security policies security policies for large
play

Security Policies Security Policies for Large Who is allowed to do - PDF document

Apr 24, 2023 •196 likes •245 views

Security Policies Security Policies for Large Who is allowed to do what when Systems And what happens if they do CS 239 something else Security for Networks and And whos responsible for making sure System Software thats

  1. Security Policies Security Policies for Large • Who is allowed to do what when Systems • And what happens if they do CS 239 something else Security for Networks and • And who’s responsible for making sure System Software that’s done, if needed May 7, 2002 • And what to do if something goes wrong Page 1 Page 2 CS 239, Spring 2002 CS 239, Spring 2002 What Should a Security Policy More Formally, Cover? • Who are the legitimate users? • A security policy is a written statement that describes an organization’s • What are the assets being protected? approach to securing its computer • Who has what responsibilities for assets security? • What is appropriate use of the system? • Useful for many purposes • What are the consequences of inappropriate use? Page 3 Page 4 CS 239, Spring 2002 CS 239, Spring 2002 Some Details on the Department Getting Down to Brass Tacks Facility • The UCLA Computer Science • Meant to support CS department needs Department doesn’t have a formal –Research security policy –Education • I think it should –Administration • What should it be? • No service provided to other departments Page 5 Page 6 CS 239, Spring 2002 CS 239, Spring 2002 1

  2. Types of Users Machines on the Network • Sun machines – 220 • Faculty and lecturers (58) • Intel-based PCs – 450 • Staff (26) • Macintoshes – 30 • Graduate students (343) • HP, SGI, Digital workstations – 21 • Guests (21) • PDAs – 50 • Nobody else should have access • Several printers –Except to web sites • Scanner Page 7 Page 8 CS 239, Spring 2002 CS 239, Spring 2002 Network Configuration Our Wireless Network Campus Backbone CISCO • 802.11 equipment 6509 • Covers essentially all of the 3d and 4 th Switch CISCO 2900 Switch floors of Boelter Hall – With a little “spill” elsewhere CISCO Pix 525 Firewall CISCO Pix 525 Firewall • Currently uses both static IP addresses and CISCO DHCP CISCO CISCO 6509 – DHCP use requires registered HW 6509 Switch 6513 address for wireless card Switch Switch Page 9 Page 10 CS 239, Spring 2002 CS 239, Spring 2002 What Kind of Data Do We Store? Our Staff • Lots of research data • Pete Follett • Some class-related data • Steve Sakamoto • A fair amount of administrative data • Peter Schultze –Much critical stuff in other systems • Charlie Fritzius –But things like the CS web site are • Often part-time student helpers under our control • I’m the faculty contact for the facility Page 11 Page 12 CS 239, Spring 2002 CS 239, Spring 2002 2

  3. What Are We Protecting? What Are Our Priorities? Page 13 Page 14 CS 239, Spring 2002 CS 239, Spring 2002 What Are the Users’ Security What Is Appropriate Use? Responsibilities? Page 15 Page 16 CS 239, Spring 2002 CS 239, Spring 2002 What Are the Consequences of A Special Question for Us Inappropriate Use? • What about the labs that run their own networks and systems? Page 17 Page 18 CS 239, Spring 2002 CS 239, Spring 2002 3

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Outline Security Principles and Policies Security terms and concepts CS 239 Security

Outline Security Principles and Policies Security terms and concepts CS 239 Security

Outline Security Principles and Policies Security terms and concepts CS 239 Security policies Computer Security Basic concepts Peter Reiher Security policies for real systems January 13, 2005 Lecture 2 Lecture 2 Page 1

347 views • 9 slides
Experiences on how to p contact with end-users (policies and ISO security (policies and ISO

Experiences on how to p contact with end-users (policies and ISO security (policies and ISO

Experiences on how to p contact with end-users (policies and ISO security (policies and ISO security standards at campuses) p ) Brian OHora, BSc (Hons) & MBA Technology Management Information Systems Services, TCD TERENA E2E

325 views • 15 slides
Security Summer 2016 Cornell University 1 Today Security policies Enforcement

Security Summer 2016 Cornell University 1 Today Security policies Enforcement

CS 4410 Operating Systems Security Summer 2016 Cornell University 1 Today Security policies Enforcement Authenticating people Passwords 2 Security policy Security policies prescribe what must be done and what must not be

