itl97-04.txt文件.

释放双眼,带上耳机,听听看~!

itl97-04.txt,

itl97-04.

txt,标签纸,计算机支持和操作中的安全考虑计算机支持和操作指的是运行计算机系统所做的一切.

这包括系统管理和支持其操作的系统外部任务(例如,维护文档).

它不包括系统规划或设计.

支持和操作是使计算机系统正常工作的例行活动.

这些措施包括固定软件或硬件问题,加载和维护软件,并帮助用户解决问题.

任何计算机系统的支持和操作,从三人局域网到服务于数千用户的全球应用程序,对维护系统的安全至关重要.

本公告讨论计算机支持和操作活动中的安全问题.

对于许多组织来说,未能将安全性视为计算机系统支持和操作的一部分是他们的致命弱点.

计算机安全系统文献包括许多例子,说明组织是如何由于文档不完整、用户帐户陈旧、软件冲突或维护帐户控制不力而破坏其通常昂贵的安全措施的.

此外,一个组织的政策和程序往往不能解决其中许多重要问题.

支持和操作的一些主要类别中的重要安全考虑事项是:用户支持、软件支持、配置管理、备份、媒体控制、文档和维护.

对于较大或较小的系统,需要注意一些特殊的注意事项.

一般来说,大型系统包括大型机、大型微型计算机和广域网.

较小的系统包括个人电脑和局域网.

在许多组织中,用户支持是通过帮助台进行的.

帮助台可以支持整个组织、子单元、特定系统或这些系统的组合.

对于较小的系统,系统管理员通常提供直接的用户支持.

经验丰富的用户在大多数系统上提供非正式的用户支持.

用户支持应与组织的事件处理能力密切相关.

在许多情况下,相同的人员执行这些功能.

对于用户支持人员来说,一个重要的安全考虑因素是能够识别哪些问题(由用户提请他们注意)与安全相关.

例如,用户无法登录计算机系统可能是由于访问尝试失败次数太多而禁用了其帐户.

这可能表明有黑客试图猜测用户密码.

一般来说,系统支持和操作人员需要能够识别安全问题,作出适当的反应,并通知适当的个人.

可能存在各种各样的安全问题.

有些是定制应用程序内部的,而另一些则适用于现成的产品.

此外,问题可能是基于软件或硬件的.

小系统特别容易受到病毒的攻击,而网络特别容易受到黑客攻击,黑客攻击可以针对多个系统.

系统支持人员应该能够识别攻击并知道如何应对.

系统支持和操作人员的响应能力和知识水平越高,非正式提供的用户支持就越少.

其他用户提供的支持是很重要的,但他们可能不知道“全貌”.

软件支持软件是组织的计算机操作的核心,无论系统的大小和复杂程度如何.

因此,正确地运行软件并防止其被破坏是至关重要的.

软件支持有许多要素.

一是控制系统上使用的软件.

如果用户或系统人员可以在系统上加载和执行任何软件,则系统更容易受到病毒、意外软件交互以及可能破坏或绕过安全控制的软件的攻击.

控制软件的一种方法是在软件加载之前对其进行检查或测试(例如,确定与h自定义应用程序或识别其他不可预见的交互).

这可以适用于新软件包、升级、现成产品或自定义软件(视情况而定).

除了控制新软件的加载和执行,组织还应该注意配置和使用强大的系统实用程序.

系统实用程序可能会损害操作系统和逻辑访问控制的完整性.

病毒利用个人电脑中薄弱的软件控制.

此外,还有强大的实用程序可用于PC机,可以恢复删除的文件,找到隐藏的文件,并直接与PC硬件接口,绕过操作系统.

有些组织使用没有软盘驱动器的个人计算机,以便更好地控制系统.

有几种广泛可用的实用程序可以在网络及其连接的系统中查找安全问题.

一些实用程序寻找并尝试利用安全漏洞.

软件支持的第二个要素是确保未经适当授权,软件未经修改.

这涉及到软件和备份副本的保护.

这可以通过逻辑和物理访问控制的组合来实现.

许多组织还包括一个程序,以确保软件根据需要获得适当的许可.

例如,组织可能会审核系统中是否存在受版权保护的软件的非法副本.

