top - download
⟦77b296ced⟧ Wang Wps File
Length: 3326 (0xcfe)
Types: Wang Wps File
Notes: CAMPS MOM 45
Names: »5024A «
Derivation
└─⟦27551141f⟧ Bits:30006195 8" Wang WCS floppy, CR 0468A
└─ ⟦this⟧ »5024A «
WangText
…02…
…02…JAL/840608…02……02…#
MINUTES OF MEETING NO. 42
…02……02…CAMPS
CR/SHAPE
840608 45 CR
A/S
Minutes of Meeting held
at Christian Rovsing A/S
Mr. A. Gardiner Mr. Jan Lauridsen KNN
Mr. J.P. Lohisse OKH
Mr. J. Wellekens URH
1. P̲e̲n̲e̲t̲r̲a̲t̲i̲o̲n̲ ̲T̲e̲s̲t̲ ̲A̲c̲t̲i̲v̲i̲t̲i̲e̲s̲
Actions on Penetration Test Activities
have been defined as follows:
N̲O̲.̲ A̲C̲T̲I̲V̲I̲T̲Y̲ E̲F̲F̲O̲R̲T̲ A̲C̲T̲I̲O̲N̲E̲E̲
a Preparation
of msg SHAPE
b Operation
of TOS SHAPE
c Output Analysis
Support 1
MM CR
d Operation
of CAMPS SHAPE/TRW
e Modification
of TDS
(to include
off-load-
facility) 3
MM CR
f Off-line Dev.
Syst. to
be generated
including
TOS and PASCAL 1
MM CR
CR will investigate
if
effort required
later
for the ISSC
Maintenance
System Generation
will be
lessened by
this task.
CR will give
SHAPE access
to a Development
System 5
workingdays
before start
of the Penetration
Test.
g Integrity
Verification
Program TRW
where CR is not mentioned explicity, no
CR activity is involved. The CR-effort
mentioned above will be charged with the
rates for a senior engineer. Initiation
of activities will be done when formally
requested by SHAPE.
2. S̲e̲c̲u̲r̲i̲t̲y̲ ̲R̲e̲q̲u̲i̲r̲e̲m̲e̲n̲t̲
2.1 L̲a̲b̲e̲l̲l̲i̲n̲g̲
2.1.1 S̲e̲c̲u̲r̲i̲t̲y̲ ̲M̲a̲r̲k̲i̲n̲g̲s̲
SHAPE noted that all objects should
have security marking consisting
of Special Handling Designators
and NATO Security Classification.
Examples of objects are:
- Files
(CIF's)
- Tables
controlled
by
TMP
- Log-files
- Statistic-files
Security markings should be included
on all output.
SHAPE will work with CR to produce
a list of objects to have security
marking and based on this material
ask CR to investigate the impact
of these changes.
2.1.2 P̲r̲o̲f̲i̲l̲e̲s̲
SHAPE noted that minimun as well
as maximum classifications should
be included in profiles for:
- Channels
- Devices
- VDU's
All these profiles including min.
and max. classifications as well
as Special Handling should be
changable on-line.
SHAPE asked CR to investigate
the impact of these changes.
2.2 I̲s̲o̲l̲a̲t̲i̲o̲n̲ ̲o̲f̲ ̲P̲r̲o̲c̲e̲s̲s̲e̲s̲
SHAPE noted that all processes and
subprocesses should be isolated i.e.
one separate process should handle
one device.
Data areas (not only buffers) should
be purged at the end of each transaction
by means of a system call to a trusted
process.
2.3 A̲u̲d̲i̲t̲ ̲T̲r̲a̲i̲l̲
SHAPE noted that e.g. user ̲id should
be included in the audit-log. SHAPE
will provide CR with a list of entries
to be included in the audit-log.
2.4 T̲a̲s̲k̲i̲n̲g̲
SHAPE expect that problems raised
under 2.2 and 2.3 will be analyzed
by CR in Term of a simple feasibility
analysis to outline any existing design
change.
