Difference between revisions of "Information security"
m |
|||
Line 10: | Line 10: | ||
The Federation has repeatedly demonstrated poor information security protocols. | The Federation has repeatedly demonstrated poor information security protocols. | ||
*In [[TNG]] "The Hunted", for example, Roga Danar was able to disable a security force field by disabling one of the ship's security personnel and using his communicator to order the computer to drop the force field. He was also able to access consoles in the ship's engineering section to reroute power to transporters and to determine where to plant a bomb to disable the [[Enterprise-D|Enterprise-D's]] sensor network. | *In [[TNG]] "The Hunted", for example, Roga Danar was able to disable a security force field by disabling one of the ship's security personnel and using his communicator to order the computer to drop the force field. He was also able to access consoles in the ship's engineering section to reroute power to transporters and to determine where to plant a bomb to disable the [[Enterprise-D|Enterprise-D's]] sensor network. | ||
*The Enterprise's computer has | *The Enterprise's computer has downloaded and executed untrusted code on multiple occasions (examples: TNG "Contagion" and TNG "Masks"). | ||
*In TNG "Brothers", [[Data|Commander Data]] was able to seize control of all of the Enterprise's command functions by mimicking the voice of [[Jean-Luc Picard|Captain Picard]]. | *In TNG "Brothers", [[Data|Commander Data]] was able to seize control of all of the Enterprise's command functions by mimicking the voice of [[Jean-Luc Picard|Captain Picard]]. | ||
*In TNG "Conundrum", an alien Sutteran was able to alter the content of the ship's database to mislead the crew into attacking the Lysians. | *In TNG "Conundrum", an alien Sutteran was able to alter the content of the ship's database to mislead the crew into attacking the Lysians. |
Revision as of 16:39, 2 January 2008
Information security is the intentional process of protecting stored information from unauthorized viewing or use. Proper information security procedures protect the following properties of information stores or sources:
- Availability: authorized users are able to access the information when they need it.
- Confidentiality: unauthorized users can not gain access to the information.
- Integrity: the information is not altered or destroyed in an unauthorized manner.
Proper information security involves physical protection of information stores as well as procedures to identify users attempting to gain acces to information and verify that they are authorized before granting access.
Information security in Star Trek
Federation starships store virtually all information in a central computer system. This system relies primarily on voice-recognition to authenticate users, although users may also set personal passwords to further control access to sensitive data or computer functions.
The Federation has repeatedly demonstrated poor information security protocols.
- In TNG "The Hunted", for example, Roga Danar was able to disable a security force field by disabling one of the ship's security personnel and using his communicator to order the computer to drop the force field. He was also able to access consoles in the ship's engineering section to reroute power to transporters and to determine where to plant a bomb to disable the Enterprise-D's sensor network.
- The Enterprise's computer has downloaded and executed untrusted code on multiple occasions (examples: TNG "Contagion" and TNG "Masks").
- In TNG "Brothers", Commander Data was able to seize control of all of the Enterprise's command functions by mimicking the voice of Captain Picard.
- In TNG "Conundrum", an alien Sutteran was able to alter the content of the ship's database to mislead the crew into attacking the Lysians.
- Federation starships are known to allow remote access to their command functions via a prefix code that can be transmitted from other starships, and remote commands can actually override orders issued from the target starship's bridge. Why the Federation would include such a dangerous feature in their warships is unclear.
Information security in Star Wars
The access protocols for Republic and Imperial computers are not clear, but their primary weakness seems to be inappropriate authorization settings for low priority systems.
- The astromech droid R2-D2 was granted access to the Death Star's computer network without legitimate credentials, but he was denied access to some information. For instance, he could remotely deactivate the station's garbage compactors, but he could not remotely cut the power to the station's tractor beams (although he could determine where to disable them manually).
- Similarly, R2-D2 was able to determine that Leia Organa was a prisoner on the station and where she was being held, but he could not locate an exit from her cell block other than the main entrance.
It may be worth noting that R2-D2 has been allowed to operate for decades without a memory erasure. This may have allowed the droid to accumulate an exceptionally large store of cracking tools and techniques.