这个问题主要与个人电脑和局域网有关,但也适用于任何类型的系统.

与软件支持密切相关的配置管理是配置管理,即跟踪系统更改并在需要时批准更改的过程.

配置管理通常处理硬件、软件、网络和其他更改.

它可以是正式的,也可以是非正式的.

配置管理的主要安全目标是确保对系统的更改不会无意或无意地降低安全性.

可以使用软件支持下讨论的一些方法,例如检查和测试软件更改.

对于联网系统,配置管理应包括外部连接.

计算机系统连接好了吗?其他什么系统?反过来,这些系统和组织又与哪些系统相连?请注意,安全性目标是知道发生了什么更改,而不是防止更改安全性.

在某些情况下,安全性可能会降低.

然而,安全性的下降应该是基于所有适当因素的决定的结果.

配置管理的第二个安全目标是确保对系统的更改反映在其他文档中,如应急计划.

如果变化很大,可能需要重新分析系统的部分或全部安全性.

备份支持和操作人员,有时用户备份软件和数据.

该功能对应急计划至关重要.

备份的频率将取决于数据更改的频率以及这些更改的重要性.

应咨询项目经理,以确定什么样的备份计划是合适的.

此外,作为一项安全措施,测试备份副本是否实际可用也是很有用的.

最后,应根据需要安全地存储备份.

较小系统的用户通常负责自己的备份.

然而,实际上,它们并不总是定期执行备份.

因此,有些组织的任务支持人员定期为较小的系统进行备份,可以是自动(通过服务器软件)备份,也可以是手动(通过访问每台计算机)备份.

媒体控制媒体控制包括各种措施,为磁带、磁盘、打印输出和其他媒体提供物理和环境保护和问责.

从安全的角度来看,媒体控件的设计应防止信息(包括数据或软件)在存储在系统外部时失去机密性、完整性或可用性.

这可以包括在信息输入到系统和afte之前存储信息r它是输出.

媒体控制的程度取决于许多因素,包括数据类型、媒体数量和用户环境的性质.

物理和环境保护用于防止未经授权的个人访问媒体.

它还可以防止热、冷或有害磁场等因素.

必要时,记录单个媒体(如盒式磁带)的使用情况可提供详细的责任——让授权人员对其行为负责.

标记控制介质可能需要某种形式的物理标记.

标签可用于识别带有特殊处理说明的介质,定位所需信息,或记录介质(例如,带有序列号/控制号或条形码)以支持责任.

识别通常是通过磁盘或磁带上的彩色标签或打印输出的横幅页.

如果标签用于特殊操作说明,则必须对人员进行适当培训.

PC输入输出的标记通常是用户的责任,而不是系统支持人员的责任.

标记备份磁盘有助于防止它们被意外覆盖.

记录媒体日志用于支持责任.

日志可以包括控制编号(或其他跟踪数据)、传输的时间和日期、相关人员的姓名和签名以及其他相关信息.

可进行定期抽查或审计,以确定未丢失受控物品,所有物品均由控制日志中指定的个人保管.

自动媒体跟踪系统可能有助于维护磁带和磁盘库的库存.

完整性验证当电子存储的信息被读取到计算机系统中时,可能需要确定它是否被正确读取或受到任何修改.

电子信息的完整性可以通过错误检测和纠正来验证,如果有意修改是一种威胁,则可以使用基于密码的技术来验证.

物理访问保护介质可以被窃取、销毁、替换为外观相似的副本或丢失.

可以限制这些问题的物理访问控制包括上锁的门、桌子、文件柜或保险箱.

如果媒体始终需要保护,则可能需要将数据实际输出到安全位置的媒体(例如,打印到锁定房间中的打印机,而不是公共区域中的通用打印机).

介质的物理保护应扩展到备份异地存储的拷贝.

一般来说,对于包含存储在现场的相同信息的媒体,应给予同等程度的保护.

(同等保护并不意味着安全措施必须完全相同.

非现场位置的控制很可能与常规现场的控制不同.

)环境保护磁性介质,如磁盘或磁带,需要环境保护,因为它们对温度、液体、磁性、烟雾和灰尘敏感.

其他介质(如纸张和光存储)对环境因素的敏感性可能不同.

