  Access Control                           
         DESCRIPTION:  This article discusses the computer   
         security issues of identification and authentication
         showing the common problems and offering some       
         suggestions for improving by random passcode.       

                                                             
          AUTHOR:  Stieglitz, M.                              
                                                             
          TITLE OF ARTICLE:  Security For Shared Resources    
                                                             
          NAME OF PERIODICAL:  Micro Communications           
                                                             
          VOLUME OF PERIODICAL:  2                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  June 1985                              
          PAGE NUMBER(S):  19-26                              
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION:  This article discusses data security  
         products and procedures for network use. Includes   
         description of encryption techniques that are now   
         popular.                                            


                                                             
          AUTHOR:   Wood, Charles Cresson                     
                                                             
          TITLE OF ARTICLE:  A New Approach to Computer User  
                            Authentication                   
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  10                           
          NUMBER OF PERIODICAL:   4                           
          ISSUE DATE:  Fall 1986                               
          PAGE NUMBER(S):  21-26                              
          CATEGORY:  Access Control                           
         DESCRIPTION: This article gives a new approach to   
         authentication called dial-guard. It addresses the  
         two problems of password/users IDs not providing    
         sufficient security and identifying the location of 
         dial-up users.                                      


                                                             
          AUTHOR:   Wood, Charles Cresson                     
                                                             
          TITLE OF ARTICLE:  Information Security with        
                            One-Way Functions                
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  5                            
          ISSUE DATE: May/June 1985                           
          PAGE NUMBER(S):  14-16                              
          CATEGORY:  Access Control                           
         DESCRIPTION:  This article explains how one-way     
         functions can be used to safeguard information that 
         is too sensitive to be protected via encryption.    


                      AUDIT AND EVALUATION
                                                             
          AUTHOR:  Berman, A.                                 
                                                             
          TITLE OF ARTICLE:  Evaluating On-Line Computer      
                            Security                         
                                                             
          NAME OF PERIODICAL:  Data Communications            
                                                             
          VOLUME OF PERIODICAL:   12                          
          NUMBER OF PERIODICAL:    7                          
          ISSUE DATE: July 1983                               
          PAGE NUMBER(S):  145-152                            
          CATEGORY:  Audit and Evaluation                     
                                 
         DESCRIPTION:  The security problems that have arisen
         because of on-line processing are discussed in this 
         article. Covered are the two ways to obtain a secure
         on-line system.                                     

                                                          
          AUTHOR:   Betts, M.                                 
                                                             
          TITLE OF ARTICLE:  U.S. Agency Faces Probes, Boosts 
                            Security After Audit             
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:  19                           
          NUMBER OF PERIODICAL:  24                           
          ISSUE DATE:  June 1985                              
          PAGE NUMBER(S):  8                                  
          CATEGORY:  Audit and Evaluation                     
                                 
         DESCRIPTION:  This article discusses an audit report
         issued by the inspector general of the U.S.         
         Department of the Interior in March 1985 which      
         revealed inadequate controls over passwords, faulty 
         operating procedures, and lack of audit trails by   
         the Denver Service Center.                          

                                                       
          AUTHOR:  Bologna, Jack                              
                                                             
          TITLE OF ARTICLE:  Forensic Accounting              
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  July/August 1984                       
          PAGE NUMBER(S):  16-20                              
          CATEGORY:  Audit and Evaluation                     
         DESCRIPTION: This article identifies the skills and 
         competency of a forensic accountant.                

                                                             
          AUTHOR:  Flach, Joseph P.                           
                                                             
          TITLE OF ARTICLE: Increasing Programming Efficiency 
                           While Preventing the "F" Word     
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  11                           
          NUMBER OF PERIODICAL:   4                           
          ISSUE DATE:  Fall 1987                              
          PAGE NUMBER(S):   15-17                             
          CATEGORY:  Audit and Evaluation                     
         DESCRIPTION:  This article gives examples of ways   
         to identify fraudulent code in a production program.

                                                             
          AUTHOR:   Gaydasch, Alexander                       
                                                             
          TITLE OF ARTICLE:  Postimplementation Audits -      
                            A Quick, Easy Approach           
                                                             
          NAME OF PERIODICAL:  Data Management                
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:   February 1983                         
          PAGE NUMBER(S):  54, 55, 69                         
          CATEGORY:  Audit and Evaluation                     
                                 
         DESCRIPTION: This article describes post-           
         implementation audits and how they help to determine
         whether a computer system has met its original      
         criteria.                                           



                      CONTINGENCY PLANNING

                                                            
          AUTHOR:  Cabell, D.                                 
                                                             
          TITLE OF ARTICLE:  Network Backups                  
                                                             
          NAME OF PERIODICAL:  Micro Communications           
                                                             
          VOLUME OF PERIODICAL:  2                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  June 1985                              
          PAGE NUMBER(S):  14-18                              
          CATEGORY:  Contingency Planning                     
                                 
         DESCRIPTION: This article describes how the only way
         to protect a LAN, micro, mini, or mainframe from a  
         complete system crash is adequate backup.           

                                                             
          AUTHOR:  Ciura, J.M.                                
                                                             
          TITLE OF ARTICLE:  Vital Records Protection:        
                            Identifying Essential            
                            Information                      
          NAME OF PERIODICAL:  Information Management         
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   2                           
          ISSUE DATE:  February 1985                          
          PAGE NUMBER(S):  11                                 
          CATEGORY:  Contingency Planning                     
                                 
         DESCRIPTION:  This article suggest that the best way
         to resume business activity after an emergency or   
         disaster is to have a vital records protection      
         program.                                            

                                                             
          AUTHOR:   Clauss, Karl H.                           
                                                             
          TITLE OF ARTICLE:  How To Move A Data Center and    
                            Avoid a Disaster                 
                                                             
          NAME OF PERIODICAL:  Infosystems                    
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:   December 1981                         
          PAGE NUMBER(S):  46-48, 50                          
          CATEGORY:   Contingency Planning                    
                                 
         DESCRIPTION:  This article describes how ARCO Oil   
         and Gas Company moved their computer center to a new
         location and the points a company should consider   
         when moving a data center.                          

