Rights Contact Login For More Details
More About This Title Engineering Information Security: The Applicationof Systems Engineering Concepts to Achieve Information Assurance
English
If you’re a professor and would like a copy of the solutions manual, please contact [email protected].
The material previously found on the CD can now be found on www.booksupport.wiley.com.
English
Stuart Jacobs is Principal Consultant for YCS Consulting LLC and a Lecturer at Boston University Metropolitan College. He serves as an Industry Security Subject Matter Expert for the Telecommunications Management and Operations Committee (TMOC) of the Alliance for the Telecommunications Industry Solutions (ATIS). Mr. Jacobs has also served as a technical editor of ATIS Joint Committee Technical Reports and ITU-T Recommendations.
English
1WHAT IS SECURITY? 1
1.1 Introduction 1
1.2 The Subject of Security 2
1.2.1 Branches of Security 2
1.2.2 Defining Security by Function 5
1.2.2.1 Risk Avoidance 5
1.2.2.2 Deterrence 5
1.2.2.3 Prevention 6
1.2.2.4 Detection 7
1.2.2.5 Recovery 7
1.2.3 The Common Body of Knowledge (CBK) Security Domains 7
1.2.3.1 Access Control Systems and Methodology 8
1.2.3.2 Application and Systems Development Security 9
1.2.3.3 Business Continuity Planning and Disaster Recovery Planning 10
1.2.3.4 Cryptography 10
1.2.3.5 Information Security and Risk Management 11
1.2.3.6 Legal, Regulations, Compliance, and Investigations 11
1.2.3.7 Operations Security 12
1.2.3.8 Physical Security 13
1.2.3.9 Security Architecture and Models 14
1.2.3.10 Telecommunications and Network Security 14
1.2.3.11 CBK Summary 15
1.3 A Twenty-First Century Tale 15
1.3.1 The Actors 15
1.3.1.1 Bob’s Story 15
1.3.1.2 Carol’s Story 16
1.3.1.3 Alice’s Story 17
1.3.2 What Actually Occurred 17
1.3.3 How Could All This Have Been Prevented? 19
1.3.4 They Did Not Live Happily Ever After 20
1.4 Why are You Important to Computer Security? 21
1.4.1 What are the Threats to Your Computer? 22
1.4.2 As a User, What to Do? 23
1.5 End of the Beginning 23
1.6 Chapter Summary 25
1.7 Further Reading and Resources 26
1.8 Questions 26
1.9 Exercises 27
2SYSTEMS ENGINEERING 29
2.1 So What Is Systems Engineering? 29
2.1.1 SIMILAR Systems Engineering Process 30
2.1.1.1 Stating the Problem 32
2.1.1.2 Investigate Alternatives and Model the System 33
2.1.1.3 Develop/Integrate 34
2.1.1.4 Launch the System 35
2.1.1.5 Assess Performance 36
2.1.1.6 Re-evaluate 36
2.1.2 Another Systems Engineering View 36
2.1.3 Process Variations 37
2.2 Process Management 37
2.2.1 ISO 9000 Processes and Procedures 39
2.2.2 Capability Maturity Model (CMM) 41
2.3 Organization Environments 44
2.3.1 Economic, Legal, and Political Contexts 44
2.3.1.1 Regulations/Legislation 45
2.3.1.2 Market-Based Regulations 47
2.3.1.3 Technology Evolution 48
2.3.1.4 Customer Demands and Expectations 49
2.3.1.5 Legal Liability 49
2.3.1.6 Competition 49
2.3.1.7 Terrorism and Cyber Crime 49
2.3.2 Business/Organizational Types 50
2.3.2.1 Commercial 51
2.3.2.2 Residential 51
2.3.2.3 Governments 52
2.3.2.4 Nongovernmental Organizations (NGOs) 54