传输媒体控制可以在组织内部转移,也可以转移到外部元素.

确保此类传送的可能性包括密封和标记的信封、授权信使或信使、或美国认证或挂号信.

处置处置媒体时,确保信息不被不当披露可能很重要.

这既适用于计算机系统外部的介质(如软盘),也适用于计算机系统内部的介质(如硬盘).

从媒体中删除信息的过程称为清理.

(见1992年10月的CSL公告,敏感自动化信息的处理)媒体清理通常使用三种技术:覆盖、消磁和销毁.

覆盖是从磁性介质中清除数据的有效方法.

顾名思义,重写使用程序来编写(1、0或组合)在媒体上.

通常的做法是覆盖媒体三次.

覆盖不应与仅仅删除指向文件的指针(通常在使用delete命令时发生)混淆.

覆盖要求媒体处于工作状态.

消磁是一种从磁性介质中磁擦除数据的方法.

存在两种类型的消磁器:强永磁体和电消磁器.

最后一种消毒方法是通过粉碎或燃烧来销毁介质.

许多人扔掉旧磁盘,认为删除磁盘上的文件已使数据无法恢复.

然而,实际上,删除一个文件只会删除指向该文件的指针.

指针告诉计算机文件的物理存储位置.

如果没有这个指针,文件将不会出现在目录列表中.

这并不意味着文件已被删除.

通常可用的实用程序通常可以检索假定已删除的信息.

计算机支持和操作的所有方面的文档记录对于确保连续性和一致性非常重要.

以足够详细的形式化操作实践和程序有助于消除安全失误和疏忽,向新人员提供足够详细的指示,并提供质量保证功能,以帮助确保正确有效地执行操作.

系统的安全性也需要记录在案.

这包括许多类型的文档,如安全计划、应急计划、风险分析以及安全策略和程序.

这些信息中的大部分,特别是风险和威胁分析,必须受到保护,以防未经授权披露.

安全文档还需要是最新的和可访问的.

无障碍设施应考虑到特殊因素(例如在灾难期间需要找到应急计划).

安全文档的设计应满足使用它的不同类型人员的需求.

因此,许多组织将文档分为策略和过程.

应编写一份安全程序手册,以告知各种系统用户如何安全地完成其工作.

系统操作和支持人员的安全程序手册可以相当详细地解决各种技术和操作问题.

维护系统维护需要对系统进行物理或逻辑访问.

支持和操作人员、硬件或软件供应商或第三方服务提供商可以维护系统.

可在现场进行维护,也可将设备移至维修现场.

也可以通过通信连接远程执行维护.

如果通常无法访问系统的人执行维护,则会引入安全漏洞.

在某些情况下,可能需要采取额外的预防措施,例如对服务人员进行背景调查.

对维护人员的监督可以防止一些问题,例如“窥探”物理区域.

然而,一旦有人进入系统,就很难通过维护过程来防止损坏.

许多计算机系统提供维护帐户.

这些特殊的登录帐户通常在工厂使用预先设置的、广为人知的密码进行预配置.

黑客入侵系统最常用的方法之一是通过维护帐户,这些帐户仍然有出厂设置或容易猜到的密码.

更改这些密码或以其他方式禁用帐户,直到需要这些密码为止,这一点非常重要.

应制定程序,确保只有授权维护人员才能使用这些账户.

如果要远程使用帐户,则可以使用回叫确认来执行维护提供程序的身份验证.

这有助于确保远程诊断活动实际上源自供应商站点的已建立电话号码.

其他技术也有帮助,包括诊断com的加密和解密通信.

强有力的识别和认证技术,如令牌.

以及远程断开连接验证.

较大的系统可能有诊断端口.

此外,大型系统制造商和第三方供应商可能提供更多的诊断和支持服务.

必须确保这些端口仅由授权人员使用,不能被黑客访问.

在大多数计算机安全控制中,相互依赖性支持和操作组件共存.人员.大多数支持和操作人员都可以特别访问该系统.

一些组织对填补这些职位的个人进行背景调查,以筛选出可能不值得信任的个人.事故处理.支持和操作可能包括组织的事件处理人员.

