[ Search ] [ What's New? ] [ About ]
[ Bugs ] [ Misc ] [ Mailing Lists ] [ Newgroups ] [ NewsWire ] [ Papers ] [ People ]
[ Pictures ] [ Publications ] [ Responce Teams ] [ Tools ] [ Upcoming Events ] [ Web Sites ]

Policy

Title: Computer Security Act 0 1987
Authors: Roe
Abstract:
Report on Computer Security Act of 1987.

Title: Current_Meeting_Report_Ssphwg Minutes
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
SSPHWG meeting report. The first pass draft of the Handbook was well received, and the general consensus of attendees is to keep with the direction of the document with one more pass at the next IETF in Colorado. Submission of the Handbook to the Internet Draft process is projected to be in mid-December, for publication as an RFC FYI at the end of 1990.

Title: Current_Meeting_Report_Ssphwg Minutes
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
SSPHWG meeting report. Including the agenda, needs, what procedures and policies should be in place, also including an overview of the handbook, and list and discussion of issues, etc.

Title: Current_Meeting_Report_Ssphwg Minutes
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
SSPHWG meeting report. Discussion of Handbook's current draft status from 29-Nov-90. It has been decided to go ahead with the I-D process to RFC publication.

Title: Department of Commerce's Software Copyright Policy
Authors: Department of Commerce
Abstract:
Department of Commerce's Software Copyright Policy. United States Code, Title 17.

Title: Executive Guide to the Protection of Information Resources
Authors: National Institute of Standards and Technology
Abstract:
The National Institute of Standards and Technology (NIST), is responsible for developing standards, providing technical assistance, and conducting research for computers and related telecommunications systems. These activities provide technical support to government and industry in the effective, safe, and economical use of computers. With the passage of the Computer Security Act of 1987 (P.L. 100-235), NIST's activities also include the development of standards and guidelines needed to assure the cost-effective security and privacy of sensitive information in Federal computer systems. This guide is just one of three brochures designed for a specific audience. The "Managers Guide to the Protection of Information Resources" and the "Computer User's Guide to the Protection of Information Resources" complete the series.

Title: Federal Criteria for Information Technology Security
Authors: National Institute of Standards and Technology & NSA
Abstract:
This paper is giving the community a clear view of the FC Project's direction in moving beyond the TCSEC method of expressing requirements in order to meet new IT security challenges, and also obtaining feedback on the innovative approaches taken, the method of presentation, and garnularity; finally, making a substantial contribution on the dialogue among nations leading to the harmonization of IT security requirements and evaluations.

Title: Financial Management Systems
Authors: U.S. Government
Abstract:
This Circular prescribes policies and procedures to be followed by executive departments and agencies in developing, operating, evaluating, and reporting on financial management systems.

Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
The purpose of this document is to provide a set of guidelines to aid in the secure operation of the Internet.

Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
The purpose of this document is to provide a set of guidelines to aid in the secure operation of the Internet.

Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
The purpose of this document is to provide a set of guidelines to aid in the secure operation of the Internet.

Title: Guidelines for the Secure Operation of the Internet
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
The purpose of this document is to provide a set of guidelines to aid in the secure operation of the Internet.

Title: Information Technology Security
Authors: Department of Commerce
Abstract:
Department of Commerce's Chapter 10 of the DOC IT Management Handbook, which contains the IT Security policies for the Dep}A130.ZIP, 06-06-94 Proposed Revision to OMB Circular A-130.

Title: Information Technology Security Manual
Authors: Department of Commerce
Abstract:
Department of Commerce beginning sections of the DOC "Information Technology Security Manual".

Title: Internal Control Systems
Authors: U.S. Government
Abstract:
This circular prescribes policies and procedures to be followed by executive departments and agencies in establishing, maintaining, evaluating, improving, and reporting on internal controls in their program and administrative activities.

Title: Internet Security Policy(WORKING DRAFT)
Authors: Richard Pethia Steve Crocker
Abstract:
This is a working draft of a proposed Internet security policy for your review and comment.

Title: Internet Security Policy Recommendations
Authors: Richard Pethia Steve Crocker Barbara Fraser
Abstract:
The purpose of this document is to provide a set of guidelines to aid in the secure operation of the Internet.