2.3.3 National Critical Infrastructure 54
2.4 Chapter Summary 56
2.5 Further Reading and Resources 57
2.6 Questions 57
2.7 Exercises 58
3FOUNDATION CONCEPTS 59
3.1 Security Concepts and Goals 60
3.1.1 Subjects and Objects 61
3.1.2 What Is Trust? 61
3.1.3 Domains, Security, and Trust 62
3.1.4 Security Goals/Objectives 63
3.1.5 X.800 Security Services 65
3.1.5.1 Authentication 65
3.1.5.2 Access Control 66
3.1.5.3 Confidentiality 66
3.1.5.4 Data Integrity 66
3.1.5.5 Non-Repudiation 67
3.1.6 A Modern Definition of Security Services 67
3.1.6.1 Authentication 68
3.1.6.2 Authorization 68
3.1.6.3 Integrity 68
3.1.6.4 Availability 69
3.1.6.5 Accountability 71
3.1.6.6 Privacy as a Security Service 72
3.1.6.7 Service Mapping and Application of Services 72
3.2 Role of Cryptology in Information Security 79
3.2.1 Cryptographic Hash Algorithms 80
3.2.2 Encryption Algorithms 82
3.2.2.1 Symmetric Encryption 82
3.2.2.2 Asymmetric Encryption 87
3.2.2.3 Encryption Algorithm Performance 90
3.2.3 Cryptanalysis and Other Key Issues 95
3.2.3.1 Cryptanalysis 95
3.2.3.2 Key Randomness 98
3.2.3.3 Key Protection 100
3.2.4 Key Management 100
3.2.4.1 Diffie–Hellmann Key Distribution 102
3.2.5 Cryptographic Authentication 104
3.2.5.1 Challenge-Response Technique 105
3.2.5.2 Message Authentication Code Technique 108
3.2.5.3 Digital Signature Authentication Technique 110
3.3 Key Management Revisited 111
3.4 Chapter Summary 113
3.5 Further Reading and Resources 113
3.6 Questions 114
3.7 Exercises 117
4AUTHENTICATION OF SUBJECTS 119
4.1 Authentication Systems 119
4.1.1 Kerberos-Based Authentication 120
4.1.2 Public-Key Infrastructure 124
4.1.2.1 X.509 Digital Certificates 125
4.1.2.2 Certificate Authority Hierarchies 126
4.1.2.3 Certificate Generation Requests 133
4.1.2.4 PKI Component Deployment 136
4.1.2.5 Digital Certificate Revocation and
Status Verification 138
4.1.2.6 Certificate Verification 138
4.1.3 Remote Authentication Dial-in User Service 141
4.1.4 Diameter 145
4.1.5 Secure Electronic Transactions (SET) 146
4.1.6 Authentication Systems Summary 150
4.2 Human Authentication 150
4.2.1 What the Subject Has Factor 151
4.2.2 What the Subject Knows Factor 151
4.2.3 What the Subject Is Factor 153
4.2.4 Where the Subject Is Factor 153
4.2.5 Combinations of Factors 153
4.2.6 Example Detailed Security Requirements for Identification and Authentication 154
4.2.7 Proxies for Humans 156
4.2.7.1 Operating Systems 156
4.2.7.2 User Agents 157
4.2.7.3 Single Sign-On (SSO) 157
4.2.7.4 Identity Management (IdM) 159
4.3 Chapter Summary 163
4.4 Further Reading and Resources 163
4.5 Questions 164
4.6 Exercises 166
5SECURITY SYSTEMS ENGINEERING 167
5.1 Security Policy Development 168
5.2 Senior Management Oversight and Involvement 168
5.3 Security Process Management and Standards 168
5.3.1 ISO 27002 170
5.3.1.1 Establishing Organizational Security Policy (Section 5) 170
5.3.1.2 Organizational Security Infrastructure (Section 6) 171
5.3.1.3 Asset Classification and Control (Section 7) 173
5.3.1.4 Personnel Security (Section 8) 174
5.3.1.5 Physical and Environmental Security (Section 9) 176
