TUCoPS :: General Information :: gcs.txt

Government Security -- This file tells about Government standards, and information concerning computer security.

Parts 1-3

*=*=*        Government Computer Security Techniques        *=*=
*=*=*=*=*=*=*      Written By: The Line Breaker     *=*=*=*=*=*=
As most of you know (those who have been around for over 1 year),
I am a computer security consultant by trade.  I do work for most
large companies and sometimes the government.  Well I am here now
going to explain in great detail the fundamentals of government
computer security.  There are going to be roughly 25 sections to
this g-phile, so open your buffers and let them rip.

Each file is broken into several parts starting with the control
title and ending with the principles of note.  I help design most
of the systems that you are about to read about, and most of the
problems that you run across in your every day hacking should be
solved here.  The secret to the philes is to read them carefully
and then reverse the process in some cases, otherwise they will
help you understand in greater detail the workings of computer

*=*=*            C.S.T. Volume One -- G-phile One           *=*=
*=*=*=*=*=*        Written By: The Line Breaker     *=*=*=*=*=*=
Control Title: Low Building Profile
Description -> buildings housing computer systems and the computer
facilities should be unobtrusive and give minimum indication of
their purpose.  There should be no obvious signs identifying
computing activities outside or inside buildings.  Buildings
should look unimpressive and ordinary relative to nearby
buildings.  Building lobby directories and company telephone books
should not identify locations of computer activities except for
offices and reception areas that serve outsiders and are located
separately from operational areas.  Physical access barriers,
including access control signs, should be reasonably visible,

Strengths -> a low profile reduces the likelihood of attention by
destruction-minded outsiders.  Such attention tends to be directed
away to other more visible targets.

Weaknesses -> a low profile may reduce business promotion values
and inconvenience visitors, vendors, delivery people, and others
who have a legitimate need to find computing facilities.

Purpose -> deterrence

Control Area -> computer center

Mode -> manual procedure

Area of Responsibility -> management, security

Cost - low

Principles of Note -> avoidance of need for design secrecy,
completeness and consistency, least privileged

*=*=*             C.S.T. Volume One -- Phile Two            *=*=
*=*=*=*=*=*=*      Written By: The Line Breaker     *=*=*=*=*=*=

Control Title -> telephone access

Objective -> avoid computer access exposure

Description -> limiting access to a computer and data files can be
an important means of security.  Several means of accomplishing
this are possible.  It may be possible and important to eliminate
dial-up access to a computer.  A computer interfaced to the
dial-up public telephone network is exposed to access from any
telephone in the world.  There may be a trade-off in computer
security by giving up or limiting the benefits of dial-up access.
This can be accomplished by using only point-to-point wire or
leased-line telephone access to the computer.  An alternative is
to provide dial-up access to a small computer for development or
other timesharing purposes while reserving another computer for
more sensitive production activity that is not interfaced to
dial-up telephones.  A control computer providing access to two or
more other computers can also be used as a means of protecting
them from dial-up access.  An alternative method of restricting
access is to provide for dial-up access at limited periods of time
of day.  During periods of dial-up access, particularly sensitive
files or applications would not be resident in the computer system
or secondary storage.  A partial degree of protection for dial-up
access systems is to maintain strict need-to-know availability of
the telephone numbers and log-in protocol for accessing the
computer system.  Most dial-up timesharing computer services have
similar access protocols; therefore, a unique, very different
initial access exchange of identifying information may be useful
to limit access.  The telephone numbers should be unlisted,
different in pattern of digits, and have different prefixes from
voice telephone numbers for the organizations that are publicly
listed.  Call back to verifying the source of telephone access is
also popular.

Strengths -> avoidance of exposure is a particularly strong means
of simplifying and reducing the problems of securing computer
systems.  Limiting or eliminating dial-up access significantly
reduces exposure.

Weakness -> an important objective for computers is to make them
easily and widely accessible.  Eliminating or limiting dial-up
significantly reduces this capability.

How to Audit -> access capabilities, review access logs

Purpose -> prevention

Control Area -> computer system

Mode -> hardware

Area of Responsibility -> operation

Cost -> high

Principles of Note -> least privilege, limit dependence on other


*=*=*            C.S.T. Volume One -- Phile Three           *=*=
*=*=*=*=*=*=*      Written By: The Line Breaker     *=*=*=*=*=*=

Control Title -> limit transaction privileges from terminal

Objective -> prevent loss or destruction of assets, prevent
unauthorized browsing of systems files, prevent "hacking", prevent
system crashes caused by unauthorized use of certain system

Description -> in addition to controlling resources (files,
off-line data storage volumes, etc.), the transactions that a
particular user is permitted to initiate are limited.  What the
system commands that a user can use or is informed of is
controlled by the user's job duties.  Thus, the system's level and
application command, such as reporting who is currently logged
into the system, are restricted on a need-to-know basis.  Logs may
be kept for all attempts to use an authorized system command; this
can be used to determine who needs training or perhaps
disciplinary action.

Strengths -> prevents users from performing unauthorized acts,
including examination of files names of other users and other
system-related commands.  Without these systems transactions,
compromise of the operating system and other such abuses are made
significantly harder to accomplish.  Because the system commands
are monitored and controlled by the computer, they can be
sustained and enforced.

Weaknesses -> may unduly restrict users' ability to perform their
jobs, especially if the users are programmers.  Undue restriction
may result in reduced productivity and increased levels of
frustration.  Determination of what commands should be restricted
may be involved and time consuming.

How to Audit -> examine system commands permitted for certain
groups of users for reasonableness. Review request for changes in
systems command privileges for authorization and need.  If
available, examine logs for unauthorized attempts to use systems
commands that certain users are not permitted to use.

Purpose -> prevention

Control Area -> computer system

Mode -> computer operating system, computer application system

Area of Responsibility -> operations management

Cost -> medium

Principles of Note -> simplicity, least privilege, independence of
control and subject, substantiality

Downloaded from P-80 Systems.....

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH