Interesting People mailing list archives
ip: THE TRUSTED OFFICE OF THE FUTURE
From: Dave Farber <farber () cis upenn edu>
Date: Tue, 25 Feb 1997 14:56:48 -0500
By the way when you read this it was written over ten years ago. Just how much has changed? Dave TITLE: THE TRUSTED OFFICE OF THE FUTURE AUTHORS: Prof. David J. Farber, University of Delaware Peter G. von Glahn, University of Delaware Stephen T. Walker, Trusted Information Systems, Inc. ABSTRACT: Several studies have examined the character of the office of the future. They generally looked at handling routine information and at general information processing. In any real office, however, a certain amount of non- routine, sensitive information must also be handled. Personnel, financial, patent-related, or proprietary corporate information as well as government classified information fall into this latter category. We believe that it is possible and desirable to handle this non-routine information using the same computer tools as are used to handle routine matters. This paper describes an architecture and a family of tools that allow information with varying sensitivities to be thus handled. We assume that organizations and offices of the future will not be too different from those of today. Human beings will run these offices using procedures not far removed from today's. We assume that this future office will be fully computerized and that everyone will have his or her personal computer. All the personal computers will be linked together with a local computer network. Certain resources (e.g., large file stores, printers, high speed computational engines) will still be expensive in the future thus, sharing them among many users will be common. This sharing will take place using the same network that links the personal computers. Since neither the common resources nor the computer networks will be cheap, using one system to handle both routine and sensitive information will be common. This integrated system use will make the computers more acceptable to users and management. (In fact, personal computers and office networks may not be accepted until this can be done.) Rather than invent new procedures for handling this mix of material, we propose to extend current office information-handling practice into what we call the Trusted Office of the Future. We base our Trusted Office of the Future on a distributed network architecture made up of personal computers and isolated specialized servers linked together with a local computer network. We feel that such an architecture can be made safe for use with sensitive information and is capable of growth as needs change. This safety can be provided by integrating security-related features into each member of the network. Since each member can be trusted to deal with sensitive information properly, we call our system the Trusted Office System. We anticipate that each worker in the office of the future will have his or her own Personal Work Place connected to the office computer network. The Personal Work Place, we envision, will be a dedicated microprocessor-based personal computer or workstation with built-in user interfaces and mass storage. It will provide the tools and local storage the worker needs to do his or her work. We assume that workers dealing with sensitive materials are trusted to do their jobs properly and maintain security since they can be held accountable for their actions. Therefore, they will be free to manipulate both routine and sensitive information within their Personal Work Place as required. Embedded within the Personal Work Place will be a hardware/software module we call the Private Secretary. The Private Secretary will handle security functions as well as provide the network interface for the Personal Work Place. Besides Personal Work Places, a collection of servers will reside on the network. These will be single purpose computers, each with a hardware/software module similar to the Private Secretary to handle security. Archival storage will be handled by file servers. Hard copy printout will be handled by a print server augmented by a personnel identification module (to validate a user's identification prior to delivering sensitive material to him or her). Computational servers will handle database and number- crunching functions on a single-user-at-a-time basis (to eliminate security problems associated with multiple users). A security server will handle system security administration. Since we assume the existence of multiple offices, each with its own local network, an office gateway server will handle interoffice traffic. It will provide security encapsulation and routing for this traffic. It will also maintain a local user directory to process incoming interoffice communications. This paper is divided into four sections. The first expands on our assumptions about the environment of the office of future. The second gives an overview of current (non-computerized) office practice for handling a mix of routine and sensitive material. The next section suggests an extension of this practice into the office of the future. The final section presents our thoughts on how such a Trusted Office of the Future could be realized.
Current thread:
- ip: THE TRUSTED OFFICE OF THE FUTURE Dave Farber (Feb 25)