5.3.1.6 Communications and Operations Management (Section 10) 177
5.3.1.7 Access Controls (Section 11) 178
5.3.1.8 Information Systems Acquisition, Development, and Maintenance (Section 12) 179
5.3.1.9 Information Security Incident Management (Section 13) 180
5.3.1.10 Business Continuity Management (Section 14) 181
5.3.1.11 Compliance (Section 15) 181
5.3.1.12 ISO 27002 Summary 183
5.3.2 ISO 27001 183
5.3.3 An Enterprise Security Policy Example 185
5.4 Information Security Systems Engineering Methodology 185
5.4.1 Existing Asset Inventory and Classification 187
5.4.1.1 Physical Assets 187
5.4.1.2 Logical Assets 188
5.4.1.3 Conceptual Assets 188
5.4.2 Vulnerabilities, Threats, and Risk 189
5.4.2.1 Asset Vulnerabilities 190
5.4.2.2 Organization Threat Profile(s) 200
5.4.3 Risk Management 210
5.4.3.1 Risk Mitigation 211
5.4.3.2 Risk Assignment 218
5.5 Requirements Analysis and Decomposition 218
5.6 Access Control Concepts 221
5.6.1 Subjects, Objects, and Access Operations 222
5.6.2 Access Control Structures 223
5.6.3 Access Control Lists 223
5.6.4 Capability Lists 224
5.6.5 Administrative Tasks in Access Control Methods 225
5.6.5.1 Groups and Permissions 225
5.6.5.2 Protection Rings 226
5.6.6 Role-Based Access Control (RBAC) 227
5.7 Security Modeling and Security-Related Standards 228
5.7.1 Confidentiality Policies and Integrity Policies 228
5.7.2 Bell–LaPadula Model 230
5.7.3 Harrison–Ruzzo–Ullman Extensions to BLP 231
5.7.4 Chinese Wall Model 231
5.7.5 Biba Model 232
5.7.6 Clark–Wilson Model 232
5.7.7 Security Model Summary 235
5.7.8 Security Standards 235
5.7.8.1 Public-Key Cryptography Standards 236
5.7.8.2 Third-Generation Partnership Project 236
5.7.8.3 Third-Generation Partnership Project 2 238
5.7.8.4 Alliance for Telecommunications Industry Solutions 238
5.7.8.5 Cable Television Laboratories, Inc. 239
5.7.8.6 European Telecommunications Standards Institute 239
5.7.8.7 International Organization for Standardization 239
5.7.8.8 ITU Telecommunication Standardization Sector 239
5.7.8.9 Internet Engineering Task Force 240
5.7.8.10 Object Management Group 240
5.7.8.11 Organization for the Advancement of Structured Information Standards 241
5.7.8.12 Parlay Group 241
5.7.8.13 TeleManagement Forum 241
5.7.8.14 World Wide Web Consortium 241
5.8 Chapter Summary 242
5.9 Questions 243
5.10 Exercises 246
6TRADITIONAL NETWORK CONCEPTS 249
6.1 Networking Architectures 249
6.1.1 OSI Network Model 250
6.1.2 Internet Network Model 252
6.2 Types of Networks 254
6.2.1 Local Area Network (LAN) 255
6.2.2 Wireless LAN (WLAN) 256
6.2.3 Metropolitan Area Networks (MAN) 256
6.2.4 Wide Area Networks (WAN) 257
6.2.5 The Internet 259
6.3 Network Protocols 259
6.3.1 Layer 1—Physical 260
6.3.2 Layer 2—Data Link Protocols 260
6.3.2.1 Ethernet 261
6.3.2.2 Virtual Ethernets 262
6.3.2.3 Wireless Networking 264
6.3.2.4 MultiProtocol Label Switching 265
6.3.2.5 Asynchronous Transfer Mode and Frame Relay 267
6.3.2.6 Digital Subscriber Lines 268
6.3.2.7 Optical Networking 269
6.3.2.8 Security in Data Link Layer Protocols 273
6.3.3 Layer 3—Internetworking Layer Protocols 276
6.3.3.1 Address Resolution Protocol 277