                                                           
          AUTHOR:  Dobberstein, M.                            
                                                             
          TITLE OF ARTICLE:   To Have and Not to Have a       
                             Disaster                        
                                                             
          NAME OF PERIODICAL:  Computer Decisions             
                                                             
          VOLUME OF PERIODICAL:  17                           
          NUMBER OF PERIODICAL:  18                           
          ISSUE DATE:  September 1985                         
          PAGE NUMBER(S):  102-126                            
          CATEGORY:  Contingency Planning                     
                                 
         DESCRIPTION:  This article deals with the importance
         of actually testing contingency plans to see if they
         work.                                               

                                                          
          AUTHOR:  Minoli, D.                                 
                                                             
          TITLE OF ARTICLE:  Backup Needs Merit Special       
                            Attention                        
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   15                          
          ISSUE DATE:  April 1985                             
          PAGE NUMBER(S):  91, 96                             
          CATEGORY: Contingency Planning                      
                                 
         DESCRIPTION: This article focuses on the merits of  
         backing up a data center to prevent a major disaster
         from critically affecting a company.                


                                                             
          AUTHOR:  Pujals, J.M.                               
                                                             
          TITLE OF ARTICLE:   What is a Contingency Plan?     
                                                             
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  12                           
          NUMBER OF PERIODICAL:   1                           
          ISSUE DATE: Winter 1988                             
          PAGE NUMBER(S):  19-23                              
          CATEGORY:   Contingency Planning                    
         DESCRIPTION: This article tells how to construct  a 
         contingency plan and goes over the major mandatory  
         steps that have to be taken to end up with a        
         workable product.                                   

                                                     
          AUTHOR:  Raimondi, D.                               
                                                             
          TITLE OF ARTICLE:  E.F. Hutton Underscores          
                            Practicality in Backup Plan      
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   15                          
          ISSUE DATE:  April 1985                             
          PAGE NUMBER(S):  19                                 
          CATEGORY:  Contingency Planning                     
                                 
         DESCRIPTION:  Describes how E.F. Hutton has built a 
         new computer room as part of its disaster recovery  
         plan.                                               

                                                             
          AUTHOR:  Rames, David                               
                                                             
          TITLE OF ARTICLE:   Recovering From Disasters       
                                                             
          NAME OF PERIODICAL:  Computer Decisions             
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  September 1981                         
          PAGE NUMBER(S):  108-110, 112, 114, 120, 122, 124,  
                          126-131, 188-189                   
          CATEGORY:  Contingency Planning                     
                                 
         DESCRIPTION:  Described in this article are criteria
         for developing an emergency backup plan and examples
         of emergency backup alternatives.                   


                                                             
          AUTHOR:  Scoma, Louis                               
                                                             
          TITLE OF ARTICLE:  How Secure Is Your Computer      
                            Operation From A Disaster        
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  August 1981                            
          PAGE NUMBER(S):  96, 98                             
          CATEGORY:  Contingency Planning                     
                                 
         DESCRIPTION:  The failures of companies to protect  
         their computer centers is discussed along with the  
         need for recovery systems to serve as backup        
         security.                                           


                                                             
          AUTHOR:  Wolbrecht, J.E.                            
                                                             
          TITLE OF ARTICLE:  Can Your Records Storage Center  
                            Stand a Disaster                 
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:   102                         
          NUMBER OF PERIODICAL:     3                         
          ISSUE DATE:   September 1985                        
          PAGE NUMBER(S):  112-113                            
          CATEGORY:  Contingency Planning                     
                                 
         DESCRIPTION:  A manager's responsibility to protect 
         a records storage center by recognizing vulnerable  
         areas and making them more secure is discussed.     


                       DATABASE MANAGEMENT

                                                             
          AUTHOR:  Pieper, Oscar R.                           
                                                             
          TITLE OF ARTICLE:  Voice Authentication Wages A War 
                            on Data Base Fraud               
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  July/August 1984                       
          PAGE NUMBER(S): 12-13                               
          CATEGORY:  Data Base Security                       
         DESCRIPTION:  This article reviews the present state
         of voice authentication technology and how it       
         applies to secure data bases from bogus intruders.  


                     ENVIRONMENTAL SECURITY

                                                       
          AUTHOR:  Lemke, Fred H.                             
                                                             
          TITLE OF ARTICLE:  Blackouts and Computer Power     
                            Protection                       
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  12                           
          NUMBER OF PERIODICAL:   2                           
          ISSUE DATE:   Spring 1988                           
          PAGE NUMBER(S): 19-23                               
          CATEGORY:  Environmental Security                   
         DESCRIPTION:  This article is a study that was taken
         to see emerging patterns of blackouts that may be   
         useful in helping evaluate your level of blackout   
         vulnerability and then set up appropriate levels of 
         power protection for your electronic systems.       


                                                            
          AUTHOR:   Lemke, Fred H.                            
                                                             
          TITLE OF ARTICLE:  Computer Power Protection        
                                                             
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:   8                           
          NUMBER OF PERIODICAL:   4                           
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  31-33                              
          CATEGORY:  Environmental Security                   
         DESCRIPTION: This article gives examples of how to  
         protect your facility against the harmful effects of
         an electrical power outage.                         

                                                             
          AUTHOR:  McGowan, Kevin J.                          
                                                             
          TITLE OF ARTICLE:   Computer Power Protection       
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 9                             
          NUMBER OF PERIODICAL: 5                             
          ISSUE DATE: May/June 1985                           
          PAGE NUMBER(S): 21-25                               
          CATEGORY:  Environmental Security                   
         DESCRIPTION:  This article looks at understanding   
         AC power conditions in data processing site         
         preparation and its criticality for preventing      
         future computer downtime and disruptions.           



                        GENERAL SECURITY

                                                             
          AUTHOR:   Beitman, L.                               
                                                             
          TITLE OF ARTICLE:   A Practical Guide To Small      
                             Business Computer Security      
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:  96                           
          NUMBER OF PERIODICAL:  2                            
          ISSUE DATE:   August 1982                           
          PAGE NUMBER(S):  86, 90                             
          CATEGORY:  General Security                         
                                 
         DESCRIPTION: This article gives advice on how to    
         obtain computer security in a small business        
         environment. A checklist is included that will help 
         to prevent accidental and intentional harm to a     
         system.                                             
                                                             

          AUTHOR:   Collins, J.A.                             
                                                             
          TITLE OF ARTICLE:   Continuous Security Control     
                             Clamps Down on Abuse            
                                                             
          NAME OF PERIODICAL:  Data Management                
                                                             
          VOLUME OF PERIODICAL:  23                           
          NUMBER OF PERIODICAL:   5                           
          ISSUE DATE:   May 1985                              
          PAGE NUMBER(S):  56-59                              
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  The need for computer access is       
         discussed in this article that suggest that such    
         access should be a management, security-oriented    
         process. Computer security guidelines are also      
         given.                                              

                                                           
          AUTHOR:  Coontz, Constance                          
                                                             
          TITLE OF ARTICLE:   Protection through Isolation    
                                                             
          NAME OF PERIODICAL:   Security Management           
                                                             
          VOLUME OF PERIODICAL:  31                           
          NUMBER OF PERIODICAL:  11                           
          ISSUE DATE:  November 1987                          
          PAGE NUMBER(S):   53-55                             
          CATEGORY:  General Security                         
         DESCRIPTION:  This article discusses                
         compartmentalizing valuable data on dedicated PCs or
         small computer systems to help protect it from      
         hackers and moles.                                  

