Computers at Risk presents a comprehensive agenda for developing nationwide policies and practices for computer security. Specific recommendations are provided for industry and for government agencies engaged in computer security activities. The volume also outlines problems and opportunities in computer security research, recommends ways to improve the research infrastructure, and suggests topics for investigators. The book explores the diversity of the field, the need to engineer countermeasures based on speculation of what experts think computer attackers may do next, why the technology community has failed to respond to the need for enhanced security systems, how innovators could be encouraged to bring more options to the marketplace, and balancing the importance of security against the right of privacy.

Focuses on policy issues in three areas: national cryptography policy, including federal information processing standards and export controls; guidance on safeguarding unclassified information in federal agencies; and legal issues and information security, including electronic commerce, privacy, and intellectual property. Includes: computer security act and related documents and evaluation of the digital signature standard. Charts and tables.

The use of information networks for business and government is expanding enormously. Government use of networks features prominently in plans to make government more efficient, effective, and responsive. But the transformation brought about by the networking also raises new concerns for the security and privacy of networked information. This Office of Technology Assessment (OTA) report was requested by the Senate Committee on Governmental Affairs and the House Subcommittee on Telecommunications and Finance. The report begins with background information and an overview of the current situation, a statement of the problems involved in safeguarding unclassified networked information, and a summary of policy issues and options. The major part of the report is then devoted to detailed discussions of policy issues in three areas: (1) cryptography policy, including federal information processing standards and export controls; (2) guidance on safeguarding unclassified information in federal agencies; and (3) legal issues and information security, including electronic commerce, privacy, and intellectual property. Appendices include Congressional letters of request; the Computer Security Act and related documents; evolution of the digital signature standard; and lists of workshop participants, reviews, and other contributors. An index is provided. A separately published eight-page OTA Report Summary is included. (JLB).