cacert
/
cacert-policies
8
1
Fork 0
Code Issues 3 Pull Requests 1 Packages Projects Releases Wiki Activity

added 9.3.2. suggested notifications. fixed inconsistent capitalisation.

Browse Source 
git-svn-id: http://svn.cacert.org/CAcert/Policies@1883 14b1bab8-4ef6-0310-b690-991c95c89dfd
pull/1/head
Ian Grigg 15 years ago
parent 9ba5d64a9c
commit e1fb84d652
1 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File

41
SecurityPolicy.html
Unescape Escape View File

@ -337,7 +337,7 @@ The following steps are to be taken:
Records of secure erasure and method of final disposal Records of secure erasure and method of final disposal
shall be tracked in the asset inventory. shall be tracked in the asset inventory.
Where critical data is involved, Where critical data is involved,
two systems administrators must sign-off on each step. two Systems Administrators must sign-off on each step.
</p> </p>
<h3 id="s2.3">2.3. Physical Access </h3> <h3 id="s2.3">2.3. Physical Access </h3>
@ -359,10 +359,10 @@ Access to physical equipment must be authorised.
<p> <p>
The Security Manual must present the different access profiles. The Security Manual must present the different access profiles.
At least one Access Engineer must control access in all cases. At least one Access Engineer must control access in all cases.
At least one systems administrator will be present for At least one Systems Administrator will be present for
logical access. logical access.
Only the most basic and safest of accesses should be done with Only the most basic and safest of accesses should be done with
one systems administrator present. one Systems Administrator present.
</p> </p>
<p> <p>
@ -388,7 +388,7 @@ All physical accesses are logged and reported to all.
<p> <p>
There must not be a procedure for emergency access. There must not be a procedure for emergency access.
If, in the judgement of the systems administrator, If, in the judgement of the Systems Administrator,
emergency access is required and gained, emergency access is required and gained,
in order to avoid a greater harm, in order to avoid a greater harm,
independent authorisation before the independent authorisation before the
@ -412,7 +412,7 @@ codes and devices (keys) are to be authorised and documented.
<p> <p>
Current and complete diagrams of the physical and logical Current and complete diagrams of the physical and logical
CAcert network infrastructure shall be maintained by CAcert network infrastructure shall be maintained by
systems administration team leader. Systems Administration team leader.
These diagrams should include cabling information, These diagrams should include cabling information,
physical port configuration details, physical port configuration details,
expected/allowed data flow directions, expected/allowed data flow directions,
@ -490,7 +490,7 @@ Documentation for installing and configuring servers with the appropriate softwa
<h4 id="s3.2.3"> 3.2.3. Patching </h4> <h4 id="s3.2.3"> 3.2.3. Patching </h4>
<p> <p>
Software used on production servers must be kept current with respect to patches affecting software security. Patch application is governed by CCS and must be approved by the systems administration team leader, fully documented in the logs and reported by email to the systems administration list on completion (see &sect;4.2). Software used on production servers must be kept current with respect to patches affecting software security. Patch application is governed by CCS and must be approved by the Systems Administration team leader, fully documented in the logs and reported by email to the Systems Administration list on completion (see &sect;4.2).
</p> </p>
<h5 id="s3.2.3.1"> 3.2.3.1. “emergency” patching </h5> <h5 id="s3.2.3.1"> 3.2.3.1. “emergency” patching </h5>
@ -503,7 +503,7 @@ of software has become known
an emergent local exploit may also be deemed to be an emergency). an emergent local exploit may also be deemed to be an emergency).
Application of patches in this case may occur as soon as possible, Application of patches in this case may occur as soon as possible,
bypassing the normal configuration-change process. bypassing the normal configuration-change process.
The systems administration team leader must either approve the patch The Systems Administration team leader must either approve the patch
<span class="change"> <span class="change">
or or
</span> </span>
@ -511,7 +511,7 @@ instruct remedial action, and refer the case to dispute resolution.
</p> </p>
<p> <p>
<b> <!-- this comment left in bold deliberatel --> <b> <!-- this comment left in bold deliberately -->
Declaration of an emergency patching situation should not occur with any regularity. Declaration of an emergency patching situation should not occur with any regularity.
</b> </b>
Emergency patch events must be documented Emergency patch events must be documented
@ -570,25 +570,25 @@ authorisations on the below access control lists
<td>Systems Administrators</td> <td>Systems Administrators</td>
<td>hardware-level for installation and recovery</td> <td>hardware-level for installation and recovery</td>
<td>exclusive with Access Engineers and Software Assessors</td> <td>exclusive with Access Engineers and Software Assessors</td>
<td><span class="change">systems administration team leader</span> <span class="strike">Board of CAcert (or designee)</span></td> <td><span class="change">Systems Administration team leader</span> <span class="strike">Board of CAcert (or designee)</span></td>
</tr><tr> </tr><tr>
<td>SSH Access List</td> <td>SSH Access List</td>