                                                             
          AUTHOR:   Gazarek, Kenneth F.                       
                                                             
          TITLE OF ARTICLE:  Cabinets for Electromagnetic     
         Interference/Radio-Frequency Interference and       
         TEMPEST Shielding                                   
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  July/August 1985                       
          PAGE NUMBER(S):  12-13                              
          CATEGORY:  General Security                         
         DESCRIPTION:  This article discusses the            
         electromagnetic interference and radio-frequency    
         interference control options, designing and building
         metal cabinets that provide effective shielding.    


                                                             
          AUTHOR:  Lobel, J.                                  
                                                             
          TITLE OF ARTICLE:   Third Decade of Concern         
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:   16                          
          NUMBER OF PERIODICAL:    6                          
          ISSUE DATE:  February 8, 1982                       
          PAGE NUMBER(S):  1D/31-34 & 36                      
          CATEGORY:  General Security                         
                                 
         DESCRIPTION: The author looks at some of the issues 
         associated with distributed data processing         
         including privacy, crime, and security.             
                                                            

          AUTHOR:  Miskiewicz, J.                             
                                                             
          TITLE OF ARTICLE:   DP Security: A Delicate Balance 
                                                             
          NAME OF PERIODICAL:  Computer Decisions             
                                                             
          VOLUME OF PERIODICAL:   17                          
          NUMBER OF PERIODICAL:    8                          
          ISSUE DATE:  April 1985                             
          PAGE NUMBER(S):  104-106                            
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  This article discusses the delicate   
         balance between protecting vital resources in a data
         processing facility and enhancing productivity.     


         AUTHOR:  Moulton, R.                                
                                                             
          TITLE OF ARTICLE:  Prevention:  Better Than         
                            Prosecution                      
                                                             
          NAME OF PERIODICAL:  Government Data Systems        
                                                             
          VOLUME OF PERIODICAL:  10                           
          NUMBER OF PERIODICAL:   6                           
          ISSUE DATE:   November/December 1981                
          PAGE NUMBER(S):  20 & 22-23                         
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  The focus of this paper is on         
         deterrence of computer abuse, whether it is         
         unintentional or intentional.                       

                                                         
          AUTHOR:   Parker, D.B.                              
                                                             
          TITLE OF ARTICLE:   The Many Faces of Data          
                             Vulnerability                   
                                                             
          NAME OF PERIODICAL:  IEEE Spectrum                  
                                                             
          VOLUME OF PERIODICAL:  21                           
          NUMBER OF PERIODICAL:   5                           
          ISSUE DATE:  May 1984                               
          PAGE NUMBER(S):  46-49                              
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  Discussed in this paper are both the  
         need for new computer security methods and the      
         attainable limits that can be reached by computer   
         security.                                           


                                                             
          AUTHOR:  Rosch, W.                                  
                                                             
          TITLE OF ARTICLE: Three Products Help Cork Computer 
                           Leaks, Feature Blocked Access,    
                           Disk-File Encryption              
          NAME OF PERIODICAL:  PC Week                        
                                                             
          VOLUME OF PERIODICAL:   2                           
          NUMBER OF PERIODICAL:  18                           
          ISSUE DATE:  May 1985                               
          PAGE NUMBER(S):  122-124                            
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  This article discusses a trio of       
         products to help prevent unauthorized access to a   
         computer system.                                    





                                                             
          AUTHOR: Rosen, Richard D. and Dvorsky, James        
                                                             
          TITLE OF ARTICLE:  Portable Data Carrier Technology 
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  12                           
          NUMBER OF PERIODICAL:   1                           
          ISSUE DATE:  Winter 1988                            
          PAGE NUMBER(S):  9-19                               
          CATEGORY:  General Security                         
         DESCRIPTION: This article presents an overview of   
         the general field of portable data carrier          
         technology. Included are not only smart cards but   
         other devices and systems that are beginning to     
         emerge in the marketplace.                          

                                                             
          AUTHOR:  Srinivasan, C.A. and Dascher, P.E.         
                                                             
          TITLE OF ARTICLE:  Computer Security and Integrity: 
                            Problems and Prospects           
                                                             
          NAME OF PERIODICAL:  Infosystems                    
                                                             
          VOLUME OF PERIODICAL:  28                           
          NUMBER OF PERIODICAL:   5                           
          ISSUE DATE: May 1981                                
          PAGE NUMBER(S):  5 Pages                            
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  Various aspects of computer security  
         are discussed including data security, data privacy,
         data integrity, etc.                                

                                                             
          AUTHOR:  Weller, Reginald H.                        
                                                             
          TITLE OF ARTICLE: Off-Site Data Storage: A Changing 
                           Industry                          
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 9                             
          NUMBER OF PERIODICAL: 5                             
          ISSUE DATE:  May/June 1985                          
          PAGE NUMBER(S):   18-20                             
          CATEGORY:  General Security                         
         DESCRIPTION: This article discusses selecting a     
         backup site while meeting the criteria of integrity,
         reliability, access, reasonable cost, appropriate   
         location, good security, and comprehensive insurance
         coverage.                                           


                                            
          AUTHOR:   Wright, J.R. Jr.                          
                                                             
          TITLE OF ARTICLE:  User Responsibility for Security 
                                                             
          NAME OF PERIODICAL:  Government Data Systems        
                                                             
          VOLUME OF PERIODICAL:  15                           
          NUMBER OF PERIODICAL:   1                           
          ISSUE DATE:  December 1985 through January 1986     
          PAGE NUMBER(S):  52-55                              
          CATEGORY:  General Security                         
                                 
         DESCRIPTION: This article looks at the circular     
         "Management of Federal Information Resources"       
          printed by the Office of Management and Budget.    
         This circular provides guidance to Federal Managers 
         concerning computer security and the associated     
         responsibilities.                                   

                                                             
          AUTHOR:  Zimmerman, J.S.                            
                                                             
          TITLE OF ARTICLE:  Is Your Computer Insecure?       
                                                             
          NAME OF PERIODICAL:  Datamation                     
                                                             
          VOLUME OF PERIODICAL:   31                          
          NUMBER OF PERIODICAL:   10                          
          ISSUE DATE:  May 1985                               
          PAGE NUMBER(S):   119-120                           
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  This article challenges widely        
         accepted notions concerning computer security. It   
         suggest that people's views should be changed so    
         that the challenge will be making a security system 
         work instead of beating it.                         

