IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Hardware & Software Remarks<br />

____________________________________________________________________ .........................................<br />

S 4.99 <strong>Protection</strong> against subsequent changes to<br />

information<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrators, users<br />

Files which are passed on to third parties can generally also be edited by those<br />

third parties. This is not always in the interest of the creator of the files. A<br />

form of protection against subsequent changes, the forwarding of extracts or<br />

further processing would therefore be desirable.<br />

A problem that is often encountered is that information is made available to<br />

third parties via the Internet or other networks, but it may not be intended that<br />

it should be printed out hundreds of times or integrated seamlessly into other<br />

documents.<br />

<strong>The</strong>re are various solutions to this, which in some cases can also be combined<br />

with each other. Examples here are:<br />

- Using digital signatures in order to prevent changes from being made to<br />

files without this being noticed (see also S 4.34 Using encryption,<br />

checksums or digital signatures or S 3.23 Introduction to basic<br />

cryptographic terms).<br />

- Adding copyright notices to WWW information or files. <strong>The</strong>se can be<br />

formulated as follows: "This document and all of its parts is protected by<br />

copyright. Any use of the document outside the constraints of the<br />

Copyright Act without the approval of the author is inadmissible and<br />

punishable." and "Copyright (©) 7/1999 by BSI".<br />

- <strong>The</strong> use of file formats which make it more difficult to make subsequent<br />

changes or edit extracts in any way. Postscript can be used for this, for<br />

example, or the security properties of application programs, such as in the<br />

case of PDF files.<br />

PDF documents can be assigned access restrictions when they are created.<br />

<strong>The</strong> opening, printing or copying of PDF files can be inhibited, for<br />

example.<br />

Two types of password can be assigned with Acrobat Exchange, i.e. the<br />

application with which PDF files can be created and edited. One type of<br />

password is required for opening the document, and the other for changing<br />

the security attributes. PDF documents that are protected against<br />

unauthorised opening are encrypted with RC4. <strong>The</strong> following functions can<br />

be inhibited using the security attributes:<br />

- Printing<br />

- Modifying the document<br />

- Selecting text or graphics<br />

- Adding or changing notes and form fields<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!