Information security

From ImperialWiki
Jump to: navigation, search
m (Information security in Star Trek)
(Information security in Star Trek)
Line 21: Line 21:
 
*In TNG "Conundrum", an alien [[Satarran]] was able to alter the content of the ship's database to mislead the crew into attacking the Lysians.
 
*In TNG "Conundrum", an alien [[Satarran]] was able to alter the content of the ship's database to mislead the crew into attacking the Lysians.
 
*Federation starships are known to allow remote access to their command functions via a [[prefix code]] that can be transmitted from other starships, and remote commands can actually override orders issued from the target starship's bridge.  Why the Federation would include such a dangerous feature in their warships is unclear.
 
*Federation starships are known to allow remote access to their command functions via a [[prefix code]] that can be transmitted from other starships, and remote commands can actually override orders issued from the target starship's bridge.  Why the Federation would include such a dangerous feature in their warships is unclear.
*In the [[VOY|Voyager]] episode, "Investigations", we see that all [[Neelix]] needed to do to unlock a workstation was to give a verbal command and the station was unlocked without the computer checking user identity.
+
*In the [[VOY|Voyager]] episode, "Investigations", [[Neelix]] is able to unlock someone else's workstation just a voice command.
  
 
Collectively, these failures indicate poor interface controls and inadequate authentication controls; the Federation's authorization controls have generally been successful.  The failure of the Federation's authentication protocols is surprising, since they have the technology to simultaneously implement all three of the major authentication methods with ease, and such a combined approach would make their systems much more secure.
 
Collectively, these failures indicate poor interface controls and inadequate authentication controls; the Federation's authorization controls have generally been successful.  The failure of the Federation's authentication protocols is surprising, since they have the technology to simultaneously implement all three of the major authentication methods with ease, and such a combined approach would make their systems much more secure.

Revision as of 16:24, 19 February 2013

Personal tools