<td>Systems Administrators <span class="change">and Application Engineers </span></td> <td>Systems Administrators <span class="change">and Application Engineers </span></td>
<td>Unix / account / shell level</td> <td>Unix / account / shell level</td>
<td> includes by default all on Physical Access List </td> <td> includes by default all on Physical Access List </td>
<td>systems administration team leader</td> <td>Systems Administration team leader</td>
</tr><tr> </tr><tr>
<td>Repository Access List</td> <td>Repository Access List</td>
<td>Application Engineers</td> <td>Application Engineers</td>
<td>change the source code repository and install patches to application</td> <td>change the source code repository and install patches to application</td>
<td>exclusive with Access Engineers and systems administrators</td> <td>exclusive with Access Engineers and Systems Administrators</td>
<td>software assessment team leader</td> <td>software assessment team leader</td>
</tr><tr> </tr><tr>
<td>Support Access List</td> <td>Support Access List</td>
<td>Support Engineer</td> <td>Support Engineer</td>
<td>support features in the web application</td> <td>support features in the web application</td>
<td> includes by default all <span class="change">Application Engineers</span> <span class="strike">systems administrators </span> </td> <td> includes by default all <span class="change">Application Engineers</span> <span class="strike">Systems Administrators </span> </td>
<td><span class="strike">systems administration</span> <span class="change">support</span> team leader</td> <td><span class="strike">Systems Administration</span> <span class="change">support</span> team leader</td>
</tr></table> </tr></table>
@ -620,7 +620,7 @@ See &sect;9.1.7.
<h3 id="s4.1">4.1. System administration </h3> <h3 id="s4.1">4.1. System administration </h3>
<p> <p>
Primary systems administration tasks Primary Systems Administration tasks
shall be conducted under four eyes principle. shall be conducted under four eyes principle.
These shall include backup performance verification, These shall include backup performance verification,
software patch application, software patch application,
@ -755,7 +755,7 @@ For any other purpose than verification of the success of the backup, see next.
<h4 id="s4.3.7">4.3.7. Key Management </h4> <h4 id="s4.3.7">4.3.7. Key Management </h4>
<p> <p>
The encryption keys must be stored securely by the The encryption keys must be stored securely by the
CAcert systems administrators. CAcert Systems Administrators.
Paper documentation must be stored with manual backups. Paper documentation must be stored with manual backups.
</p> </p>
@ -843,7 +843,7 @@ A full copy should be appended to the
documentation of the investigation. documentation of the investigation.
Sensitive information may be pushed out into Sensitive information may be pushed out into
a restricted appendix of the report. a restricted appendix of the report.
The systems administration team leader is responsible The Systems Administration team leader is responsible
for publication and maintenance. for publication and maintenance.
</p> </p>
@ -958,7 +958,7 @@ software assessment team.
<ul class="q"> <ul class="q">
<li> is this something that can be and is being run by systems administration team? </li> <li> is this something that can be and is being run by Systems Administration team? </li>
<li> Or are their two, the test one and the critical one? </li> <li> Or are their two, the test one and the critical one? </li>
<li> Like this: </li> <li> Like this: </li>
</ul> </ul>
@ -972,7 +972,7 @@ software assessment team.
<p class="change"> <p class="change">
The production code is maintained in a secure production repository The production code is maintained in a secure production repository
within the critical systems that is run by the within the critical systems that is run by the
systems administation team. Systems Administation team.
Access is made available to the Application Engineers. Access is made available to the Application Engineers.
</p> </p>
@ -1000,7 +1000,7 @@ Test status of each patch must be logged.
Software assessment team maintains a bug system. Software assessment team maintains a bug system.
Primary communications should go through this system. Primary communications should go through this system.
Management access should be granted to all Software Assessors, Management access should be granted to all Software Assessors,
software developers, and systems administrators. software developers, and Systems Administrators.
Bug submission access should be provided to Bug submission access should be provided to
any Member that requests it. any Member that requests it.
</p> </p>
@ -1332,12 +1332,13 @@ the CA at the executive level.
<p> <p>
All external inquiries of security import are filed as disputes and placed before the Arbitrator under DRP. All external inquiries of security import are filed as disputes and placed before the Arbitrator under DRP.
<span class="change">Board and applicable team leaders must be notified</span>.
</p> </p>
<p> <p>
Only the Arbitrator has the authority Only the Arbitrator has the authority
to deal with external requests and/or create a procedure. to deal with external requests and/or create a procedure.
Access Engineers, systems administrators, Access Engineers, Systems Administrators,
support engineers, support engineers,
Board members and other key roles Board members and other key roles
do not have the authority to answer legal inquiry. do not have the authority to answer legal inquiry.

Write Preview
Loading…
Cancel
Save