Title: Internet Security Policy Recommendations(WORKING DRAFT)
Authors: Richard Pethia Steve Crocker
Abstract:
This is a revised working draft of a proposed Internet security policy for your review and comment. This is a revision of the original October 9 draft.

Title: Management Guide to the Protection of Information Resources
Authors: National Institute of Standards and Technology
Abstract:
The National Institute of Standards and Technology (NIST), is responsible for developing standards, providing technical assistance, and conducting research for computers and related systems. These activities provide technical support to government and industry in the effective, safe, and economical use of computers. With the passage of the Computer Security Act of 1987 (P.L. 100-235), NIST's activities also include the development of standards and guidelines needed to assure the cost-effective security and privacy of sensitive information in Federal computer systems. This guide represents one activity towards the protection and management of sensitive information resources.

Title: Security Policy Handbook
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet. This guide lists issues and factors that a site must consider when setting their own policies. It makes some recommendations and gives discussions relevant areas. This guide is only a framework for setting security policies and procedures. In order to have an effective set of policies and procedures, a site will have to make many decisions, gain agreement, and then communicate and implement the policies.

Title: Security Policy Handbook
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet. This guide lists issues and factors that a site must consider when setting their own policies. It makes some recommendations and gives discussions relevant areas. This guide is only a framework for setting security policies and procedures. In order to have an effective set of policies and procedures, a site will have to make many decisions, gain agreement, and then communicate and implement the policies.

Title: Security Policy Handbook(DRAFT - 26-Nov-90)
Authors: Paul Holbrook Joyce K. Reynolds
Abstract:
This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet. This guide lists issues and factors that a site must consider when setting their own policies. It makes some recommendations and gives discussions relevant areas. This guide is only a framework for setting security policies and procedures. In order to have an effective set of policies and procedures, a site will have to make many decisions, gain agreement, and then communicate and implement the policies.

Title: Site Security Handbook
Authors: Paul Holbrook Joyce K. Reynolds
File name: /pub/doc/policy/site_security_policy_handbook/rfc1244.txt.Z
Abstract:
This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet. This guide lists issues and factors that a site must consider when setting their own policies. It makes some recommendations and gives discussions relevant areas. This guide is only a framework for setting security policies and procedures. In order to have an effective set of policies and procedures, a site will have to make many decisions, gain agreement, and then communicate and implement the policies.

Title: Site Security Policy Handbook Outline
Authors: J. Paul Holbrook
Abstract:
The outline of Site Security Policy Handbook. Including Introduction, how to establishing official site policy on computer security, how to how to establishing procedures to prevent security problems, etc.

Title: Site Security Policy Handbook Working Group
Authors: Site Security Policy Handbook Working Group
Abstract:
This is a copy of the charter for Site Security Policy Handbook Working Group (ssphwg).

Title: SSPHWG Collection
Authors: SSPHWG
Abstract:
This is the mail archives for the ssphwg@cert.sei.cmu.edu mailing list. This is in MH packf format, with each message surrounded by control-A characters so you can read the messages individually with your favorite mailer.

Title: SSPHWG Short Collection
Authors: SSPHWG
Abstract:
This is an abridged copy of the mail archives with some of the less useful messages removed (adminstrivia about upcoming meetings and such). Also in packf format.

Title: The Canadian Trusted Computer Product Evaluation Criteria
Authors: Canadian Systems Security Centre
Abstract:
This criteria have been developed to provide the Government of Canada with metric wth which to evaluate the degree of assurance that can be placed in computer products used for the processing of sensitive information. It is a guide to manufacturers as to what security services to build into their commercial products in order to produce widely available products that satisfy requirements for sensitive applications; and a guide which may be used in procurements of trusted products.

Title: Training Requirement for the Computer Security Act
Authors: Office Of Personnel Management
Abstract:
This regulation implements Public Law 100-235, the Computer Security Act of 1987, which requires training for all employees responsible for the management and use of Federal computer systems that process sensitive information. Under the regulation agencies will be responsible for identifying the employees to be trained and providing appropriate training.


Aleph One / aleph1@underground.org
Copyright © 1996 Computer Underground Society. All rights reserved.