cacert/cacert-policies
9
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

added Sections 7, 8

Browse source 
git-svn-id: http://svn.cacert.org/CAcert/Policies@1193 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
Ian Grigg 2009-03-04 21:22:38 +00:00
parent ab27240777
commit e66491d7cb
1 changed files with 136 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

141
SecurityPolicy.html
View file

@ -186,6 +186,12 @@ the SM is under the direct control of the Systems Administration team.
It is located and version-controlled on the CAcert wiki. It is located and version-controlled on the CAcert wiki.
</p> </p>
<p>
Section Headings are the same in both documents.
Where Section Headings are empty in one document,
they are expected to be documented in the other.
</p>
<h4><a name="1.4.3">1.4.3.</a> The Security Procedures </h4> <h4><a name="1.4.3">1.4.3.</a> The Security Procedures </h4>
<p> <p>
@ -624,7 +630,6 @@ Operational backups may be online and local.
</p> </p>
<h4> <a name="4.3.2">4.3.2.</a> Frequency </h4> <h4> <a name="4.3.2">4.3.2.</a> Frequency </h4>
<p>Document.</p>
<h4> <a name="4.3.3">4.3.3.</a> Storage </h4> <h4> <a name="4.3.3">4.3.3.</a> Storage </h4>
<p> <p>
@ -633,7 +638,6 @@ Offline backups should be distributed.
</p> </p>
<h4> <a name="4.3.4">4.3.4.</a> Retention period and Re-use </h4> <h4> <a name="4.3.4">4.3.4.</a> Retention period and Re-use </h4>
<p>Document.</p>
<h4> <a name="4.3.5">4.3.5.</a> Encryption </h4> <h4> <a name="4.3.5">4.3.5.</a> Encryption </h4>
<p> <p>
@ -673,7 +677,6 @@ See CCA.
</p> </p>
<h4> <a name="4.4.2">4.4.2.</a> System logs </h4> <h4> <a name="4.4.2">4.4.2.</a> System logs </h4>
<p>Document.</p>
<h4> <a name="4.4.3">4.4.3.</a> Incident reports </h4> <h4> <a name="4.4.3">4.4.3.</a> Incident reports </h4>
<p> <p>
@ -682,7 +685,6 @@ Access to incident reports is restricted.
</p> </p>
<h3> <a name="4.5">4.5.</a> Cycling </h3> <h3> <a name="4.5">4.5.</a> Cycling </h3>
<p>Document.</p>
@ -731,7 +733,7 @@ Evidence must be secured if the severity is high.
</p> </p>
<h3> <a name="5.5">5.5.</a> Response </h3> <h3> <a name="5.5">5.5.</a> Response </h3>
<p>Document.</p>
<h3> <a name="5.6">5.6.</a> Report </h3> <h3> <a name="5.6">5.6.</a> Report </h3>
<p> <p>
A report should be appended to the documentation of the investigation, A report should be appended to the documentation of the investigation,
@ -781,9 +783,138 @@ contact information needed.
<h2><a name="7">7.</a> SOFTWARE DEVELOPMENT</h2> <h2><a name="7">7.</a> SOFTWARE DEVELOPMENT</h2>
<p>
Software development team is responsible
for the security of the code.
</p>
<h3> <a name="7.1"> 7.1. </a> Authority </h3>
<p>
The source code is under CCS.
Additions to the team are approved by Board
</p>
<h3> <a name="7.2"> 7.2. </a> Tasks </h3>
<p>
The primary tasks are:
</p>
<ol><li>
Keep the code secure,
</li><li>
Fix security bugs, including incidents,
</li><li>
Audit, Verify and sign-off proposed patches,
</li><li>
Assist Systems Administration team in inserting patches,
</li><li>
Provide guidance for architecture,
</li></ol>
<p>
Software Development is not primarily tasked to write the code.
In principle, anyone can submit code changes for approval.
</p>
<h3> <a name="7.3"> 7.3. </a> Repository </h3>
<p>
The application code and patches are maintained in a
central version control system by the
software development team.
</p>
<p>
The integrity of the central version control system
is crucial for the integrity of the applications running
on the critical systems.
</p>
<h3> <a name="7.4"> 7.4. </a> Review </h3>
<p>
Patches are signed off by the team leader
or his designated reviewer.
Each software change should be reviewed
by a person other than the author.
Author and sign-off must be logged.
</p>
<h3> <a name="7.5"> 7.5. </a> Test and Bugs </h3>
<p>
Software Development team maintains a test system.
Each patch should be built and tested.
Test status of each patch must be logged.
</p>
<p>
Software Development team maintains a bug system.
Primary communications should go through this system.
Access should be granted to all software developers,
systems administrators, and patch contributors.
Access may be granted to other Members.
</p>
<h3> <a name="7.6"> 7.6. </a> Handover </h3>
<p>
Once signed off, software development (team leader)
coordinates with systems administration (team leader)
to offer the patch.
Software development people are not to have access
to the critical systems, providing a dual control
at the teams level.
</p>
<p>
If compilation and/or other processing of the
application source code in the version control system
is necessary to deploy the application,
detailed installation instructions should also be
maintained in the version control system and offered to the
system administrators.
</p>
<p>
Systems administrators copy the patches securely
from the repository onto the critical machine.
See &sect;3.3.
</p>
<h2><a name="8">8.</a> SUPPORT</h2> <h2><a name="8">8.</a> SUPPORT</h2>
<h3> <a name="8.1"> 8.1. </a> Authority </h3>
<p>
The access interface is under CCS.
Additions to the team are approved by Board
</p>
<h3> <a name="8.2"> 8.2. </a> Responsibilities </h3>
<h3> <a name="8.3"> 8.3. </a> Channels </h3>
<h3> <a name="8.4"> 8.4. </a> Interface </h3>
<p>
Access to Member's private information is restricted.
Support staff may be authorised by the Board
to access any additional, restricted interfaces.
Each such special access is managed by the team leader.
</p>
<h3> <a name="8.5"> 8.5. </a> Records and Logs </h3>
<ul>
<li> use of restricted interfaces must be logged. </li>
<li> all support channels should be logged. </li>
<li> private requests for support should be referred to proper channels and logged there (e.g., by CCs) </li>
</ul>
<h3> <a name="8.6"> 8.6. </a> Arbitration </h3>
<h2><a name=Documents"9">9.</a> ADMINISTRATIVE</h2></h3> <h2><a name=Documents"9">9.</a> ADMINISTRATIVE</h2></h3>