                         LAW AND ETHICS

                                                             
          AUTHOR:  Bequai, August                             
                                                             
          TITLE OF ARTICLE:   Federal Computer Crime          
                             Legislation is Needed           
                                                             
          NAME OF PERIODICAL:  Data Management                
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  May 1981                               
          PAGE NUMBER(S): 22-24                               
          CATEGORY:  Law & Ethics                             
                                 
         DESCRIPTION:  The ways criminals use loopholes in   
         our present criminal justice system is discussed    
         along with a history of computer crime legislation. 

                                                             
          AUTHOR:   Betts, M.                                 
                                                             
          TITLE OF ARTICLE:  Reagan Systems Security          
                            Directive Under Attack           
                                                             
          NAME OF PERIODICAL:   Computerworld                 
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   27                          
          ISSUE DATE:  July 1985                              
          PAGE NUMBER(S):  1                                  
          CATEGORY:  Law & Ethics                             
                                 
         DESCRIPTION:  This article discusses why members of 
         congress are concerned over how the National        
         Security Decision Directive 145 on computer security
         could be abused by military and intelligence        
         officials.                                          


                                                             
          AUTHOR:   Bigelow, R.P.                             
                                                             
          TITLE OF ARTICLE:  Computer Security And Law        
                                                             
          NAME OF PERIODICAL:  Infosystems                    
                                                             
          VOLUME OF PERIODICAL:   29                          
          NUMBER OF PERIODICAL:   12                          
          ISSUE DATE:  December 1982                          
          PAGE NUMBER(S):  84                                 
          CATEGORY:  Law & Ethics                             
                                 
         DESCRIPTION:  This article looks at how a memo from 
         the legal department should be structured concerning
         the protection of assets.                           

                                                             
          AUTHOR:  Hagopian, Greg                             
                                                             
          TITLE OF ARTICLE:   Planning and Implementing a     
                             Security Package                
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  10                           
          NUMBER OF PERIODICAL:   4                           
          ISSUE DATE:   Fall 1986                             
          PAGE NUMBER(S):  17-20                              
          CATEGORY:  Law & Ethics                             
         DESCRIPTION: This article discusses vendor selection
         and legal issues.                                   


                                                             
          AUTHOR: Roberts, J.E.                               
                                                             
          TITLE OF ARTICLE:  Filing Software Copyrights       
                                                             
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   36                          
          ISSUE DATE:  September 1985                         
          PAGE NUMBER(S):  116                                
          CATEGORY:  Law & Ethics                             
                                 
         DESCRIPTION: This article describes how copyrighting
         software is accomplished and what copyrighted       
         software means.                                     



                     MICROCOMPUTER SECURITY
                                                             
          AUTHOR:  Koelle, Jim                                
                                                             
          TITLE OF ARTICLE:  What's in the Cards?             
                                                             
                                                             
          NAME OF PERIODICAL:   Security                      
                                                             
          VOLUME OF PERIODICAL:  23                           
          NUMBER OF PERIODICAL:  12                           
          ISSUE DATE:   December 1986                         
          PAGE NUMBER(S):  42-44, and 46                      
          CATEGORY:  Microcomputer Security                   
         DESCRIPTION:  This article discusses microchips and 
         how they promise to revolutionize access card       
         technology with fast, calculating, and advanced     
         memories.                                           

                                                             
          AUTHOR:  Rhodes, B.                                 
                                                             
          TITLE OF ARTICLE:  Micro Security That Makes Sense  
                                                             
                                                             
          NAME OF PERIODICAL:  Computer Decisions             
                                                             
          VOLUME OF PERIODICAL:  17                           
          NUMBER OF PERIODICAL:   9                           
          ISSUE DATE:  May 1985                               
          PAGE NUMBER(S):  72, 74-76                          
          CATEGORY:  Microcomputer Security                   
                                 
         DESCRIPTION: This article describes security        
         procedures that can be used by employees to solve   
         microcomputer security problems.                    


                                                             
          AUTHOR:  Zimmerman, J.S.                            
                                                             
          TITLE OF ARTICLE:  P.C. Security:  So What's New    
                                                             
          NAME OF PERIODICAL:  Datamation                     
                                                             
          VOLUME OF PERIODICAL:   31                          
          NUMBER OF PERIODICAL:   21                          
          ISSUE DATE:  November 1985                          
          PAGE NUMBER(S):  89-92                              
          CATEGORY:   Microcomputer Security                  
                                 
         DESCRIPTION:  This article looks at the problems    
         data security officers are going to encounter even  
         as they implement safeguards for micros.            


                 PHYSICAL SECURITY AND HARDWARE

                                                             
          AUTHOR:   Call, B.                                  
                                                             
          TITLE OF ARTICLE:   Buttress Against Computer       
                             Crime                           
                                                             
          NAME OF PERIODICAL:   PC Week                       
                                                             
          VOLUME OF PERIODICAL:    2                          
          NUMBER OF PERIODICAL:   18                          
          ISSUE DATE:  May 1985                               
          PAGE NUMBER(S):  111, 115                           
          CATEGORY:  Physical Security & Hardware             
                                 
         DESCRIPTION: The physical protection of computers is
         becoming an area of interest for more organizations.
         The increased number of physical security devices   
         illustrates this point and is discussed in this     
         article.                                            


                                                             
          AUTHOR:  Epner, S.A.                                
                                                             
          TITLE OF ARTICLE:   Computer Security:  Plenty of   
                             Questions but No Easy Answers   
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:   101                         
          NUMBER OF PERIODICAL:     3                         
          ISSUE DATE:  March 1985                             
          PAGE NUMBER(S):  74-76                              
          CATEGORY:  Physical Security & Hardware             
                                 
         DESCRIPTION: This article covers the physical       
         security of computer equipment including air        
         conditioning and power to pass cards and security   
         guards.                                             



                             PRIVACY

                                                             
          AUTHOR:  Jordan, Halmuth                            
                                                             
          TITLE OF ARTICLE:  The Search for Privacy           
                                                             
                                                             
          NAME OF PERIODICAL:   Security Management           
                                                             
          VOLUME OF PERIODICAL:  31                           
          NUMBER OF PERIODICAL:  11                           
          ISSUE DATE:  November 1987                          
          PAGE NUMBER(S):  32-36                              
          CATEGORY:  Privacy                                  
         DESCRIPTION: This article focuses on some of the    
         difficulties the legal profession is having by      
         looking at American and West German law regarding   
         electronic surveillance.                            

