New Email Security Infrastructure. Martin Ferris. U.S. Treasury



Similar documents
Personal Data Security Breach Management Policy

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

CMS Eligibility Requirements Checklist for MSSP ACO Participation

Succession Planning & Leadership Development: Your Utility s Bridge to the Future

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT

FINANCE SCRUTINY SUB-COMMITTEE

Change Management Process

IN-HOUSE OR OUTSOURCED BILLING

Internal Audit Charter and operating standards

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

Software and Hardware Change Management Policy for CDes Computer Labs

An employer s Guide to engaging an occupational health physician

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

We will record and prepare documents based off the information presented

Equal Pay Audit 2014 Summary

SECTION J QUALITY ASSURANCE AND IMPROVEMENT PROGRAM

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

IFRS Discussion Group

Gravesham Borough Council

ENTERPRISE RISK MANAGEMENT ENTERPRISE RISK MANAGEMENT POLICY

GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN

Sources of Federal Government and Employee Information

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Army DCIPS Employee Self-Report of Accomplishments Overview Revised July 2012

Corporate Standards for data quality and the collation of data for external presentation

Systems Support - Extended

Symantec User Authentication Service Level Agreement

Disk Redundancy (RAID)

POSITION DESCRIPTION. Classification Higher Education Worker, Level 7. Responsible to. I.T Manager. The Position

Health and Safety Training and Supervision

How To Change The University'S Budget

Heythrop College Disciplinary Procedure for Support Staff

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC.

Key Steps for Organizations in Responding to Privacy Breaches

POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES

Draft for consultation

Professional Leaders/Specialists

FERRIS STATE UNIVERSITY SCHOOL of NURSING CODE of CONDUCT

CTF-ENDORSED NF CLINICS: PRINCIPLES OF OPERATION

CDC UNIFIED PROCESS PRACTICES GUIDE

LINCOLNSHIRE POLICE Policy Document

Business Plan

In this chapter, you will learn to use net present value analysis in cost and price analysis.

No change to K-3 poverty class size reduction vs No change to National Board Certification Bonuses vs

Purpose Statement. Objectives

Serving ELLs with Disabilities: Perspectives of Illinois Educators. Rita Brusca-Vega. Purdue University Calumet. Cristina Sanchez-Lopez

ACQUIRED RARE DISEASE DRUG THERAPY EXCEPTION PROCESS

Electronic and Information Resources Accessibility Compliance Plan

The Ohio Board of Regents Credit When It s Due process identifies students who

Colorado Health Benefit Exchange Board Advisory Group Selection Process, Timeline, Charters and Nominee Form

This document provides instructions on how to complete the Cheque Requisition Form.

FINANCIAL OPTIONS. 2. For non-insured patients, payment is due on the day of service.

Human Resources Policy pol-020

Marketing Consultancy Division (MCD) Export Consultancy Unit (ECU) Export in Focus. Export Market Expansion Strategies. Rabi-I, 1427 (April, 2006)

GENERAL MOTORS COMPANY AUDIT COMMITTEE CHARTER. Most Recently Amended: December 8, 2015

Risk Management Policy AGL Energy Limited

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES

Occupational Therapy Working Group: Service Delivery review and Fee Review

Cross Agency Priority Goal Quarterly Progress Update

MANITOBA SECURITIES COMMISSION STRATEGIC PLAN

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Maintain a balanced budget primarily the General & Park Funds

Audit Committee Charter

B Bard Video Games - Cnflict F interest

Within the program, students combine two or more areas of study into one interdisciplinary program. Current program options include:

Watlington and Chalgrove GP Practice - Patient Satisfaction Survey 2011

Appendix H. Annual Risk Assessment and Audit Plan 2013/14

Policy on Free and Open-source Software. Government Policy of Iceland

RE: Operational Standards for the Cancer Waiting Times Commitments

Cross Agency Priority Goal Quarterly Progress Update

This report provides Members with an update on of the financial performance of the Corporation s managed IS service contract with Agilisys Ltd.

SERVICE DESK TEAM LEADER

Represent New College Stamford at both national and regional events and serve on appropriate external committees.

