Title: Computer Security Act 0 1987
Authors: Roe
Abstract:
- Report on Computer Security Act of 1987.
Title: Current_Meeting_Report_Ssphwg Minutes
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
- SSPHWG meeting report. The first pass draft of the Handbook was well received,
and the general consensus of attendees is to keep with the direction of the
document with one more pass at the next IETF in Colorado. Submission of the
Handbook to the Internet Draft process is projected to be in mid-December,
for publication as an RFC FYI at the end of 1990.
Title: Current_Meeting_Report_Ssphwg Minutes
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
- SSPHWG meeting report. Including the agenda, needs, what procedures and
policies should be in place, also including an overview of the handbook,
and list and discussion of issues, etc.
Title: Current_Meeting_Report_Ssphwg Minutes
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
- SSPHWG meeting report. Discussion of Handbook's current draft status from
29-Nov-90. It has been decided to go ahead with the I-D process to RFC
publication.
Title: Department of Commerce's Software Copyright Policy
Authors: Department of Commerce
Abstract:
- Department of Commerce's Software Copyright Policy. United States Code,
Title 17.
Title: Executive Guide to the Protection of Information Resources
Authors: National Institute of Standards and Technology
Abstract:
- The National Institute of Standards and Technology (NIST), is
responsible for developing standards, providing technical
assistance, and conducting research for computers and related
telecommunications systems. These activities provide technical
support to government and industry in the effective, safe, and
economical use of computers. With the passage of the Computer
Security Act of 1987 (P.L. 100-235), NIST's activities also
include the development of standards and guidelines needed to
assure the cost-effective security and privacy of sensitive
information in Federal computer systems. This guide is just one
of three brochures designed for a specific audience. The
"Managers Guide to the Protection of Information Resources" and
the "Computer User's Guide to the Protection of Information
Resources" complete the series.
Title: Federal Criteria for Information Technology Security
Authors: National Institute of Standards and Technology & NSA
Abstract:
- This paper is giving the community a clear view of the FC Project's
direction in moving beyond the TCSEC method of expressing requirements
in order to meet new IT security challenges, and also obtaining feedback
on the innovative approaches taken, the method of presentation, and
garnularity; finally, making a substantial contribution on the dialogue
among nations leading to the harmonization of IT security requirements
and evaluations.
Title: Financial Management Systems
Authors: U.S. Government
Abstract:
- This Circular prescribes policies and procedures to be followed by
executive departments and agencies in developing, operating, evaluating,
and reporting on financial management systems.
Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
- The purpose of this document is to provide a set of guidelines to aid
in the secure operation of the Internet.
Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
- The purpose of this document is to provide a set of guidelines to aid
in the secure operation of the Internet.
Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
- The purpose of this document is to provide a set of guidelines to aid
in the secure operation of the Internet.
Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
- The purpose of this document is to provide a set of guidelines to aid
in the secure operation of the Internet.
Title: Information Technology Security
Authors: Department of Commerce
Abstract:
- Department of Commerce's Chapter 10 of the DOC IT Management Handbook,
which contains the IT Security policies for the Dep}A130.ZIP, 06-06-94
Proposed Revision to OMB Circular A-130.
Title: Information Technology Security Manual
Authors: Department of Commerce
Abstract:
- Department of Commerce beginning sections of the DOC
"Information Technology Security Manual".
Title: Internal Control Systems
Authors: U.S. Government
Abstract:
- This circular prescribes policies and procedures to be followed by
executive departments and agencies in establishing, maintaining,
evaluating, improving, and reporting on internal controls in their
program and administrative activities.
Title: Internet Security Policy(WORKING DRAFT)
Authors: Richard Pethia Steve Crocker
Abstract:
- This is a working draft of a proposed Internet security policy for
your review and comment.
Title: Internet Security Policy Recommendations
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
- The purpose of this document is to provide a set of guidelines to aid
in the secure operation of the Internet.
Title: Internet Security Policy Recommendations(WORKING DRAFT)
Authors: Richard Pethia Steve Crocker
Abstract:
- This is a revised working draft of a proposed Internet security
policy for your review and comment. This is a revision of the
original October 9 draft.