6.3.3.2 IP Version 4 278
6.3.3.3 Internet Control Management Protocol 283
6.3.3.4 IPv4 Fragmentation and Related Attacks 285
6.3.3.5 IP Version 6 287
6.3.3.6 Security in Internetworking Layer Protocols 290
6.3.3.7 Example Detailed Security Requirements for Layer 3 292
6.3.4 Layer 4—Transport 292
6.3.4.1 Transmission Control Protocol 292
6.3.4.2 User Datagram Protocol 294
6.3.4.3 Stream Control Transmission Protocol 297
6.3.4.4 Open Shortest Path First 298
6.3.4.5 Security in Transport Layer Protocols 300
6.3.4.6 Example Detailed Security Requirements for Layer 4 302
6.3.5 Layer 5—User Application Protocols 302
6.3.5.1 Initial Internet User Application Protocols 303
6.3.5.2 HyperText Transfer Protocol 303
6.3.5.3 X Windows 305
6.3.5.4 eXtensible Markup Language 305
6.3.5.5 Security in User Application Protocols 308
6.3.5.6 Example Detailed Security Requirements for Layer 5 User Application Protocols 308
6.3.6 Layer 5—Signaling and Control Application Protocols 310
6.3.6.1 MPLS Signaling Protocols 310
6.3.6.2 Border Gateway Protocol 312
6.3.6.3 Mobile IP Routing 312
6.3.6.4 Dynamic Host Configuration Protocol 316
6.3.6.5 Network Time Protocols 318
6.3.6.6 Domain Name System 319
6.3.6.7 Lightweight Directory Access Protocol 320
6.3.6.8 Active Directory 321
6.3.6.9 Security in Signaling and Control Application Protocols 323
6.3.6.10 Example Detailed Security Requirements for Layer 5
Signaling and Control Application Protocols 323
6.3.7 Layer 5—Management Application Protocols 323
6.3.7.1 Simple Network Management Protocol 327
6.3.7.2 Customer Premise Equipment WAN Management Protocol 329
6.3.7.3 Remote Monitoring 329
6.3.7.4 Security in Management Application Protocols 329
6.3.7.5 Example Detailed Security Requirements for Layer 5 Management Application Protocols 331
6.4 Chapter Summary 332
6.5 Further Reading and Resources 332
6.6 Questions 332
6.7 Exercises 334
7 NEXT-GENERATION NETWORKS 335
7.1 Framework and Topology of the NGN 336
7.1.1 Functional Entities and Groups 336
7.1.2 Domains 337
7.1.2.1 Customer Domain 338
7.1.2.2 SP Access Domain 338
7.1.2.3 SP Core/Services Domain 338
7.1.3 Interfaces 338
7.1.4 Protocol Layers, Functional Planes, and Interfaces 340
7.2 The NGN Functional Reference Model 343
7.2.1 Strata 344
7.2.2 Management Functional Group 344
7.2.3 Application Functional Group 345
7.2.4 The Transport Stratum 345
7.2.5 The Service Stratum 348
7.2.6 The Service Stratum and the IP Multimedia Subsystem (IMS) 349
7.3 Relationship between NGN Transport and Service Domains 351
7.4 Enterprise Role Model 353
7.5 Security Allocation within the NGN Transport Stratum Example 356
7.6 Converged Network Management (TMN and eTOM) 357
7.7 General Network Security Architectures 364
7.7.1 The ITU-T X.800 Generic Architecture 365
7.7.2 The Security Frameworks (X.810-X.816) 366
7.7.3 The ITU-T X.805 Approach to Security 366
7.8 Chapter Summary 368
7.9 Further Reading and Resources 368
7.10 Exercises 370
8GENERAL COMPUTER SECURITY ARCHITECTURE 371
8.1 The Hardware Protects the Software 372
8.1.1 Processor States and Status 373
8.1.1.1 Protection on the Motorola 68000 373