                         RISK MANAGEMENT
                                                            
          AUTHOR: Armstrong, James R.                         
                                                             
          TITLE OF ARTICLE:  Protecting the Corporate Data    
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 9                             
          NUMBER OF PERIODICAL: 4                             
          ISSUE DATE: March/April, 1985                       
          PAGE NUMBER(S): 16-17                               
          CATEGORY:  Risk Management                          
         DESCRIPTION:  This article discusses how most       
         alternative off-site lack the environmental control,
         security and accessibility needed. Includes a       
         discussion on things to consider in selecting an    
         off-site storage facility.                          

                                                             
          AUTHOR:   Bologna, Jack                             
                                                             
          TITLE OF ARTICLE:  Disaster/Recovery Planning: A    
                            Qualitative Approach             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  11-15                              
          CATEGORY:  Risk Management                          
         DESCRIPTION: Developing a disaster/recovery plan    
         usually involves a detailed quantitative risk       
         analysis; the author offers a more qualitative      
         approach that is less time consuming and will obtain
         a higher level of commitment from management, D/P   
         staff, and users.                                   


                                                             
          AUTHOR:  Bologna, Jack                              
                                                             
          TITLE OF ARTICLE:  Industrial Security In a         
                            Nutshell: A Risk by any Other    
                            Name                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  5                            
          ISSUE DATE:  May/June 1985                          
          PAGE NUMBER(S):  12-13                              
          CATEGORY: Risk Management                           
         DESCRIPTION: This article discusses properly        
         understanding risk and how the opposite side of risk
         is opportunity for growth and development.          

                                                             
          AUTHOR:  Bologna, Jack                              
                                                             
          TITLE OF ARTICLE:  Risk Assessment Guidelines for   
                            Fidelity Insurance               
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April, 1985                      
          PAGE NUMBER(S):  18-20                              
          CATEGORY:   Risk Management                         
         DESCRIPTION: This article is a review of the        
         adequacy of asset protection plans, policies,       
         procedures and controls to enlighten top management.


                                                             
          AUTHOR:  Helsing, Cherly W.                         
                                                             
          TITLE OF ARTICLE:  Disaster Recovery Options        
                                                             
          NAME OF PERIODICAL:   Security                      
                                                             
          VOLUME OF PERIODICAL:  24                           
          NUMBER OF PERIODICAL:   7                           
          ISSUE DATE:  July 1987                              
          PAGE NUMBER(S):  100-103                            
          CATEGORY:  Risk Management                          
         DESCRIPTION: This article has suggestions on how to 
         find a recovery plan that fits your firm without    
         damaging your profits.                              


                                                             
          AUTHOR:  Linden, Jack                               
                                                             
          TITLE OF ARTICLE:  Automated EDP Risk Analysis      
                            and Management                   
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  1                            
          ISSUE DATE:  September/October 1984                 
          PAGE NUMBER(S):  16-18                              
          CATEGORY:  Risk Management                          
         DESCRIPTION: This article gives a cost effective    
         first step in developing a successful computer      
         security program using a cost benefit analysis      
         approach.                                           


                                                            
          AUTHOR:  Schweig, Barry B.                          
                                                             
          TITLE OF ARTICLE: Decision Matrix:  A Risk Handling 
                           Decision Aid                      
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  16-18                              
          CATEGORY:  Risk Management                          
         DESCRIPTION:  This article discusses conceptualizing
         a decision-matrix as an integral component of a risk
         management process.                                 

                                                             
          AUTHOR:  Vernick, Paul R.                           
                                                             
          TITLE OF ARTICLE:  Providing Data Processing        
                            Recovery Backup                  
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April, 1985                      
          PAGE NUMBER(S):   14-16                             
          CATEGORY:  Risk Management                          
         DESCRIPTION: This article covers some of the major  
         emergency and recovery planning options available   
         that need to be considered prior to the occurrence  
         of any serious emergency.                           


                       SECURITY MANAGEMENT

                                                             
          AUTHOR:  Bologna, Jack                              
                                                             
          TITLE OF ARTICLE:   Security Planning:  The "Tapps" 
                             Method                          
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:   10                          
          NUMBER OF PERIODICAL:    4                          
          ISSUE DATE:   Fall 1986                             
          PAGE NUMBER(S):  7-11                               
          CATEGORY:  Security Management                      
         DESCRIPTION:  This article covers a system approach 
         to assets protection. It discusses an analytical    
         process called Total Assets Protection Planning     
         System (TAPPS) which consist of organization,       
         structure and mandate of the security function.     


                                                             
          AUTHOR:  Bologna, Jack                              
                                                             
          TITLE OF ARTICLE:  Selling Computer Security to     
                            Top Management                   
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  5                            
          ISSUE DATE: May/June 1984                           
          PAGE NUMBER(S):  13-16                              
          CATEGORY:  Security Management                      
         DESCRIPTION:  This article discusses positive       
         motivational impact, minimizing risk, and cost      
         feasibility in selling computer security to top     
         managers.                                           


                                                             
          AUTHOR:    Bologna, Jack                            
                                                             
          TITLE OF ARTICLE:  Why the Corporate Security       
                            Function is Being Downsized      
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 11                            
          NUMBER OF PERIODICAL:  2                            
          ISSUE DATE:  Spring 1987                            
          PAGE NUMBER(S):  20-21                              
          CATEGORY:   Security Management                     
         DESCRIPTION:  This article discusses the disbanding 
         and dilution of corporate security functions and    
         how this effects the security of a firm.            

                                                             
          AUTHOR:   Goldstein, Bruce                          
                                                             
          TITLE OF ARTICLE:  Information Security: The        
                            Information Resource Management  
                            Approach                         
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  5                            
          ISSUE DATE:  May/June 1984                          
          PAGE NUMBER(S):  18-22                              
          CATEGORY:  Security Management                      
         DESCRIPTION:  This article addresses information as 
         a asset that must be protected as any other asset.  
         It also discusses information research management   
         providing the framework for a comprehensive         
         information security program.                       


                                                             
          AUTHOR:  Harris, N.L.                               
                                                             
          TITLE OF ARTICLE:  Rigid Administrative Procedures  
                            Prevent Computer Security        
                            Failure                          
          NAME OF PERIODICAL:   Data Management               
                                                             
          VOLUME OF PERIODICAL:  22                           
          NUMBER OF PERIODICAL:  12                           
          ISSUE DATE:  December 1984                          
          PAGE NUMBER(S):  13-14, 16                          
          CATEGORY:  Security Management                      
                                 
         DESCRIPTION: The best way to keep a security program
         from failing is the use of strict administrative    
         procedures. This article also discusses why some    
         systems fail.                                       


                                                         
          AUTHOR:  Reber, Jan                                 
                                                             
          TITLE OF ARTICLE:   The Essence of Industrial       
                             Espionage                       
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  10                           
          NUMBER OF PERIODICAL:   1                           
          ISSUE DATE:  Winter 1986                            
          PAGE NUMBER(S):  24-25                              
          CATEGORY:  Security Management                      
         DESCRIPTION: This article discusses understanding   
         espionage by a characteristic all spies have in     
         common "access to the target".                      
             