Phi Kappa Sigma International Fraternity Insurance Billing Methodology

IT CHANGE MANAGEMENT POLICY

Implementing an electronic document and records management system using SharePoint 7

Pilot Learning Group. Round Table Action Learning Session 1: Models of partnership working

Transcription:

New Email Security Infrastructure Martin Ferris U.S. Treasury Abstract Given the need fr interrganizatinal electrnic mail systems, a security infrastructure will be needed t administrate such systems. Using the U.S. gvernment as a mde~ this paper examines plicies that establish the status qu infrastructure fr security and advcates plicy fr a new infrastructure. Intrductin What natinal plicy fr the purpse f securing Electrnic mail (Email) systems prcessing Natinal Security infrmatin best satisfies the bjectives f the Natinal Infrmatin Infrastructure (NII)? Althugh security plicy implementatin acrss the gvernment unflds thrugh a slwer, incremental prcess, the natinal plicy fr securing Executive Branch infrmatin systems cmes frm the White use (e.g. Executive Orders, Natinal Security Decisins, Office f Management and Budget Circulars). The plicy develpment mechanism fr systems that prcess natinal security infrmatin is the plitical by-prduct f the Natinal Security Telecmmunicatin and Infrmatin Systems Security Cmmittee (NSTISSC) which in NSD 42 is chartered by the Natinal Security Cuncil t develp, crdinate and prmulgate such plicy. The NSTISSC is supprted by subcmmittees and wrking grups cnsisting f Executive Branch departments. The Office f Management and Budget (OMB) prmulgates general systems security plicy fr the nn-natinal security Executive Branch departments. In bth cases, plicy is ultimately implemented n an agency-byagency basis. This analysis advcates a plicy that creates a new infrastructure fr prcessing interagency Email systems while using nn-natinal Security standards t prtect privacy within natinal security envirnments. The analysis als identifies differences between the security perspective and the cst and peratins perspectives. Next steps are suggested t imprve the successful acceptance and implementatin f the plicy. Backgrund The White use has created an Infrmatin Infrastructure Task Frce (IITF) t help frmulate plicies needed t accelerate the federal gvernment's implementatin f the NIL The IITF has agreed n the need fr federal emplyees t access a gvernment wide Email system and has cmmissined an Email Task Frce t recmmend gvernment-wide Email plicy directin. Electrnic mail is ne f the critical technlgies in the realizatin f the NIL Gvernment-wide Email is an underlying element f the Admlni~tratin's visin fr the NII and is an enabling technlgy t achieve many gals expressed in the administratin's Natinal Perfrmance Review (NPR) initiatives. The NPR views gvernment-wide Email as essential t implement President Clintn's cmmitment t " fundamentally altering and imprving the way the Federal gvernment buys gd and services, and thus ensuring that electrnic cmmerce is implemented fr apprpriate Federal purchases as quickly as pssible." There is a cncern that the IITF Email Task Frce's security plicy recmmendatins will be weak; serving nly as the lwer bundary fr 2

