DataMuseum.dk

Presents historical artifacts from the history of:

DKUUG/EUUG Conference tapes

This is an automatic "excavation" of a thematic subset of
artifacts from Datamuseum.dk's BitArchive.

See our Wiki for more about DKUUG/EUUG Conference tapes

Excavated with: AutoArchaeologist - Free & Open Source Software. 

top - metrics - download
Index: T c

⟦43201e24c⟧ TextFile

    Length: 2639 (0xa4f)
    Types: TextFile
    Names: »classified.tex«

Derivation

└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
    └─⟦36857feb3⟧ »./papers/Security_Primer/primer.tar.Z« 
        └─⟦5c5f5f2d8⟧ 
            └─⟦this⟧ »classified.tex«

TextFile

\section{Highly Sensitive Environments}

An computing environment should be considered highly sensitive when it
is potentially profitable to covert the data or when great inconvenience
and losses could result from errors produced there.  In particular,
you should consider you site sensitive if any of the following
conditions apply:

\begin{enumerate}
\item You process data that the government considers sensitive.
\item You process financial transactions such that a single
transaction can exceed \$25,000.00 or the total transactions exceed
2.5 Million dollars.
\item You process data whose time of release is tightly controlled and
whose early release could give significant financial advantage.
\item Your function is life critical.
\item Your organization has enemies that have a history of
``terrorism'' or violent protests.
\item Your data contains trade secrete information that would be of
direct value to a competitor.
\end{enumerate}

Essentially money is more directly valuable than secrets and a
``vilian'' can potentially steal more from one successful attack on
one financial institution than he will ever be able to get selling
state secrets for decades.  There is significant concern that
the electrical utility companies and and bank conducting electronic
funds transfer will be targets of terrorists in thee next decade. 

For centers the must support sensitive processing it is {\em
strongly\/} advised to {\em completely\/} separate the facilities for
processing this data from those facilities used to process ordinary
data and to allow absolutely no connection from the sensitive
processing systems to the outside world.  There is {\em No\/}
substitute for physical security and proper separation will require an
attacker to compromise physical security in order to penetrate the
system.  Techniques for coping with the remaining ``insider threat''
are beyond the scope of this tutorial.

In analysis of computing in sensitive environments, there are two
different security goals.  The first is that of protecting the system.
All of the advice in this booklet should be considered as a first step
towards that goal.  The second goal is the protection of job or
``Technical Compliance.''  This is is the goal of showing that all of
the regulations have been followed and that protecting the system has
been done with ``due diligence.''

It is important to realize that these two security goals are separate
and potentially conflicting.  It may be necessary to work towards the
latter the goal and that is often more a legal and bookkeeping
question than a technical one.  It is also beyond the scope of this
work.