DoD Directive 8500.1 - Common Access Card (CAC)

More documents

Recommendations

Info

DODD 8500.1, October 24, 2002 (w) National Security Telecommunications and Information Systems Security Policy (NSTISSP) No. 11, "National Policy Governing the Acquisition of Information Assurance (IA) and IA-enabled Information Technology Products," January 2000 (x) DoD Directive 5160.54, "Critical Asset Assurance Program," January 20, 1998 (y) DoD 5220.22-M, "National Industrial Security Program Operating Manual," January 1995 and "National Industrial Security Program Operating Manual Supplement," February 1995 (z) Title 48, Code of Federal Regulations, "Federal Acquisition Regulations System," October 1, 19963 3 (aa) DoD 5000.2-R, "Mandatory Procedures for Major Defense Acquisition Programs (MDAP) and Major Automated Information System (MAIS) Acquisition Programs," December 2001 (ab) Information Assurance Technical Framework (IATF), Release 3.0, September 2000 4 (ac) DoD 7000.14-R, Vol 2B, Chapter 5, "DoD Financial Management Regulation," June 2000 (ad) Section 552a of title 5, United States Code, "The Privacy Act of 1974" (ae) Section 278g-3 of title 15, United States Code, "Computer Security Act of 1987" (af) DoD 5400.7-R, "DoD Freedom of Information Act Program," September 4, 1998 (ag) Section 552 of title 5, United States Code, "Freedom of Information Act " (ah) DoD Directive 5210.83, "Department of Defense Unclassified Controlled Nuclear Information (DoD UCNI)", November 15, 1991 (ai) DoD Directive 5230.25, "Withholding of Unclassified Technical Data from Public Disclosure," November 6, 1984 ________________ 3 Available at http://web1.deskbook.osd.mil/htmlfiles/rlcats.asp 4 Available at http://www.iatf.net 16 ENCLOSURE 1
DODD 8500.1, October 24, 2002 E2. ENCLOSURE 2 DEFINITIONS E2.1.1. Application. Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring or administrative privileges. Examples include office automation, electronic mail, web services, and major functional or mission software programs. E2.1.2. Authentication. Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information (reference (i)). E2.1.3. Authorized User. Any appropriately cleared individual with a requirement to access a DoD information system in order to perform or assist in a lawful and authorized governmental function. E2.1.4. Availability. Timely, reliable access to data and information services for authorized users (reference (i)). E2.1.5. Community Risk. Probability that a particular vulnerability will be exploited within an interacting population and adversely impact some members of that population. E2.1.6. Computer Network. The constituent element of an enclave responsible for connecting computing environments by providing short-haul data transport capabilities such as local or campus area networks, or long-haul data transport capabilities such as operational, metropolitan or wide area and backbone networks. E2.1.7. Computing Environment. Workstation or server (host) and its operating system, peripherals, and applications (reference (i)). E2.1.8. Confidentiality. Assurance that information is not disclosed to unauthorized entities or processes (reference (i)). E2.1.9. Connection Approval. Formal authorization to interconnect information systems. E2.1.10. Controlled Unclassified Information. A term used, but not specifically defined in reference (o), to refer to sensitive information as defined in paragraph E2.1.40., below. 17 ENCLOSURE 2
Page 1 and 2: Department of Defense DIRECTIVE NUM
Page 3 and 4: DODD 8500.1, October 24, 2002 2.3.
Page 5 and 6: DODD 8500.1, October 24, 2002 4.8.1
Page 7 and 8: DODD 8500.1, October 24, 2002 4.14.
Page 15: DODD 8500.1, October 24, 2002 E1. E
Page 19 and 20: DODD 8500.1, October 24, 2002 suppo
Page 21 and 22: DODD 8500.1, October 24, 2002 E2.1.
Page 23 and 24: DODD 8500.1, October 24, 2002 E2.1.
Page 25: DODD 8500.1, October 24, 2002 Infor

DoD Directive 8500.1 - Common Access Card (CAC)

Create successful ePaper yourself

Delete template?

Save as template?