8.1.1.2 Protection on the Intel 80386/80486 374
8.1.2 Memory Management 374
8.1.2.1 Fence 375
8.1.2.2 Relocation 375
8.1.2.3 Base/Bounds Registers 376
8.1.2.4 Segmentation 378
8.1.2.5 Paging 380
8.1.2.6 Combining Segmentation and Paging (Virtual Memory) 381
8.1.3 Interruption of Processor Activity 382
8.1.4 Hardware Encryption 383
8.1.4.1 Hardware Security Modules 383
8.1.4.2 Hardware Acceleration Cards 384
8.1.4.3 Hardware Acceleration USB Devices 385
8.1.4.4 Smartcards 385
8.2 The Software Protects Information 386
8.3 Element Security Architecture Description 388
8.3.1 The Kernel 391
8.3.2 Security Contexts 392
8.3.3 Security-Critical Functions 394
8.3.3.1 Security Policy Decision Function (SPDF) 394
8.3.3.2 Authentication Function 395
8.3.3.3 Audit Function 395
8.3.3.4 Process Scheduling Function 396
8.3.3.5 Device Management Functions and Device Controllers 396
8.3.4 Security-Related Functions 397
8.4 Operating System (OS) Structure 397
8.4.1 Security Management Function 399
8.4.2 Networking Subsystem Function 399
8.5 Security Mechanisms for Deployed Operating Systems (OSs) 399
8.5.1 General Purpose (GP) OSs 400
8.5.1.1 Hardware Mechanisms for GP OS Usage 400
8.5.1.2 Software Functional Entities for General Purpose (GP) OS Contexts 400
8.5.2 Minimized General Purpose Operating Systems 402
8.5.2.1 Hardware Mechanisms for Minimized GP OS Usage 413
8.5.2.2 Software Mechanisms for Minimized GP OS Usage 413
8.5.3 Embedded (“Real-Time”) Operating Systems 413
8.5.3.1 Hardware Mechanisms for Embedded OS Usage 413
8.5.3.2 Software Mechanisms for Embedded OS Usage 415
8.5.4 Basic Input–Output Systems (BIOS) 415
8.5.4.1 Hardware Mechanisms for BIOS Usage 415
8.5.4.2 Software Mechanisms for BIOS Usage 421
8.6 Chapter Summary 421
8.7 Further Reading and Resources 425
8.8 Questions 425
8.9 Exercises 426
9COMPUTER SOFTWARE SECURITY 427
9.1 Specific Operating Systems (OSs) 427
9.1.1 Unix and Linux Security 428
9.1.1.1 Login and User Accounts 428
9.1.1.2 Group Accounts 429
9.1.1.3 Set User ID (setuid) and Set Group ID (setgid) 429
9.1.1.4 Access Control 430
9.1.1.5 Audit Logs and Intrusion Detection 433
9.1.1.6 TCP Wrappers 435
9.1.2 Solaris Operating System and Role-Based Access Controls 436
9.1.3 Windows OSs 438
9.1.3.1 Users and Groups 438
9.1.3.2 Access Control Model 439
9.1.3.3 Access Tokens 440
9.1.3.4 Access Control Lists 440
9.1.3.5 Access Control Entries 441
9.1.3.6 Access Rights and Access Masks 442
9.1.3.7 Security Identifiers 443
9.1.3.8 The Registry 444
9.1.3.9 Domains and Trust Relationships 446
9.1.3.10 Active Directory 448
9.1.3.11 More on Trust Relationships 451
9.1.3.12 Identification and Authentication 454
9.1.3.13 Windows Server 2003—Role-Based Access Control (RBAC ) 454
9.1.4 Embedded OSs 457
9.2 Applications 459
9.2.1 Application Security Issues 460
9.2.1.1 Buffer Overflows 460
9.2.1.2 Exception Handling, Bounds Checking, and Shared Libraries 461
9.2.2 Malicious Software (Malware) 462
9.2.2.1 Viruses 463
9.2.2.2 Worms 464
9.2.2.3 Trojan Horses, Rootkits, and Backdoors 466
9.2.2.4 Spyware and Botnets 469