即使它们是独立的组织,它们也需要共同努力来识别和应对事件.应急计划.支持和操作通常为应急计划提供技术输入,并执行备份、更新文档和实践应急响应的活动.

安全意识、培训和教育.

支持和操作人员应接受安全程序培训,并应意识到安全的重要性.

此外,他们还提供必要的技术专业知识,以教导用户如何保护其系统.物理和环境.支持和操作人员经常控制计算机系统周围的物理区域.技术控制.技术控制由支持和操作人员安装、维护和使用.

它们创建用户帐户,将用户添加到访问控制列表中,查看审核日志以了解异常活动,控制电信链路上的批量加密,并执行有效使用技术控制所需的无数操作任务.

此外,支助和业务人员根据对系统能力和业务限制的了解,为选择控制措施提供必要的投入.保证.支持和操作人员通过使用保证方法来评估或测试更改及其对系统的影响,确保对系统的更改不会引入安全漏洞.

操作保证通常由支持和操作人员执行.

成本考虑确保日常支持和操作的足够安全性的成本在很大程度上取决于操作环境的规模和特点以及所执行的处理的性质.

如果已经有足够的支持人员,就必须对他们进行指定工作的安全方面的培训.

通常不需要雇用额外的支持和操作安全专家.

初期和持续的培训是成功地将安全措施纳入支助和业务活动的费用.

另一个成本是与创建和更新文档相关的成本,以确保安全问题在支持和操作策略、过程和职责中得到适当反映.

有关更多信息,本公告总结了NIST特别出版物800-12《计算机安全简介:NIST手册》中的一章.

该手册可通过电子方式获取,网址为:http://csrc.nist.gov/nistpubs/800-12,采用WordPerfect 6.

1、MS Word和PostScript格式.

您也可以向政府印刷局订购手册,电话:(202)512-1800,库存编号SN003-003-03374-0,价格18美元.

,网络安全教程itl97-04.txt,tags |
paper, SECURITY CONSIDERATIONS IN COMPUTER SUPPORT AND OPERATIONS
Computer support and operations refers to everything done to run a computer
system. This includes both system administration and tasks external to the
system that support its operation (e.g., maintaining documentation). It
does not include system planning or design. Support and operations are
routine activities that enable computer systems to function correctly.
These include fixing software or hardware problems, loading and maintaining
software, and helping users resolve problems.

The support and operation of any computer system, from a three-person local
area network to a worldwide application serving thousands of users, is
critical to maintaining the security of a system. This bulletin discusses
security issues in computer support and operations activities.

The failure to consider security as part of the support and operations of
computer systems is, for many organizations, their Achilles heel. Computer
security system literature includes many examples of how organizations
undermined their often expensive security measures because of poor
documentation, old user accounts, conflicting software, or poor control of
maintenance accounts. Also, an organization's policies and procedures
often fail to address many of these important issues. The important
security considerations within some of the major categories of support and
operations are:

user support,
software support,
configuration management,
backups,
media controls,
documentation, and
maintenance.

Some special considerations are noted for larger or smaller systems. In
general, larger systems include mainframes, large minicomputers, and WANs.
Smaller systems include PCs and LANs.

USER SUPPORT
In many organizations, user support takes place through a Help Desk. Help
Desks can support an entire organization, a subunit, a specific system, or
a combination of these. For smaller systems, the system administrator
normally provides direct user support. Experienced users provide informal
user support on most systems. User support should be closely linked to the
organization's incident handling capability. In many cases, the same
personnel perform these functions.

An important security consideration for user support personnel is being
able to recognize which problems (brought to their attention by users) are
security- related. For example, users' inability to log onto a computer
system may result from the disabling of their accounts due to too many
failed access attempts. This could indicate the presence of hackers trying
to guess users' passwords.

In general, system support and operations staff need to be able to identify
security problems, respond appropriately, and inform appropriate
individuals. A wide range of possible security problems exist. Some will
be internal to custom applications, while others apply to off-the-shelf
products. Additionally, problems can be software- or hardware-based.
Small systems are especially susceptible to viruses, while networks are
particularly susceptible to hacker attacks, which can be targeted at
multiple systems. System support personnel should be able to recognize
attacks and know how to respond.