431 views • 13 slides
Com puter Security - Part Three Last tim e Multilevel and multilateral security Threats

Com puter Security - Part Three Last tim e Multilevel and multilateral security Threats

Com puter Security - Part Three Last tim e Multilevel and multilateral security Threats Security policies Confidentiality Policies Policy The Bell-LaPadula Model Specification Integrity Policies The Biba

698 views • 49 slides
Security Principles, Policies, and Tools CS 236 On-Line MS Program Networks and Systems

Security Principles, Policies, and Tools CS 236 On-Line MS Program Networks and Systems

Security Principles, Policies, and Tools CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 2 Page 1 CS 236 Online Outline Security design principles Security policies Basic concepts Security

419 views • 12 slides
Security Policies CS461/ECE422 Computer Security I Fall 2009 -1 Overview Natural language

Security Policies CS461/ECE422 Computer Security I Fall 2009 -1 Overview Natural language

Security Policies CS461/ECE422 Computer Security I Fall 2009 -1 Overview Natural language policies Example policies Implementation policies High level Low level -2 Reading Material Computer Security,

764 views • 40 slides
Security Policies EGI OMB meeting 27 July 2017 David Kelsey (STFC/RAL) www.egi.eu EGI-Engage

Security Policies EGI OMB meeting 27 July 2017 David Kelsey (STFC/RAL) www.egi.eu EGI-Engage

Updated (VO) Community Security Policies EGI OMB meeting 27 July 2017 David Kelsey (STFC/RAL) www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number 654142 EGI security policies

319 views • 12 slides
Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian

Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies Sebastian Roth , Timothy Barron, Stefano Calzavara, Nick Nikiforakis & Ben Stock Network and Distributed System Security Symposium (NDSS '20) Cross-Site

878 views • 31 slides
More Enforceable Security Policies by Lujo Bauer, Jarred Ligatti and David W alker Presented by

More Enforceable Security Policies by Lujo Bauer, Jarred Ligatti and David W alker Presented by

More Enforceable Security Policies by Lujo Bauer, Jarred Ligatti and David W alker Presented by Khoo Yit Phang April 21, 2008 To Build Secure Systems... 1.What sort of security policies can and should w e demand of our system? 2.What mechanism

325 views • 15 slides
CS412 Software Security Security Policies Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Security Policies Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Security Policies Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security Security Policies A policy is a deliberate system of principles to guide decisions and achieve rational outcomes. A policy is a

532 views • 41 slides
ddurkee@connectingpoint.biz Security Policies Who has them? Do we need them? Wireless

ddurkee@connectingpoint.biz Security Policies Who has them? Do we need them? Wireless

Dan Durkee, Executive VP\Partner\Network Engineer Connecting Point Computer Center 303 S Third St, Bismarck, ND 58504 ddurkee@connectingpoint.biz Security Policies Who has them? Do we need them? Wireless Encryption Where have we

1.68k views • 56 slides
NUTRITION AND FOOD SECURITY POLICIES AND PROGRAMS OF PAKISTAN

NUTRITION AND FOOD SECURITY POLICIES AND PROGRAMS OF PAKISTAN

NUTRITION AND FOOD SECURITY POLICIES AND PROGRAMS OF PAKISTAN - VISION 2025 Dr. Mubarik Ali Member (Food Security and Climate Change) Planning

265 views • 10 slides
Integrating Flexible Support for Security Policies into the Linux Operating System

Integrating Flexible Support for Security Policies into the Linux Operating System

Integrating Flexible Support for Security Policies into the Linux Operating System http://www.nsa.gov/selinux Stephen D. Smalley sds@tycho.nsa.gov Information Assurance Research Group National Security Agency (Slight modifications by David

542 views • 19 slides
Monitoring Security Policies Felix Klaedtke NEC Labs Europe Story so far . . . Which

Monitoring Security Policies Felix Klaedtke NEC Labs Europe Story so far . . . Which

Monitoring Security Policies Felix Klaedtke NEC Labs Europe Story so far . . . Which policies are enforceable ? Characterization for an abstract setting Enforcement via execution monitoring system allowed

1.03k views • 73 slides
Update - Security Policies David Groep (Nikhef) EGI OMB 24 November 2016 www.egi.eu EGI-Engage

