IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

<strong>IT</strong> <strong>Baseline</strong> <strong>Protection</strong> of Generic Components Crypto-concept<br />

_________________________________________________________________________________________<br />

Organisation:<br />

- S 2.161 (1) Development of a cryptographic concept<br />

- S 2.162 (1) Determining the need to use cryptographic procedures and products<br />

- S 2.163 (1) Determining the factors influencing cryptographic procedures and products<br />

- S 2.164 (1) Selection of a suitable cryptographic procedure<br />

- S 2.165 (1) Selection of a suitable cryptographic product<br />

- S 2.166 (1) Provisions governing the use of crypto modules<br />

- S 2.35 (1) Obtaining information on security weaknesses of the system<br />

- S 2.39 (2) Response to violations of security policies<br />

- S 2.46 (2) Appropriate key management<br />

Personnel:<br />

- S 3.4 (1) Training before actual use of a program<br />

- S 3.5 (1) Education on <strong>IT</strong> security measures<br />

- S 3.23 (1) Introduction to basic cryptographic terms<br />

Hardware & Software:<br />

- S 4.85 (3) Design of suitable interfaces for crypto modules (optional)<br />

- S 4.86 (2) Secure separation of roles and configuration with crypto modules<br />

- S 4.87 (2) Physical security of crypto modules (optional)<br />

- S 4.88 (2) Operating system security requirements when using crypto modules<br />

- S 4.89 (3) Emission security (optional)<br />

- S 4.90 (3) Use of cryptographic procedures on the various layers of the ISO/OSI reference model<br />

Contingency Planning:<br />

- S 6.56 (2) Data backup when using cryptographic procedures<br />

Many other components contain safeguards which touch upon the topic of cryptographic procedures<br />

and can be considered as implementation examples. For example, these include:<br />

- S 4.29 Use of an encryption product for laptop PCs<br />

- S 4.30 Utilisation of the security functions offered in application programs<br />

- S 4.34 Using encryption, checksums or digital signatures<br />

- S 4.41 Use of a suitable PC security product<br />

- S 4.72 Database encryption<br />

- S 5.33 Secure remote maintenance via modem<br />

- S 5.34 Use of one-time passwords<br />

- S 5.36 Encryption under UNIX and Windows NT<br />

- S 5.50 Authentication via PAP/CHAP<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!