INFORMATION SECURITY IN THE SMALL SYSTEMS CONTEXT - A FRAMEWORK FOR UNDERSTANDING

This paper presents a framework for better understanding of small systems security research. Small computer systems are defined as personal computers, local area networks, and multi-user and similar installations, including everything from powerful network servers and scientific work-stations to notebooks, palm-tops and personal organizers. Two important differentiating characteristics of small systems environments are identified as (1) the segregation of functions that is possible in many large systems environments but frequently not possible in the smaller system context, and (2) the difficulty encountered in the small systems environment, in attracting, developing and retaining specialized technical expertise. These two characteristics are found to be common to three main small system environments: (1) small business organizational systems, (2) end user computing, and (3) down-sized/distributed computing. A framework for interrelating the characteristics of small computer systems and die three environments is proposed.