An Analysis Of The Differences Between The Computer Security Fractices In The Military And Private Sectors

Abstract

Experts whe work to produce products to enhance computer security are often puzzled by the apparent lack of interest on the part of private sector companies in acquiring those products. Over the last decade, a nunber of new products have not found any substantial market even though they have elegant designs, careful implementations, and independent certification. Since most of these products have been developed in response to.requests from the Department of Defense, it is clear that there is some discrepancy between the requirements of the Military ard Private Sectors. This paper examines the requirements and practices of the two sectors. While the focus of the paper is on the differences between these two groups, there are also areas of common need which have been often overlooked. Some of these areas may provide ideas for future research and product development which would benefit everyone.