diff --git a/SecurityPolicy.html b/SecurityPolicy.html index b50ac68..0b38808 100644 --- a/SecurityPolicy.html +++ b/SecurityPolicy.html @@ -186,6 +186,12 @@ the SM is under the direct control of the Systems Administration team. It is located and version-controlled on the CAcert wiki.

+

+Section Headings are the same in both documents. +Where Section Headings are empty in one document, +they are expected to be documented in the other. +

+

1.4.3. The Security Procedures

@@ -624,7 +630,6 @@ Operational backups may be online and local.

4.3.2. Frequency

-

Document.

4.3.3. Storage

@@ -633,7 +638,6 @@ Offline backups should be distributed.

4.3.4. Retention period and Re-use

-

Document.

4.3.5. Encryption

@@ -673,7 +677,6 @@ See CCA.

4.4.2. System logs

-

Document.

4.4.3. Incident reports

@@ -682,7 +685,6 @@ Access to incident reports is restricted.

4.5. Cycling

-

Document.

@@ -731,7 +733,7 @@ Evidence must be secured if the severity is high.

5.5. Response

-

Document.

+

5.6. Report

A report should be appended to the documentation of the investigation, @@ -781,9 +783,138 @@ contact information needed.

7. SOFTWARE DEVELOPMENT

+ +

+Software development team is responsible +for the security of the code. +

+ +

7.1. Authority

+ +

+The source code is under CCS. +Additions to the team are approved by Board +

+ +

7.2. Tasks

+

+The primary tasks are: +

+
  1. + Keep the code secure, +
  2. + Fix security bugs, including incidents, +
  3. + Audit, Verify and sign-off proposed patches, +
  4. + Assist Systems Administration team in inserting patches, +
  5. + Provide guidance for architecture, +
+ +

+Software Development is not primarily tasked to write the code. +In principle, anyone can submit code changes for approval. +

+ + +

7.3. Repository

+ +

+The application code and patches are maintained in a +central version control system by the +software development team. +

+ +

+The integrity of the central version control system +is crucial for the integrity of the applications running +on the critical systems. +

+ +

7.4. Review

+ +

+Patches are signed off by the team leader +or his designated reviewer. +Each software change should be reviewed +by a person other than the author. +Author and sign-off must be logged. +

+ +

7.5. Test and Bugs

+ +

+Software Development team maintains a test system. +Each patch should be built and tested. +Test status of each patch must be logged. +

+ +

+Software Development team maintains a bug system. +Primary communications should go through this system. +Access should be granted to all software developers, +systems administrators, and patch contributors. +Access may be granted to other Members. +

+ +

7.6. Handover

+ +

+Once signed off, software development (team leader) +coordinates with systems administration (team leader) +to offer the patch. +Software development people are not to have access +to the critical systems, providing a dual control +at the teams level. +

+ +

+If compilation and/or other processing of the +application source code in the version control system +is necessary to deploy the application, +detailed installation instructions should also be +maintained in the version control system and offered to the +system administrators. +

+ +

+Systems administrators copy the patches securely +from the repository onto the critical machine. +See §3.3. +

+ +

8. SUPPORT

+

8.1. Authority

+

+The access interface is under CCS. +Additions to the team are approved by Board +

+ +

8.2. Responsibilities

+ +

8.3. Channels

+ +

8.4. Interface

+

+Access to Member's private information is restricted. +Support staff may be authorised by the Board +to access any additional, restricted interfaces. +Each such special access is managed by the team leader. +

+ +

8.5. Records and Logs

+ + +

8.6. Arbitration

+

9. ADMINISTRATIVE