9.2.2.5 Linux, Unix and Mac OS X Malware 470
9.2.3 Anti-malware Applications 470
9.2.3.1 Malware and Spyware Scanners 471
9.2.3.2 Host-Based Firewalls 472
9.2.3.3 Modification Scanners 472
9.2.3.4 Host-Based Intrusion Detection 473
9.3 Example Detailed Security Requirements for Specific Operating Systems and Applications 474
9.4 Chapter Summary 476
9.5 Further Reading and Resources 477
9.6 Questions 477
9.7 Exercises 478
10SECURITYSYSTEMS DESIGN—DESIGNINGNETWORKSECURITY 479
10.1 Introduction 479
10.2 Security Design for Protocol Layer 1 482
10.2.1 Wired and Optical Media 482
10.2.1.1 Link-Bulk Encryption 482
10.2.1.2 Dial-back Modems 484
10.2.2 Wireless Media 484
10.2.2.1 Fast Frequency Hopping 485
10.3 Layer 2—Data Link Security Mechanisms 485
10.3.1 IEEE 802.1x 486
10.3.2 IEEE 802.1ae 488
10.3.3 IEEE 802.11 WPA and 802.11i 490
10.3.4 Example Detailed Security Requirements for Layer 2 Protocols 492
10.4 Security Design for Protocol Layer 3 493
10.4.1 IP Security (IPsec) 493
10.4.1.1 IPsec Architecture 494
10.4.1.2 IPsec Key Management and Key Exchange 500
10.4.1.3 IKE Operation 500
10.4.1.4 IPsec Security Associations (SAs) 505
10.4.1.5 Combining Security Associations 505
10.4.1.6 IPsec Authentication Header (AH) Transform 507
10.4.1.7 The IPsec Encapsulating Security Payload (ESP) Transform 508
10.4.1.8 The Various ESP Transforms 509
10.4.1.9 IPsec Processing 510
10.4.1.10 IPsec Policy Management 510
10.4.1.11 IPsec and Network Address Translation 514
10.4.1.12 Example Detailed Security Requirements for IPsec 518
10.4.1.13 IPsec Implementation Availability 520
10.4.1.14 IPsec and Fault-Tolerant Network Designs 521
10.4.1.15 IPsec and PKI 522
10.4.1.16 IPsec Summary and Observations 522
10.5 IP Packet Authorization and Access Control 525
10.5.1 Network and Host Packet-Filtering 525
10.5.2 The De-militarized Zone 530
10.5.3 Application-Level Gateways 532
10.5.4 Deep-Packet Inspection (DPI) 534
10.5.5 Example Detailed Security Requirements for Packet-Filtering 537
10.6 Chapter Summary 538
10.7 Further Reading and Resources 538
10.8 Questions 539
10.9 Exercises 541
11TRANSPORT AND APPLICATION SECURITY DESIGN AND USE 543
11.1 Layer 4—Transport Security Protocols 543
11.1.1 TLS, DTLS, and SSL 544
11.1.1.1 TLS Session Establishment 546
11.1.1.2 TLS Operational Activities 549
11.1.1.3 TLS and SSL Security Items 549
11.1.2 Secure Shell (SSH) 551
11.1.3 Comparison of SSL, TLS, DTLS, and IPsec 551
11.1.4 Example Detailed Security Requirements for TLS, SSL, and DTLS 552
11.2 Layer 5—User Service Application Protocols 553
11.2.1 Email 554
11.2.1.1 Pretty Good Privacy (PGP) 554
11.2.1.2 Secure/Multipurpose Internet Mail Extensions (S/MIME) 556
11.2.1.3 S/MIME and OpenPGP Differences 558
11.2.2 World Wide Web (Web) and Identity Management 558
11.2.2.1 eXtensible Markup Language Security (XML) 560
11.2.2.2 Service-Oriented Architecture (SOA) 561
11.2.2.3 Web Services 563
11.2.2.4 SOAP 564
11.2.2.5 Security Assertion Markup Language (SAML) 564
11.2.3 Voice over Internet Protocol (VoIP) 566
11.2.3.1 VoIP Signaling Security 569
11.2.3.2 Real-Time Protocol 570
11.2.3.3 VoIP Media Security 572