The more responsive and knowledgeable system support and operation staff
personnel are, the less user support will be provided informally. The
support other users provide is important, but they may not be aware of the
"whole picture."

SOFTWARE SUPPORT
Software is the heart of an organization's computer operations, whatever
the size and complexity of the system. Therefore, it is essential that
software function correctly and be protected from corruption. There are
many elements of software support.

One is controlling what software is used on a system. If users or systems
personnel can load and execute any software on a system, the system is more
vulnerable to viruses, to unexpected software interactions, and to software
that may subvert or bypass security controls. One method of controlling
software is to inspect or test software before it is loaded (e.g., to
determine compatibility with custom applications or identify other
unforeseen interactions). This can apply to new software packages, to
upgrades, to off-the-shelf products, or to custom software, as deemed
appropriate. In addition to controlling the loading and execution of new
software, organizations should also give care to the configuration and use
of powerful system utilities. System utilities can compromise the
integrity of operating systems and logical access controls.

Viruses take advantage of the weak software controls in personal computers.
Also, there are powerful utilities available for PCs that can restore
deleted files, find hidden files, and interface directly with PC hardware,
bypassing the operating system. Some organizations use personal computers
without floppy drives in order to have better control over the system.
There are several widely available utilities that look for security
problems in both networks and the systems attached to them. Some utilities
look for and try to exploit security vulnerabilities.

A second element in software support can be to ensure that software has not
been modified without proper authorization. This involves the protection
of software and backup copies. This can be done with a combination of
logical and physical access controls.

Many organizations also include a program to ensure that software is
properly licensed, as required. For example, an organization may audit
systems for illegal copies of copyrighted software. This problem is
primarily associated with PCs and LANs, but can apply to any type of system.

CONFIGURATION MANAGEMENT
Closely related to software support is configuration management -- the
process of keeping track of changes to the system and, if needed, approving
them. Configuration management normally addresses hardware, software,
networking, and other changes; it can be formal or informal. The primary
security goal of configuration management is ensuring that changes to the
system do not unintentionally or unknowingly diminish security. Some of
the methods discussed under software support, such as inspecting and
testing software changes, can be used.

For networked systems, configuration management should include external
connections. Is the computer system connected? To what other systems? In
turn, to what systems are these systems and organizations connected? Note
that the security goal is to know what changes occur, not to prevent
security from being changed. There may be circumstances when security will
be reduced. However, the decrease in security should be the result of a
decision based on all appropriate factors.

A second security goal of configuration management is ensuring that changes
to the system are reflected in other documentation, such as the contingency
plan. If the change is major, it may be necessary to reanalyze some or all
of the security of the system.

BACKUPS
Support and operations personnel and sometimes users back up software and
data. This function is critical to contingency planning. Frequency of
backups will depend upon how often data changes and how important those
changes are. Program managers should be consulted to determine what backup
schedule is appropriate. Also, as a safety measure, it is useful to test
that backup copies are actually usable. Finally, backups should be stored
securely, as appropriate.

Users of smaller systems are often responsible for their own backups.
However, in reality, they do not always perform backups regularly. Some
organizations, therefore, task support personnel with making backups
periodically for smaller systems, either automatically (through server
software) or manually (by visiting each machine).

MEDIA CONTROLS
Media controls include a variety of measures to provide physical and
environmental protection and accountability for tapes, diskettes,
printouts, and other media. From a security perspective, media controls
should be designed to prevent the loss of confidentiality, integrity, or
availability of information, including data or software, when stored
outside the system. This can include storage of information before it is
input to the system and after it is output.

The extent of media control depends upon many factors, including the type
of data, the quantity of media, and the nature of the user environment.
Physical and environmental protection is used to prevent unauthorized
individuals from accessing the media. It also protects against such
factors as heat, cold, or harmful magnetic fields. When necessary, logging
the use of individual media (e.g., a tape cartridge) provides detailed
accountability -- to hold authorized people responsible for their actions.

Marking
Controlling media may require some form of physical labeling. The labels
can be used to identify media with special handling instructions, to locate
needed information, or to log media (e.g., with serial/control numbers or
bar codes) to support accountability. Identification is often by colored
labels on diskettes or tapes or banner pages on printouts.