Update - Security Policies David Groep (Nikhef) EGI OMB 24 November 2016 www.egi.eu EGI-Engage

Update - Security Policies David Groep (Nikhef) EGI OMB 24 November 2016 www.egi.eu EGI-Engage is co-funded by the Horizon 2020 Framework Programme of the European Union under grant number 654142 Refreshing the security policy suite

399 views • 15 slides
An Ontology-based Approach to the Formalization of Information Security Policies Fernando Nufel

An Ontology-based Approach to the Formalization of Information Security Policies Fernando Nufel

An Ontology-based Approach to the Formalization of Information Security Policies An Ontology-based Approach to the Formalization of Information Security Policies Fernando Nufel do Amaral Carlos Bazlio Geiza Maria Hamazaki da Silva

878 views • 46 slides
Secrecy Security Policy CSE497b - Spring 2007 Introduction Computer and Network Security

Secrecy Security Policy CSE497b - Spring 2007 Introduction Computer and Network Security

Secrecy Security Policy CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Secrecy

389 views • 23 slides
Probable Security of Networks LI Angsheng Institute of Software Chinese Academy of Sciences

Probable Security of Networks LI Angsheng Institute of Software Chinese Academy of Sciences

Definitions Security model Mathematical principles Security theorems Probable Security of Networks LI Angsheng Institute of Software Chinese Academy of Sciences Joint work with Yicheng Pan, Wei Zhang Fragrant Hill Meeting 6th, Oct 2013

488 views • 36 slides
Review of External Security Models Michael McCool Intel Osaka, W3C Web of Things F2F, 17 May

Review of External Security Models Michael McCool Intel Osaka, W3C Web of Things F2F, 17 May

Review of External Security Models Michael McCool Intel Osaka, W3C Web of Things F2F, 17 May 2017 Purpose WoT charter: The scope of the Working Group is restricted to APIs and security frameworks that are applicable across platforms. We will

87 views • 8 slides
Expertise knowledge-based Policy Refinement Process T. Rochaeli and C. Eckert Technische

Expertise knowledge-based Policy Refinement Process T. Rochaeli and C. Eckert Technische

Expertise knowledge-based Policy Refinement Process T. Rochaeli and C. Eckert Technische Universitt Darmstadt 25.06.2007 POLICY '07, Bologna, Italy 1 Workflow and Kripke Model Workflow: computerized facilitation or automation of a

356 views • 13 slides
policies Security in Organizations 2011 Eric Verheul 1 Literature Main literature for this

policies Security in Organizations 2011 Eric Verheul 1 Literature Main literature for this

Information security policies Security in Organizations 2011 Eric Verheul 1 Literature Main literature for this lecture: 1. ISO 27001 and ISO 27002 2. Besluit voorschrift informatiebeveiliging rijksdienst 2007 (www.wetten.nl) 3.

680 views • 40 slides
T1M1: Management Plane Security Standard (T1.276) Presentation Contributors and Liaison

T1M1: Management Plane Security Standard (T1.276) Presentation Contributors and Liaison

T1M1/2003-039R3 July 9, 2003 T1M1: Management Plane Security Standard (T1.276) Presentation Contributors and Liaison Representatives: Mike Fargano - T1M1 Chair, michael.fargano@qwest.com Jim Stanco - T1M1 Vice Chair (previous),

412 views • 25 slides
Managing random generator seeds with SeedService Gianluca Petrillo University of

Managing random generator seeds with SeedService Gianluca Petrillo University of

Managing random generator seeds with SeedService Gianluca Petrillo University of Rochester/Fermilab LArSoft Coordinators Meeting, February 24 th , 2015 February 24 th , 2015 G. Petrillo (Rochester/FNAL) Managing random generator seeds with

425 views • 16 slides
k -variates++: Poster #29, Mon. 3-7pm more pluses in the k -means++ Richard Nock , Raphal

k -variates++: Poster #29, Mon. 3-7pm more pluses in the k -means++ Richard Nock , Raphal

(formerly NICTA) k -variates++: Poster #29, Mon. 3-7pm more pluses in the k -means++ Richard Nock , Raphal Canyasse, Roksana Boreli, Frank Nielsen DATA61 | ANU | TECHNION | ECOLE POLYTECHNIQUE | UNSW | SONY CS LABS, INC. www.data61.csiro.au In

288 views • 26 slides

More recommend