home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hackers Underworld 2: Forbidden Knowledge
/
Hackers Underworld 2: Forbidden Knowledge.iso
/
HACKING
/
POLICY.ASC
< prev
next >
Wrap
Text File
|
1994-07-17
|
21KB
|
623 lines
A Draft Security Policy
This draft policy is provided as a model for your organization's consideration
and adoption. It was prepared by the National Computer Security Association.
We would appreciate your comments or revisions to it. You may write
us at Suite 309, 4401-A Connecticut Av NW, Washington, DC 20008. Or
you may call our BBS at 202-364-1304. Or you may call voice at 202-364-8252.
BASIC REQUIREMENTS
Each of the six basic requirements defined below are used by DoD in
evaluating system security, and are appropriate throughout all computer
systems, regardless of their actual security requirements.
Security Policy
<B>There must be an explicit and well-defined security policy enforced
by the system.<D> Given identified subjects and objects, there must
be a set of rules that are used by the system to determine whether
a given subject can be permitted to gain access to a specific object.
Computer systems of interest must enforce a mandatory security policy
that can effectively implement access rules for handling sensitive
information. These rules include requirements such as: <MI><169>No
person lacking proper personnel security clearance shall obtain access
to classified information.<170><D> In addition, discretionary security
controls are required to ensure that only selected users or groups
of users may obtain access to data <197> for instance, based on a
need-to-know basis.
Marking
<B>Access control labels must be associated with objects<D>. In order
to control access to information stored in a computer, according to
the rules of a mandatory security policy, it must be possible to mark
every object with a label that reliably identifies the object's sensitivity
level and/or the modes of access accorded those subjects who may potentially
access the object.
Identification
<B>Individual subjects must be identified<D>. Each access to information
must be mediated based on who is accessing the information and what
classes of information they are authorized to deal with. This identification
and authorization information must be securely maintained by the computer
system and be associated with every active element that performs some
security-relevant action in the system.
Accountability
<B>Audit information must be selectively kept and protected so that
actions affecting security can be traced to the responsible party.<D>
A trusted system must be able to record the occurrences of security-relevant
events in an audit log. The capability to select the audit events
to be recorded is necessary to minimize the expense of auditing and
to allow efficient analysis. Audit data must be protected from modification
and unauthorized destruction to permit detection and after-the-fact
investigations of security violations.
Assurance
<B>The computer system must contain hardware/software mechanisms that
can be independently evaluated to provide sufficient assurance that
the system enforces the policy, marking, identification, and accountability
requirements described above.<D> In order to assure that the four
requirements are enforced by a computer system, there must be some
identified and unified collection of hardware and software controls
that perform these functions. These mechanisms are typically embedded
in the operating system of mainframes, or a combination of operating
system features and added application software on LANs, and are designed
to carry out the assigned tasks in a secure manner. The basis for
trusting such system mechanisms in their operational setting must
be clearly documented such that it is possible to independently examine
the evidence to evaluate their sufficiency.
Continuous Protection
<B>The trusted mechanisms that enforce these basic requirements must
be continuously protected against tampering and/or unauthorized changes.<D>
No computer system can be considered truly secure if the basic hardware
and software mechanisms that enforce the security policy are themselves
subject to unauthorized modification or subversion. The continuous
protection requirement has direct implications throughout the computer
system's lifecycle.
IMPLEMENTATION CONCERNS
<MU>Creating<D> a security policy is fairly simple. You can copy
the material that follows, for instance, and get the chief to sign
it. <MU>Implementing<D> a security policy is more difficult.
* The organizations with the most success in implementing security
policies with PC users are those who get away from a project orientation
and somehow convince all staff that security is an ongoing business
function.
While seemingly everyone concerned with security agree that a policy
is important, not everyone agrees that it should be agency-wide. For
example, NASA's Richard W. Carr believes that a standard approach
like the NSA's C2 level of safeguarding is not cost-effective. Because
so much of NASA's scientific data is made public, Carr has opted for
local approaches to safeguarding information, rather than an agency-wide
approach.
HARDWARE CONCERNS
Before reviewing sophisticated data security issues, it is necessary
to consider the basic physical protection of the equipment itself.
Access
Access to micros should be physically limited to authorized users. Untrained
or malicious individuals could damage or make inappropriate use of
the equipment or the accessible data. At some organizations, such
as GTE, the entire microcomputer is kept in a locked room. If users
are reluctant to do this when they are finished with it, then they
are provided with an external hard disk that can be locked up.
* Do not permit users to leave workstations or micros unattended,
particularly if they are tied to a network.
* Install timelocks that activate after an interval of no keyboard
activity, and require password to resume entry.
* Change all passwords immediately whenever an employee leaves the
organization.
* Change passwords routinely - perhaps every other month - of all
employees.
Theft
Personal computers and their component parts are high-value items. Secure
the rooms where the hardware is located, or install lockdown systems
securing the equipment to a table or desk.
Environmental Damage
Electrical Power
Computers are sensitive to the quality of electrical power. Use surge
protectors. Also, micros should be powered from a source isolated
from heavy appliances or office equipment.
Smoking, Eating, and Drinking
Smoke can damage disks. Food and ashes that are dropped in the keyboard
can work down into the mechanism and cause malfunctions. Smoking,
eating, and drinking should be prohibited in the vicinity of computers.
Static Electricity
Static electricity can badly damage a computer. This danger can be
minimized through the use of anti-static sprays, carpets, or pads.
Magnetic Media Protection
Particular attention should be given to the protection of magnetic
media, as it is the primary means of data storage.
Floppy Disks
Floppy disks should be handled with care.
* Always store in the protective jacket.
* Protect from bending or similar handling.
* Maintain an acceptable temperature range (50-125 degrees F.)
* Avoid contact with magnetic fields, such as telephone handsets.
* Do not write on the diskette, either directly or through the jacket
or sleeve.
Hard Disks
Rough handling of hard disks may damage the device. Take care not
to jostle the unit unnecessarily. Never power off the system without
performing the recommended shutdown procedures.
Media Declassification or Destruction
Magnetic media, such as disks and tapes, that contain sensitive or
classified information should not be put in regular waste containers. They
should be cleared by degaussing and reused, or rendered useless by
shredding