                 SOFTWARE AND OPERATING SYSTEM SECURITY

                                                             
          AUTHOR:   Adler, Stacy                              
                                                             
          TITLE OF ARTICLE:   7 Myths of Computer Security    
                                                             
          NAME OF PERIODICAL:   Security                      
                                                             
          VOLUME OF PERIODICAL:   24                          
          NUMBER OF PERIODICAL:    1                          
          ISSUE DATE:  January 1987                           
          PAGE NUMBER(S):   50-52                             
          CATEGORY:  Software & Operating System Security     
         DESCRIPTION:  This article covers consultants that  
         clear misconceptions about data protection software.


                                                             
          AUTHOR:   Edwards, J.                               
                                                             
          TITLE OF ARTICLE:  Ends in Sight for the            
                            Copy-Protection Debate           
                                                             
          NAME OF PERIODICAL:  PC Week                        
                                                             
          VOLUME OF PERIODICAL:  3                            
          NUMBER OF PERIODICAL:  1                            
          ISSUE DATE:  January 1986                           
          PAGE NUMBER(S):  101 & 105                          
          CATEGORY:  Software & Operating System Security     
                                 
         DESCRIPTION:  This protection of software from      
         unauthorized use may be coming to an end as         
         Microsoft Corporation has decided to lift the       
         protection from several of its software programs.   


                                                             
          AUTHOR:  Koreniowski, P.                            
                                                             
          TITLE OF ARTICLE:   Adapso Making Progress on       
                             Software Protection Device      
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:  19                           
          NUMBER OF PERIODICAL:  24                           
          ISSUE DATE:  June 1985                              
          PAGE NUMBER(S):  8                                  
          CATEGORY:  Software & Operating System Security     
                                 
         DESCRIPTION:  This article discusses how the        
         Association of Data Processing Service Organizations
         (ADAPSO) is getting ready to announce its progress  
         in creating a software authorization mechanism.     


                                                             
          AUTHOR:  Schriever, Joe F.                          
                                                             
          TITLE OF ARTICLE:   Structuring for Security        
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  1                            
          ISSUE DATE: September/October 1984                  
          PAGE NUMBER(S): 14-16                               
          CATEGORY:  Software & Operating System Security     
         DESCRIPTION:  This article is a set of guidelines   
         that will remove ambiguities as to what will be     
         done by whom to provide system security.            



                     TRAINING AND AWARENESS

                                                             
          AUTHOR:   Bezdek, J.                                
                                                             
          TITLE OF ARTICLE:  Across-the-Board Training        
                            Protects Data                    
                                                             
          NAME OF PERIODICAL:   Computerworld                 
                                                             
          VOLUME OF PERIODICAL:   18                          
          NUMBER OF PERIODICAL:   44                          
          ISSUE DATE:  October 1984                           
          PAGE NUMBER(S):  SR-10                              
          CATEGORY:  Training & Awareness                     
                                 
         DESCRIPTION:  This special report covers the four   
         areas that a training program in computer security  
         needs to include. These are plant physical security,
         logical security, administrative security, and the  
         legal and social aspects of security training.      


                                                             
          AUTHOR:  Bound, W.A.J.                              
                                                             
          TITLE OF ARTICLE:   Security Protecting Information 
                             Resources and Media             
                                                             
          NAME OF PERIODICAL:  Information Management         
                                                             
          VOLUME OF PERIODICAL:  18                           
          NUMBER OF PERIODICAL:   8                           
          ISSUE DATE:  August 1984                            
          PAGE NUMBER(S):  18-19                              
          CATEGORY:  Training & Awareness                     
                                 
         DESCRIPTION:  This article discusses what a manager 
         must consider when designing an office security     
         program to protect against the four vulnerabilities 
         of a system: personnel, physical, administrative,   
         and technical.                                      

                                                             
          AUTHOR:  Johnston, R.E.                             
                                                             
          TITLE OF ARTICLE:  What You Need To Know            
                                                             
          NAME OF PERIODICAL:  Infosystems                    
                                                             
          VOLUME OF PERIODICAL:   32                          
          NUMBER OF PERIODICAL:    1                          
          ISSUE DATE:  January 1985                           
          PAGE NUMBER(S):  56                                 
          CATEGORY:  Training & Awareness                     
                                 
         DESCRIPTION: Outlined in this article are those     
         things that should be considered when establishing  
         a computer security program or updating an existing 
         program.                                            


                                                             
          AUTHOR:  Leuser, K.G.                               
                                                             
          TITLE OF ARTICLE:   Security Programs:  Only as     
                             Good as We Make Them            
                                                             
          NAME OF PERIODICAL:   Office                        
                                                             
          VOLUME OF PERIODICAL:  100                          
          NUMBER OF PERIODICAL:    2                          
          ISSUE DATE:  August 1984                            
          PAGE NUMBER(S):  91-92                              
          CATEGORY:   Training & Awareness                    
                                 
         DESCRIPTION:  Discusses how an effective security   
         program helps to foil or discourage people with     
         dishonest intentions. Looks at the office           
         administrator's domain to identify areas of         
         potential vulnerability.                            

                                                            
          AUTHOR:   Weber, A.                                 
                                                             
          TITLE OF ARTICLE:   Effective Security Programs     
                             Start with Awareness            
                                                             
          NAME OF PERIODICAL:  Data Management                
                                                             
          VOLUME OF PERIODICAL:   23                          
          NUMBER OF PERIODICAL:   11                          
          ISSUE DATE:  November 1985                          
          PAGE NUMBER(S):   34-35                             
          CATEGORY:  Training & Awareness                     
                                 
         DESCRIPTION:  Educating end users is the key to     
         helping prevent crime and computer abuse in an      
         organization.                                       



                      AUTHORS NOT SPECIFIED

                       ABUSE/MISUSE/CRIME
                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Computer "Hacking" is No Longer  
                            Just a Lark                      
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:  102                          
          NUMBER OF PERIODICAL:  3                            
          ISSUE DATE:  September 1985                         
          PAGE NUMBER(S):  90-95                              
          CATEGORY:  Abuse/Misuse/Crime                       
                                 
         DESCRIPTION:  Computer hackers will use computers to
         obtain information and resell it, use it for        
         blackmail, extortion, and espionage. This article   
         discusses techniques for preventing hackers from    
         getting on a system, and monitoring them if they are
         discovered.                                         


                                                         
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Computer Security:  The Menace   
                            is Human Error                   
                                                             
          NAME OF PERIODICAL:  Office                         
                                                             
          VOLUME OF PERIODICAL:  99                           
          NUMBER OF PERIODICAL:  3                            
          ISSUE DATE:  March 1984                             
          PAGE NUMBER(S):  119-120                            
          CATEGORY:  Abuse/Misuse/Crime                       
                                 
         DESCRIPTION:  This article stresses that managers   
         should understand that data security is a people    
         problem and not a computer problem. People are the  
         ones that either accidentally or intentionally      
         misuse a computer system.                           