If labeling is used for special handling instructions, it is critical that
people be appropriately trained. The marking of PC input and output is
generally the responsibility of the user, not the system support staff.
Marking backup diskettes can help prevent them from being accidentally
overwritten.

Logging
The logging of media is used to support accountability. Logs can include
control numbers (or other tracking data), the times and dates of transfers,
names and signatures of individuals involved, and other relevant
information. Periodic spot checks or audits may be conducted to determine
that no controlled items have been lost and that all are in the custody of
individuals named in control logs. Automated media tracking systems may be
helpful for maintaining inventories of tape and disk libraries.

Integrity Verification
When electronically stored information is read into a computer system, it
may be necessary to determine whether it has been read correctly or subject
to any modification. The integrity of electronic information can be
verified using error detection and correction or, if intentional
modifications are a threat, cryptographic-based technologies.

Physical Access Protection
Media can be stolen, destroyed, replaced with a look-alike copy, or lost.
Physical access controls which can limit these problems include locked
doors, desks, file cabinets, or safes. If the media requires protection at
all times, it may be necessary to actually output data to the media in a
secure location (e.g., printing to a printer in a locked room instead of to
a general-purpose printer in a common area).

Physical protection of media should be extended to backup copies stored
offsite. They generally should be accorded an equivalent level of
protection to media containing the same information stored onsite.
(Equivalent protection does not mean that the security measures need to be
exactly the same. The controls at the off-site location are quite likely
to be different from the controls at the regular site.)

Environmental Protection
Magnetic media, such as diskettes or magnetic tape, require environmental
protection, since they are sensitive to temperature, liquids, magnetism,
smoke, and dust. Other media (e.g., paper and optical storage) may have
different sensitivities to environmental factors.

Transmittal
Media control may be transferred both within the organization and to
outside elements. Possibilities for securing such transmittal include
sealed and marked envelopes, authorized messenger or courier, or U.S.
certified or registered mail.

Disposition
When media is disposed of, it may be important to ensure that information
is not improperly disclosed. This applies both to media that is external
to a computer system (such as a diskette) and to media inside a computer
system, such as a hard disk. The process of removing information from
media is called sanitization. (See the CSL Bulletin of October 1992,
Disposition of Sensitive Automated Information.)

Three techniques are commonly used for media sanitization: overwriting,
degaussing, and destruction. Overwriting is an effective method for
clearing data from magnetic media. As the name implies, overwriting uses a
program to write (1s, 0s, or a combination) onto the media. Common
practice is to overwrite the media three times. Overwriting should not be
confused with merely deleting the pointer to a file (which typically
happens when a delete command is used). Overwriting requires that the
media be in working order. Degaussing is a method to magnetically erase
data from magnetic media. Two types of degausser exist: strong permanent
magnets and electric degaussers. The final method of sanitization is
destruction of the media by shredding or burning.

Many people throw away old diskettes, believing that erasing the files on
the diskette has made the data unretrievable. In reality, however, erasing
a file simply removes the pointer to that file. The pointer tells the
computer where the file is physically stored. Without this pointer, the
files will not appear on a directory listing. This does not mean that the
file was removed. Commonly available utility programs can often retrieve
information that is presumed deleted.

DOCUMENTATION
Documentation of all aspects of computer support and operations is
important to ensure continuity and consistency. Formalizing operational
practices and procedures with sufficient detail helps to eliminate security
lapses and oversights, gives new personnel sufficiently detailed
instructions, and provides a quality assurance function to help ensure that
operations will be performed correctly and efficiently.

The security of a system also needs to be documented. This includes many
types of documentation, such as security plans, contingency plans, risk
analyses, and security policies and procedures. Much of this information,
particularly risk and threat analyses, has to be protected against
unauthorized disclosure. Security documentation also needs to be both
current and accessible. Accessibility should take special factors into
account (such as the need to find the contingency plan during a disaster).

Security documentation should be designed to fulfill the needs of the
different types of people who use it. For this reason, many organizations
separate documentation into policy and procedures. A security procedures
manual should be written to inform various system users how to do their
jobs securely. A security procedures manual for systems operations and
support staff may address a wide variety of technical and operational
concerns in considerable detail.

