Copied directly from SM in wiki, 1st introductory chapter only, as a starter.
git-svn-id: http://svn.cacert.org/CAcert/Policies@1172 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
parent
46fd411932
commit
4229f2f1a6
1 changed files with 156 additions and 0 deletions
156
SecurityPolicy.html
Normal file
156
SecurityPolicy.html
Normal file
|
@ -0,0 +1,156 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
||||
<html><head>
|
||||
<meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8"><title>Security Policy</title>
|
||||
|
||||
<style type="text/css">
|
||||
<!--
|
||||
P { color: #000000 }
|
||||
TD P { color: #000000 }
|
||||
H1 { color: #000000 }
|
||||
H2 { color: #000000 }
|
||||
DT { color: #000000 }
|
||||
DD { color: #000000 }
|
||||
H3 { color: #000000 }
|
||||
TH P { color: #000000 }
|
||||
-->
|
||||
</style></head>
|
||||
<body style="direction: ltr; color: rgb(0, 0, 0);" lang="en-GB">
|
||||
<h1>Security Policy for CAcert Systems</h1>
|
||||
<p><a href="PolicyOnPolicy.html"><img src="Images/cacert-wip.png" id="graphics1" alt="CAcert Security Policy Status == wip" align="bottom" border="0" height="33" width="90"></a>
|
||||
<br>
|
||||
Creation date: 2009-02-16<br>
|
||||
Status: <i>work-in-progress</i>
|
||||
</p>
|
||||
|
||||
<h2><a name="1">1.</a> Introduction</h2>
|
||||
|
||||
<h3><a name="1.1">1.1.</a> Motivation and Scope </h3>
|
||||
<p>
|
||||
This Security Manual sets out required procedures for the secure operation of the CAcert critical computer systems. These systems include:
|
||||
<ol><li>
|
||||
Physical hardware mounting the logical services
|
||||
</li><li>
|
||||
Webserver + database (core server(s))
|
||||
</li><li>
|
||||
Signing service (signing server)
|
||||
</li><li>
|
||||
Support interface
|
||||
</li><li>
|
||||
Source code (changes and patches)
|
||||
</li></ol>
|
||||
</p>
|
||||
|
||||
<h4><a name="1.1.1">1.1.1.</a> Effected Personnel </h4>
|
||||
|
||||
These roles and teams are effected:
|
||||
|
||||
<ul><li>
|
||||
Hardware Controllers (Oophaga)
|
||||
</li><li>
|
||||
Direct Hardware Access Systems Administrators
|
||||
(as listed in Oophaga Appendix B Access List)
|
||||
</li><li>
|
||||
Application Administrators
|
||||
(online access to critical systems at Unix level)
|
||||
</li><li>
|
||||
Support Team
|
||||
(online access via administration interfaces)
|
||||
</li><li>
|
||||
Software Development Team
|
||||
(approval of application code)
|
||||
</li></ul>
|
||||
</p>
|
||||
|
||||
<h4><a name="1.1.1">1.1.2.</a> Out of Scope </h4>
|
||||
|
||||
<p>
|
||||
Non-critical systems are not covered by this manual,
|
||||
but may be guided by it, and impacted where they are
|
||||
found within the security context.
|
||||
Architecture is out of scope, see CPS#6.2.
|
||||
</p>
|
||||
|
||||
<h3><a name="1.2">1.2.</a> Principles </h3>
|
||||
<p>
|
||||
Important principles of this Security Manual are:
|
||||
|
||||
<ul><li>
|
||||
<i>dual control</i> -- at least two individuals must control a task
|
||||
</li><li>
|
||||
<i>4 eyes</i> -- at least two individuals must be present during a task,
|
||||
one to execute and one to observe.
|
||||
</li><li>
|
||||
<i>redundancy</i> -- no single individual is the only one authorized
|
||||
to perform a task.
|
||||
</li><li>
|
||||
<i>escrow</i> -- where critical information (backups, passwords)
|
||||
is kept with other parties
|
||||
</li><li>
|
||||
<i>logging</i> -- where events are recorded in a file
|
||||
</li><li>
|
||||
<i>separation of concerns</i> -- when a core task is split between
|
||||
two people from different areas
|
||||
</li><li>
|
||||
<i>Audit</i> -- where external reviewers do checks on practices and policies
|
||||
</li></ul>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
Each task or asset is covered by a variety of protections
|
||||
deriving from the above principles.
|
||||
</p>
|
||||
|
||||
<h3><a name="1.3">1.3.</a> Definition of Terms</h3>
|
||||
<dl>
|
||||
<dt><i>Systems Administrator</i> </dt>
|
||||
<dd>
|
||||
A Member who manages a critial system, and has access
|
||||
to security-sensitive functions or data.
|
||||
</dd>
|
||||
|
||||
<h3><a name="1.4">1.4.</a> Version control</h3>
|
||||
|
||||
<h4><a name="1.4.1">1.4.1.</a> The Security Policy Document </h3>
|
||||
<p>
|
||||
This Security Policy is part of the configuration-control specification
|
||||
for audit purposes (DRC).
|
||||
It is under the control of Policy on Policy for version purposes.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
This policy document says what is done, rather than how to do it.
|
||||
</p>
|
||||
|
||||
<h4><a name="1.4.2">1.4.2.</a> The Security Manual (Practices) Document </h3>
|
||||
|
||||
<p>
|
||||
This Policy explicitly defers detailed security practices to the
|
||||
<a href="http://wiki.cacert.org/wiki/SecurityManual">Security Manual</a>
|
||||
("SM"),
|
||||
The SM says how things are done.
|
||||
As practices are things that vary from time to time,
|
||||
including between each event of practice,
|
||||
the SM is under the direct control of the Systems Administration team.
|
||||
It is located and version-controlled on the CAcert wiki.
|
||||
</p>
|
||||
|
||||
<h4><a name="1.4.3">1.4.3.</a> The Security Procedures </h3>
|
||||
|
||||
<p>
|
||||
The Systems Administration team may from time to time
|
||||
explicitly defer single, cohesive components of the
|
||||
security practices into separate procedures documents.
|
||||
Each procedure should be managed in a wiki page under
|
||||
their control, probably at
|
||||
<a href="http://wiki.cacert.org/wiki/SystemAdministration/Procedures">
|
||||
SystemAdministrationProcedures</a>.
|
||||
Each procedure must be referenced explicitly in the Security Manual.
|
||||
</p>
|
||||
|
||||
|
||||
<h2><a name="end">End</a></h2>
|
||||
<p>This is the end of the Security Policy.</p>
|
||||
<p><a href="http://validator.w3.org/check?uri=referer"><img src="Images/valid-xhtml11-blue" id="graphics2" alt="Valid XHTML 1.1" align="bottom" border="0" height="33" width="90"></a>
|
||||
</p>
|
||||
</body></html>
|
||||
|
Loading…
Reference in a new issue