                                                             
          AUTHOR:  Not Specified                              
                                                             
          TITLE OF ARTICLE:  Internal Security                
                                                             
          NAME OF PERIODICAL:  PC Week                        
                                                             
          VOLUME OF PERIODICAL: 2                             
          NUMBER OF PERIODICAL: 18                            
          ISSUE DATE: May 1985                                
          PAGE NUMBER(S): 89-91, 106-107                      
          CATEGORY:  Abuse/Misuse/Crime                       
                                 
         DESCRIPTION: Experts feel that local computer access
         is more prone to intrusion than long-distance       
         access. This article discusses how insiders in a    
         company are the ones most likely to abuse a computer
         system.                                             

                                                             
          AUTHOR:  Not Specified                              
                                                             
          TITLE OF ARTICLE: Reporting Computer Crime          
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  July/August 1984                       
          PAGE NUMBER(S):  20-21                              
          CATEGORY:  Abuse/Misuse/Crime                       
         DESCRIPTION: This article presents a suggested      
         format for a final report to use in documenting     
         actions surrounding a computer crime.               



                         ACCESS CONTROL


                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Communications and Systems       
                            Security                         
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  3                            
          ISSUE DATE:  1985 Buyer's Directory                 
          PAGE NUMBER(S):  11-13                              
          CATEGORY:  Access Control                           
         DESCRIPTION:  This article discusses a wide variety 
         of communications and system security  protection   
         methods. Includes encryption, fiber optics, key     
         management, optical links, electrical emanations,   
         and dial-up access protection devices.              


                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:   Computer Communications         
                             Security Lexicon                
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:   11                          
          NUMBER OF PERIODICAL:    2                          
          ISSUE DATE: Spring 1987                             
          PAGE NUMBER(S):  22-23                              
          CATEGORY:   Access Control                          
         DESCRIPTION:  This article is an update containing  
         some new added security definitions of terms and    
         phrases.                                            

                                                             
          AUTHOR:  Not Specified                              
                                                             
          TITLE OF ARTICLE:  Controlling Access To Your Data  
                                                             
          NAME OF PERIODICAL:  Personal Computing             
                                                             
          VOLUME OF PERIODICAL:   9                           
          NUMBER OF PERIODICAL:   9                           
          ISSUE DATE:  September 1985                         
          PAGE NUMBER(S): 60-72                               
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION:  Explains measures that can be taken   
         to protect what's in a computer. Focuses not only   
         on vandals, but also on people who accidentally harm
         the computer.                                       



                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Dial-Up Access Security Products 
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  2                            
          ISSUE DATE:  November/December 1984                 
          PAGE NUMBER(S):  21-24                              
          CATEGORY:  Access Control                           
         DESCRIPTION:  This article presents some new dial-up
         access security products and their major features.  



                                                             
          AUTHOR:  Not Specified                              
                                                             
          TITLE OF ARTICLE:  Enhancements Out For Barrier     
                            Security Devices                 
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:   18                          
          NUMBER OF PERIODICAL:   35                          
          ISSUE DATE:  August 1984                            
          PAGE NUMBER(S):  51                                 
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION: This article discusses the password    
         protection device designed by International Anasazi,
         Inc. that will limit access on dial-up lines.       



                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Firesign Unwraps Security        
                            Feature                          
                                                             
          NAME OF PERIODICAL:  MIS Week                       
                                                             
          VOLUME OF PERIODICAL:   5                           
          NUMBER OF PERIODICAL:   23                          
          ISSUE DATE: June 1984                               
          PAGE NUMBER(S):  24                                 
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION: This article discusses Firesign        
         Computer Company's product that provides for network
         security by its password system.                    


                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Security Computer Outsmarts      
                            Colorado Bandits                 
                                                             
          NAME OF PERIODICAL:   Data Management               
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   7                           
          ISSUE DATE:   July 1981                             
          PAGE NUMBER(S):  17-18                              
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION: This article looks at the effectiveness
         of a security system that controls access to several
         high-rise buildings in Colorado.                    


                                                             
          AUTHOR:  Not Specified                              
                                                             
          TITLE OF ARTICLE:  Security Lock Ready for PCs      
                                                             
          NAME OF PERIODICAL:  MIS Week                       
                                                             
          VOLUME OF PERIODICAL:   6                           
          NUMBER OF PERIODICAL:   26                          
          ISSUE DATE:  July 1985                              
          PAGE NUMBER(S):  30                                 
          CATEGORY:  Access Control                           
                                 
         DESCRIPTION: The hard disk security product "Knight 
         Data Security Manager" is discussed. This product   
         allows password protection in a PC.                 



                      CONTINGENCY PLANNING
                                                            
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:   Automated Contingency Planning  
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  22                                 
          CATEGORY:  Contingency Planning                     
         DESCRIPTION:   This article presents a special      
         purpose software package CHI/COR that deals with    
         the job of documenting the resources needed to      
         implement a disaster recovery plan.                 

                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Contingency Planning and the Law 
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  17-18                              
          CATEGORY:   Contingency Planning                    
         DESCRIPTION:  This article reviews the Foreign      
         Corrupt Practices Act and its requirement for record
         keeping and internal controls. Other potential legal
         liabilities are also reviewed.                      


                     ENVIRONMENTAL SECURITY

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Computer Power and Environmental 
                            Controls                         
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 9                             
          NUMBER OF PERIODICAL: 3                             
          ISSUE DATE:  1985 Buyer's Directory                 
          PAGE NUMBER(S):  13                                 
          CATEGORY:  Environmental Security                   
         DESCRIPTION:  This article discusses common power   
         anomalies and equipment available to overcome them. 


