What Does COMPUter SECurity Mean?
COMPUter SECurity (COMPUSEC) is a military term used in reference to the security of computer system information. Today it can relate to either the military or civilian community. COMPUSEC also concerns preventing unauthorized users from gaining entry to a computer system.
Techopedia Explains COMPUter SECurity
The differences between computer security (COMSEC) and COMPUSEC is that COMSEC is involved with data that is being transmitted and protecting the data while being transmitted. COMPUSEC concerns itself with protecting data during the act of processing or while being stored.
One of the first devised standards for COMPUSEC was the DoD 5200.28-M, ADP Security Manual. This document contains certain essential computer system requirements, including:
- Labeling of any classified information. This involves compartmented computers – those holding information only accessible by individuals holding appropriate clearance levels.
- Keeping an audit trail of anything related to security. This could include keeping track of anyone who logged into or out of the system.
- Verifying privileges, such as whether a user can read or write. Letting only certain users have access to the memory.
- Utilizing identification, such as logins and passwords, to authenticate computer users.
Though COMPUSEC started out as a set of guidelines for protecting national assets, it now is more widespread. Later, other tools for COMPUSEC were developed and included CSC-STD-001-83, the Trusted Computer System Evaluation Criteria (TCSEC) or the Orange Book. The Orange Book took a layered approach to rating computer system requirements. It included ratings on security policy, accountability, assurance and documentation.