[IP] THE TRUSTED OFFICE OF THE FUTURE -- 1984
TITLE:
THE TRUSTED OFFICE OF THE FUTURE
Compcon '84
AUTHORS:
Prof. David J. Farber, University of Delaware
Peter G. von Glahn, University of Delaware
Stephen T. Walker, Trusted Information Systems, Inc.
ABSTRACT:
Several studies have examined the character of the
office of the future. They generally looked at handling
routine information and at general information
processing.
In any real office, however, a certain amount of non-
routine, sensitive information must also be handled.
Personnel, financial, patent-related, or proprietary
corporate information as well as government classified
information fall into this latter category. We believe
that
it is possible and desirable to handle this non-routine
information using the same computer tools as are used to
handle routine matters. This paper describes an
architecture and a family of tools that allow information
with varying sensitivities to be thus handled.
We assume that organizations and offices of the
future
will not be too different from those of today. Human
beings
will run these offices using procedures not far removed
from
today's. We assume that this future office will be fully
computerized and that everyone will have his or her
personal
computer. All the personal computers will be linked
together with a local computer network. Certain
resources
(e.g., large file stores, printers, high speed
computational
engines) will still be expensive in the future thus,
sharing
them among many users will be common. This sharing will
take place using the same network that links the personal
computers. Since neither the common resources nor the
computer networks will be cheap, using one system to
handle
both routine and sensitive information will be common.
This
integrated system use will make the computers more
acceptable to users and management. (In fact, personal
computers and office networks may not be accepted until
this
can be done.) Rather than invent new procedures for
handling
this mix of material, we propose to extend current office
information-handling practice into what we call the
Trusted
Office of the Future.
We base our Trusted Office of the Future on a
distributed network architecture made up of personal
computers and isolated specialized servers linked
together
with a local computer network. We feel that such an
architecture can be made safe for use with sensitive
information and is capable of growth as needs change.
This
safety can be provided by integrating security-related
features into each member of the network. Since each
member
can be trusted to deal with sensitive information
properly,
we call our system the Trusted Office System.
We anticipate that each worker in the office of the
future will have his or her own Personal Work Place
connected to the office computer network. The Personal
Work
Place, we envision, will be a dedicated
microprocessor-based
personal computer or workstation with built-in user
interfaces and mass storage. It will provide the tools
and
local storage the worker needs to do his or her work. We
assume that workers dealing with sensitive materials are
trusted to do their jobs properly and maintain security
since they can be held accountable for their actions.
Therefore, they will be free to manipulate both routine
and
sensitive information within their Personal Work Place as
required. Embedded within the Personal Work Place will
be a
hardware/software module we call the Private Secretary.
The
Private Secretary will handle security functions as well
as
provide the network interface for the Personal Work
Place.
Besides Personal Work Places, a collection of
servers
will reside on the network. These will be single purpose
computers, each with a hardware/software module similar
to
the Private Secretary to handle security. Archival
storage
will be handled by file servers. Hard copy printout
will be
handled by a print server augmented by a personnel
identification module (to validate a user's
identification
prior to delivering sensitive material to him or her).
Computational servers will handle database and number-
crunching functions on a single-user-at-a-time basis (to
eliminate security problems associated with multiple
users).
A security server will handle system security
administration. Since we assume the existence of
multiple
offices, each with its own local network, an office
gateway
server will handle interoffice traffic. It will provide
security encapsulation and routing for this traffic. It
will also maintain a local user directory to process
incoming interoffice communications.
This paper is divided into four sections. The first
expands on our assumptions about the environment of the
office of future. The second gives an overview of
current
(non-computerized) office practice for handling a mix of
routine and sensitive material. The next section
suggests
an extension of this practice into the office of the
future.
The final section presents our thoughts on how such a
Trusted Office of the Future could be realized.
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/