Title: Management Guide to the Protection of Information Resources
Authors: National Institute of Standards and Technology
Abstract:
- The National Institute of Standards and Technology (NIST), is
responsible for developing standards, providing technical
assistance, and conducting research for computers and related
systems. These activities provide technical support to
government and industry in the effective, safe, and
economical use of computers. With the passage of the Computer
Security Act of 1987 (P.L. 100-235), NIST's activities also
include the development of standards and guidelines needed to
assure the cost-effective security and privacy of sensitive
information in Federal computer systems. This guide represents
one activity towards the protection and management of sensitive
information resources.
Title: Security Policy Handbook
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
- This handbook is a guide to setting computer security policies and
procedures for sites that have systems on the Internet. This guide
lists issues and factors that a site must consider when setting their
own policies. It makes some recommendations and gives discussions
relevant areas. This guide is only a framework for setting security
policies and procedures. In order to have an effective set of policies
and procedures, a site will have to make many decisions, gain
agreement, and then communicate and implement the policies.
Title: Security Policy Handbook
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
- This handbook is a guide to setting computer security policies and
procedures for sites that have systems on the Internet. This guide
lists issues and factors that a site must consider when setting their
own policies. It makes some recommendations and gives discussions
relevant areas. This guide is only a framework for setting security
policies and procedures. In order to have an effective set of policies
and procedures, a site will have to make many decisions, gain
agreement, and then communicate and implement the policies.
Title: Security Policy Handbook(DRAFT - 26-Nov-90)
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
- This handbook is a guide to setting computer security policies and
procedures for sites that have systems on the Internet. This guide
lists issues and factors that a site must consider when setting their
own policies. It makes some recommendations and gives discussions
relevant areas. This guide is only a framework for setting security
policies and procedures. In order to have an effective set of policies
and procedures, a site will have to make many decisions, gain
agreement, and then communicate and implement the policies.
Title: Site Security Handbook
Authors: Paul Holbrook Joyce K. Reynolds
File name: /pub/doc/policy/site_security_policy_handbook/rfc1244.txt.Z
Abstract:
- This handbook is a guide to setting computer security policies and
procedures for sites that have systems on the Internet. This guide
lists issues and factors that a site must consider when setting their
own policies. It makes some recommendations and gives discussions
relevant areas. This guide is only a framework for setting security
policies and procedures. In order to have an effective set of policies
and procedures, a site will have to make many decisions, gain
agreement, and then communicate and implement the policies.
Title: Site Security Policy Handbook Outline
Authors: J. Paul Holbrook
Abstract:
- The outline of Site Security Policy Handbook. Including Introduction,
how to establishing official site policy on computer security, how to
how to establishing procedures to prevent security problems,
etc.
Title: Site Security Policy Handbook Working Group
Authors: Site Security Policy Handbook Working Group
Abstract:
- This is a copy of the charter for Site Security Policy Handbook
Working Group (ssphwg).
Title: SSPHWG Collection
Authors: SSPHWG
Abstract:
- This is the mail archives for the ssphwg@cert.sei.cmu.edu mailing
list. This is in MH packf format, with each message surrounded by
control-A characters so you can read the messages individually with
your favorite mailer.
Title: SSPHWG Short Collection
Authors: SSPHWG
Abstract:
- This is an abridged copy of the mail archives with some of the
less useful messages removed (adminstrivia about upcoming
meetings and such). Also in packf format.
Title: The Canadian Trusted Computer Product Evaluation Criteria
Authors: Canadian Systems Security Centre
Abstract:
- This criteria have been developed to provide the Government of Canada
with metric wth which to evaluate the degree of assurance that can be
placed in computer products used for the processing of sensitive
information. It is a guide to manufacturers as to what security
services to build into their commercial products in order to produce
widely available products that satisfy requirements for sensitive
applications; and a guide which may be used in procurements of trusted
products.
Title: Training Requirement for the Computer Security Act
Authors: Office Of Personnel Management
Abstract:
- This regulation implements Public Law 100-235, the
Computer Security Act of 1987, which requires training for all
employees responsible for the management and use of Federal
computer systems that process sensitive information. Under the
regulation agencies will be responsible for identifying the
employees to be trained and providing appropriate training.
|