11.2.3.4 VoIP Session Boarder Control 573
11.2.3.5 VoIP Device Security 573
11.2.3.6 Example Detailed Security Requirements for VoIP 573
11.2.4 DNS Security Extensions 576
11.2.5 Instant Messaging and Chat 578
11.2.6 Peer-to-Peer Applications 587
11.2.7 Ad hoc Networks 588
11.2.8 Java 590
11.2.8.1 Basic Concepts 591
11.2.8.2 Java 2 Cryptographic Architecture 592
11.2.9 .NET 594
11.2.9.1 Role-Based Security 594
11.2.9.2 Web Application Security 594
11.2.9.3 Evidence-Based Security 594
11.2.9.4 Cryptography Available in .Net 595
11.2.10 Common Object Request Broker Architecture (CORBA) 595
11.2.11 Distributed Computing Environment 597
11.2.12 Dynamic Host Configuration Protocol Security 601
11.3 Chapter Summary 603
11.4 Further Reading and Resources 603
11.5 Questions 604
11.6 Exercises 605
12SECURING MANAGEMENT AND MANAGING SECURITY 607
12.1 Securing Management Applications 607
12.1.1 Management Roots 607
12.1.2 The Telecommunications Management Network 608
12.1.2.1 Telecommunications Management Network Structure 609
12.1.2.2 Element, Network Management Systems, and Operations Systems 610
12.1.3 TMN Security 614
12.1.4 Management of Security Mechanisms 616
12.1.4.1 EMS Security Needs 617
12.1.4.2 NMS Security Additions 618
12.1.4.3 Selected OS/EMS Security Services 618
12.1.5 A Security Management Framework 619
12.1.6 Example Detailed Security Requirements for Management Applications 621
12.2 Operation, Administration, Maintenance, and Decommissioning 625
12.2.1 Operational Security Mechanisms 625
12.2.1.1 Separation of Duties and Roles 625
12.2.1.2 Operational Guidelines, Procedures 627
12.2.1.3 Independent Auditing and Review 628
12.2.1.4 Human Resources and Legal Aspects 629
12.2.1.5 Accountability 629
12.2.1.6 Documentation 629
12.2.1.7 Acceptance Testing, Field Testing, and Operational Readiness 630
12.2.2 Operations Security 631
12.2.2.1 Third-Party Access 631
12.2.2.2 Security Event Response and Forensics 632
12.2.2.3 Senior Security Management Mechanisms 633
12.2.2.4 Operational Reviews 634
12.2.2.5 Accreditation and Certification 634
12.2.2.6 Life-cycle Review 637
12.2.2.7 Withdrawal from Service 638
12.2.3 Operations Compliance 641
12.2.3.1 Example Security Tools 643
12.2.3.2 Penetration Testing 645
12.3 Systems Implementation or Procurement 647
12.3.1 Development 648
12.3.1.1 CMMI and IOS-9001 Processes 648
12.3.1.2 Coding 648
12.3.1.3 Testing 649
12.3.2 Procurement 649
12.3.2.1 Requests for Information/Proposals (RFIs/RFPs) 649
12.3.2.2 Standards Compliance 655
12.3.2.3 Acceptance Testing and Review 655
12.4 Chapter Summary 657
12.5 Further Reading and Resources 657
12.6 Questions 657
12.7 Exercises 659
Appendix A: State Privacy Laws as of 2010 on CD
Appendix B: Example Company Security Policy on CD
Appendix C: Example Generic Security Requirements on CD
Appendix D: Significant Standards and Recommendations Related to Networking and Security on CD
Appendix E: Detailed Security Requirements on CD
Appendix F: RFP Security Analysis of ABC Proposal on CD
Appendix G: Security Statement of Work on CD
About the Author 661
Index 663