MAINTENANCE
System maintenance requires either physical or logical access to the
system. Support and operations staff, hardware or software vendors, or
third-party service providers may maintain a system. Maintenance may be
performed on site, or it may be necessary to move equipment to a repair
site. Maintenance may also be performed remotely via communications
connections. If someone who does not normally have access to the system
performs maintenance, then a security vulnerability is introduced.

In some circumstances, it may be necessary to take additional precautions,
such as conducting background investigations of service personnel.
Supervision of maintenance personnel may prevent some problems, such as
"snooping around" the physical area. However, once someone has access to
the system, it is very difficult for supervision to prevent damage done
through the maintenance process.

Many computer systems provide maintenance accounts. These special log-in
accounts are normally preconfigured at the factory with pre-set, widely
known passwords. One of the most common methods hackers use to break into
systems is through maintenance accounts that still have factory-set or
easily guessed passwords. It is critical to change these passwords or
otherwise disable the accounts until they are needed. Procedures should be
developed to ensure that only authorized maintenance personnel can use
these accounts. If the account is to be used remotely, authentication of
the maintenance provider can be performed using call-back confirmation.
This helps ensure that remote diagnostic activities actually originate from
an established telephone number at the vendor's site. Other techniques can
also help, including encryption and decryption of diagnostic
communications; strong identification and authentication techniques, such
as tokens; and remote disconnect verification.

Larger systems may have diagnostic ports. In addition, manufacturers of
larger systems and third-party providers may offer more diagnostic and
support services. It is critical to ensure that these ports are only used
by authorized personnel and cannot be accessed by hackers.

INTERDEPENDENCIES
Support and operations components coexist in most computer security controls.

Personnel. Most support and operations staff have special access to the
system. Some organizations conduct background checks on individuals
filling these positions to screen out possibly untrustworthy individuals.

Incident Handling. Support and operations may include an organization's
incident handling staff. Even if they are separate organizations, they
need to work together to recognize and respond to incidents.

Contingency Planning. Support and operations normally provides technical
input to contingency planning and carries out the activities of making
backups, updating documentation, and practicing responding to contingencies.

Security Awareness, Training, and Education. Support and operations staff
should be trained in security procedures and should be aware of the
importance of security. In addition, they provide technical expertise
needed to teach users how to secure their systems.

Physical and Environmental. Support and operations staff often control the
immediate physical area around the computer system.

Technical Controls. The technical controls are installed, maintained, and
used by support and operations staff. They create the user accounts, add
users to access control lists, review audit logs for unusual activity,
control bulk encryption over telecommunications links, and perform the
countless operational tasks needed to use technical controls effectively.
In addition, support and operations staff provide needed input to the
selection of controls based on their knowledge of system capabilities and
operational constraints.

Assurance. Support and operations staff ensure that changes to a system do
not introduce security vulnerabilities by using assurance methods to
evaluate or test the changes and their effect on the system. Operational
assurance is normally performed by support and operations staff.

COST CONSIDERATIONS
The cost of ensuring adequate security in day-to-day support and operations
is largely dependent upon the size and characteristics of the operating
environment and the nature of the processing being performed. If
sufficient support personnel are already available, it is important that
they be trained in the security aspects of their assigned jobs; it is
usually not necessary to hire additional support and operations security
specialists. Training, both initial and ongoing, is a cost of successfully
incorporating security measures into support and operations activities.

Another cost is that associated with creating and updating documentation to
ensure that security concerns are appropriately reflected in support and
operations policies, procedures, and duties.

FOR MORE INFORMATION
This bulletin summarizes a chapter in NIST Special Publication 800-12,
Introduction to Computer Security: The NIST Handbook. The handbook is
available electronically at: http://csrc.nist.gov/nistpubs/800-12 in
WordPerfect 6.1, MS Word, and PostScript formats. You can also order the
handbook from the Government Printing Office at (202) 512-1800, stock
number SN003-003-03374- 0, price $18.00.

人已赞赏
安全工具

<p>itl97-07.txt文件.</p>

2020-2-6 3:15:03

安全工具

itl97-03.txt

2020-2-6 3:15:05

0 条回复 A文章作者 M管理员
    暂无讨论,说说你的看法吧
个人中心
购物车
优惠劵
今日签到
有新私信 私信列表
搜索