The need to license and restrict the users of general purpose computers

Oct 24, 1997

Abstract

In the last years more research has been done on computer and network security. However, for different reasons, security measures are not widely implemented. Making matters worse, todays computers organize the distribution of life supporting resources such as water, electricity and food. Such computers are often connected to a network. This is now called the Critical Information Infrastructure. Those managing these computers often have no clue of the potential danger of installing insecure software. More research on the topic alone is insufficient to prevent a potential disaster. Several other issues need to be addressed, as we will discuss.

We discuss several approaches to deal with these issues. First, software developers should be forced to take responsibility for faults in their software. Secondly, we will argue that computer users need a license. Those who use computers for their personal reasons should have no difficulty in getting a license that clearly states for what applications it can and cannot be used. Those who want a license to manage a computer in a more critical application should have to take a test. Thirdly and more controversially, we will argue that the concept of general computer is inherently a bad idea from a security viewpoint. We propose that it should be made very hard to install whatever software on computers that run critical applications.