                        GENERAL SECURITY

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Computer Back-up Facilities      
                                                             
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 8                             
          NUMBER OF PERIODICAL: 4                             
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S): 19-22                               
          CATEGORY:  General Security                         
         DESCRIPTION:  This article discusses the options of 
         back-up sites including cold sites, hot sites, or   
         empty shell, or fully equipped recovery sites. Also 
         refers to the extent of equipment, space, and       
         services provided by these back-up facilities.      


                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Computer Security:  Issues and   
                            Answers                          
                                                             
          NAME OF PERIODICAL:   Datamation                    
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  September 15, 1984                     
          PAGE NUMBER(S):  16 Pages                           
          CATEGORY:   General Security                        
                                 
         DESCRIPTION:  This 16-page section sponsored by the 
         Computer Security Institute contains several        
         articles that cover a variety of computer security  
         issues.                                             

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Computer Security:  Issues and   
                            Answers                          
                                                             
          NAME OF PERIODICAL:   Datamation                    
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:    September 15 1985                    
          PAGE NUMBER(S):  24 Pages                           
          CATEGORY:    General Security                       
                                 
         DESCRIPTION:  This advertisement section contains   
         eight articles that discuss a variety of computer   
         security issues. The authors include FBI Director   
         William Webster and Department of Defense Computer  
         Security Center Director Robert Brotzman.           


                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Making The Case For Computer     
                            Security Pure and Simple         
                                                             
          NAME OF PERIODICAL:   Datamation                    
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  September 1983                         
          PAGE NUMBER(S):                                     
          CATEGORY:  General Security                         
                                 
         DESCRIPTION: This section of Datamation is sponsored
         by the Computer Security Institute and covers a     
         broad range of computer security issues in several  
         different articles.                                 


                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:   Personal Computers vs. Data     
                             Data Security:  the Two Need    
                             Not Be Incompatible             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  12                           
          NUMBER OF PERIODICAL:   1                           
          ISSUE DATE:  Winter 1988                            
          PAGE NUMBER(S):  24-26                              
          CATEGORY:  General Security                         
         DESCRIPTION:  This article discusses the threat of  
         data loss either intentional or unintentional. It   
         examines the significant risks and the data security
         policies to lower these risks.                      

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:   Protecting Information and      
                             Interest                        
                                                             
          NAME OF PERIODICAL:  Computer Management            
                                                             
          VOLUME OF PERIODICAL:                               
          NUMBER OF PERIODICAL:                               
          ISSUE DATE:  October 1981                           
          PAGE NUMBER(S):  33-34, 36                          
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  Suppliers, consultants, and services  
         related to computer security are listed in this     
         directory.                                          

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Simple Security Precautions      
                            Ensure Information Safety        
                                                             
          NAME OF PERIODICAL:  Computerworld                  
                                                             
          VOLUME OF PERIODICAL:   19                          
          NUMBER OF PERIODICAL:   17                          
          ISSUE DATE:   April 1985                            
          PAGE NUMBER(S):   SR-38                             
          CATEGORY:  General Security                         
                                 
         DESCRIPTION:  This article applies many of the      
         security precautions for mainframes to the          
         microcomputer.                                      



                     MICROCOMPUTER SECURITY
                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:  Memo:  Disaster Plan For         
                            Microcomputer Users              
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  27-29                              
          CATEGORY:   Microcomputer Security                  
         DESCRIPTION:  This article is in the form a memo    
         containing a microcomputer disaster recovery        
         checklist. It address issues that should be taken in
         contingency plans.                                  


                 PHYSICAL SECURITY AND HARDWARE

                                                             
          AUTHOR:   Not Specified                             
                                                             
          TITLE OF ARTICLE:   Media Safes:  Countering the    
                             Threats of Fire                 
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  6                            
          ISSUE DATE:  July/August 1985                       
          PAGE NUMBER(S):  18-20                              
          CATEGORY:  Physical Security & Hardware             
         DESCRIPTION: This article is a review of critical   
         basic information on how to select fire resistant   
         media safes.                                        


                         RISK MANAGEMENT

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Protecting The World's Largest   
                            Computer User                    
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL: 8                             
          NUMBER OF PERIODICAL: 4                             
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  25-26                              
          CATEGORY:   Risk Management                         
         DESCRIPTION: This article discusses a new high      
         security off-site storage facility opening in       
         Beltsville, Maryland. It also address concern with  
         the lack of proper security storage today.          


                       SECURITY MANAGEMENT
 
                                                            
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Computer Security Awareness:     
                            Organizations and Senior         
                            Management Concerns              
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  5                            
          ISSUE DATE:  May/June 1984                          
          PAGE NUMBER(S):  12-13                              
          CATEGORY:  Security Management                      
         DESCRIPTION:  This article gives the result of a    
         survey of general security and computer security    
         personnel, EDP auditors, and internal auditors to   
         determine the computer security awareness of their  
         company and senior management.                      

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Records Storage and Management   
                                                             
          NAME OF PERIODICAL:    Data Processing &            
                                Communications Security      
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  4                            
          ISSUE DATE:  March/April 1984                       
          PAGE NUMBER(S):  23-25                              
          CATEGORY:   Security Management                     
         DESCRIPTION:  This article addresses the questions  
         which records should be stored off-site, and how    
         can an off-site facility be evaluated? It also      
         provides an overview of areas to consider.          



             SOFTWARE AND OPERATING SYSTEM SECURITY

                                                            
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Computer Security Software       
                                                             
          NAME OF PERIODICAL:   Data Processing &             
                               Communications Security       
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  1                            
          ISSUE DATE:  September/October 1984                 
          PAGE NUMBER(S):  19-24                              
          CATEGORY:  Software & Operating System Security     
         DESCRIPTION:  This article provides information for 
         using access control software to protect the        
         terminals, the data and the system itself from      
         unauthorized use.                                   

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:  Computer Security Software       
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  9                            
          NUMBER OF PERIODICAL:  3                            
          ISSUE DATE:  1985 Buyer's Directory                 
          PAGE NUMBER(S):  17-18                              
          CATEGORY:  Software and Operating System Security   
         DESCRIPTION:  This article addresses a wide variety 
         of computer security software programs and their    
         different uses.                                     

                                                             
          AUTHOR:    Not Specified                            
                                                             
          TITLE OF ARTICLE:   Protecting Software With        
                             Escrow Services                 
                                                             
          NAME OF PERIODICAL:  Data Processing &              
                              Communications Security        
          VOLUME OF PERIODICAL:  8                            
          NUMBER OF PERIODICAL:  5                            
          ISSUE DATE:  May/June 1984                          
          PAGE NUMBER(S):  22-24                              
          CATEGORY:  Software & Operating System Security     
         DESCRIPTION:  This article addresses some of the    
         problems and answers for protecting software that   
         concerns major management today.