This paper investigates fundamental security issues and
the growing impact of security breaches on computer networks.
Cost-effective security measures, such as asset-threat
analysis, enable monitoring of security levels in complex
systems. An evaluation of one technique, called the Livermore
Risk Analysis Methodology (LRAM) is documentedC 1 ] .
Untrusted communication lines, unauthorized access and
unauthorized dissemination of information must be contained.
The complexity and corresponding sophistication of
systems and the reliance of management on information
generated by these systems make them attractive targets for
computer related crimes. A profile of computer criminals and
their crimes emphasize the importance of management
involvement and social ethics as determents to crime. An
overview of system security, control concepts, communication
and transmission security, and a discussion of threats,
vulnerabilities, and countermeasures is provided. The growing
need for risk management models is presented as well as an
overview of LRAM. Risk assessment of a specific system case
study and risk profiles are developed using LRAM.