acceptable security. While a weak security plicy recmmendatin wuld ffer a quicker implementatin f electrnic cmmerce with less technical and administrative bstacles while, frm the perspective f thers, it will place at risk privacy and ther security-related cncerns that culd later require expensive security crrectins. Status qu infrastructure An infrastructure currently exists fr Federal Agencies t secure their sensitive infrmatin (Natinal Security r nn Natinal Security) cmmensurate with risks t the infrmatin. The infrastructure cnsists f bth administrative and technical parts. Administratively, it is left t a federal agency's discretin as t the level f security that they deem apprpriate. Each agency will cmply with natinal plicies fr managing risks (i.e. OMB Circular A-13, privacy laws, federal recrds management laws and plicies and NSTISSC issuances) thrugh the issuance f internal plicy directives and standard perating prcedures. As each agency assesses the risks t its wn peratins (e.g. cmprmise f classified infrmatin, financial fraud, unauthrized access t privacy infrmatin), the agencies decide whether security is necessary and, if s, hw much is apprpriate fr each situatin. The technical prtin f the infrastructure is realized thrugh the availability and implementatin f the technical standards (i.e. Federal Infrmatin Prcessing Standards, NSTISSC standards) fr the prtectin f the sensitive infrmatin. Systems security standards can be applied t achieve varying levels f assurance in the management f risks. igh levels f assurance wuld include the applicatin f encryptin fr strng cnfidentiality r authenticity (i.e. digital signatures) prtectin f sensitive infrmatin. igh levels f assurance typically require mre special technlgy that results in higher csts (i.e. technlgy csts and administrative csts). Bth high and lw assurances are required by the gvernment as varius agencies decide their risks and make security decisins. Analysis The technical and administrative infrastructure previusly stated is the Status Qu fr the US gvernment. As lng as infrmatin security issues are cnsidered internal agency issues, the status qu infrastructure is adequate. wever, the NII will challenge the gvernment's Status Ou infrastructure fr effectively managing risks t data privacy and integrity because the Status Ou des nt address interagency infrmatin systems and services (e.g. interagency Email systems). Within a gvernment-wide Email envirnment, the decisin whether security services are necessary and, if s, hw much and what kind is required, will nt always be at the discretin f an individual agency. Wh will chse which security standards t use? Wh will assure that the technlgy will be interperable? Wh will decide which recrds are fficial gvernment recrds? Wh will decide what level f security assurance is adequate fr the privacy prtectin requirements f different agencies? Wh will receive the interagency funding fr implementatin? Gvernment-wide Email demands that the gvernment, including the natinal security cmmunity, ask whether the existing infrastructure satisfactrily accmmdates interagency systems r whether plicy actin is required t either assist the existing infrastructure t change r require a new infrastructure? If a new infrastructure is decided as necessary, which US gvernment agency shuld be assigned respnsibilities t create and manage the new infrastructure? Under the Natinal Security Directive (NSD)42, the Directr Natinal Security Agency (NSA) serves as the Natinal Manager fr cmmunity infrmatin systems security issues. The Secretary f Defense is the Executive Agent fr implementing Natinal Security Directive 42. Currently, NSA and the Department f Defense (DOD) have undertaken technlgy initiatives (i.e. Defense Message System) that culd serve as the technical infrastructure fr the Natinal Security cmmunities and a practive mdel fr securing gvernment-wide Email. Since the NSTISSC has a charter t establish security plicy fr Natinal Security cmmunity and since Natinal Security envirnments prcess nn Natinal Security infrmatin als, an NSTISSC directin wuld assist the IITF by mre fully framing the brader security plicy recmmendatins. 21

The NSTISSC culd: 1. Issue Email security plicy t reslve the infrastructure issue fr thse systems that prcess Natinal Security infrmatin nly;, r 2. In additin t the abve, acknwledge that sme f the Natinal Security cmmunity's security requirements such as privacy and electrnic signature can be met by using nn-natinal Security (i.e. FIPS) standards. Analysis technique The abve prvides a basis fr chsing plicy alternatives fr cnsideratin by the SISS's Secure Email Wrking Grup. The alternatives shuld satisfy the bjective f an infrastructure that prvides the Natinal Security cmmunity with the necessary security services fr the full range f security and privacy needs; while supprting the quickest realizatin f the Nil at the lwest cst and with the least peratinal impact. The Criterin Analysis technique is chsen t identify the best security plicy alternative while cnsidering three ften cnflicting perspectives (i.e. peratins, security and OMB). The three perspectives are intended t assist in btaining a cnsensus in frmulating a secure Email plicy fr the Secure Email Wrking Grup. Plicy alternatives The fllwing are fur alternative plicy actins t be cnsidered. Their descriptins and ratinales, the criteria by which the plicy alternatives are evaluated, and their assessment scres are included. The assessment results are included as appendices. The assessment results are the prjectin f this paper's authr. ALTERNATIVE 1 - Status Qu: The current infrastructure des nt need t change. Advantages: The peratins and OMB perspectives wuld value this alternative. The OMB and peratins perspective may cnsider interagency prblems as matters that agencies can handle internally withut central gvernment interference. Disadvantages: The security perspective wuld see thi~ alternative as limiting the advancement f Emall since it des nt directly reslve interagency prblems. Frm a security perspective, this is nt practive in assuring availability f widest range f security services. ALTERNATIVE 2 - Status Ou plus Evaluatins: The infrastructure shuld remain the same but imprve the agency security decisin prcess by requiring agencies t evaluate their applicatin f security fr perfrmance and results vertime t determine intended results are achieved. Advantages: The OMB perspective wuld prefer thi.~ alternative since the it wuld facilitate a mre careful determinatin f the need fr additinal security assurances. Als, since the Gvernment Perfrmance and Results Act applies t the Natinal Security peratins, this alternative gives OMB a pilt pprtunity fr Natinal Security cmmunity implementatin. This alternative als wuld be favred by OMB and peratins because security decisins wuld be mre cautius abut implementatin f security and, cnsequently, budget expenditures fr security wuld be mre cnservative. Disadvantages: Althugh the evaluatins wuld be useful, the security perspective wuld be similar t Alternative 1 in that Alternative 2 is nt practive in assuring availability f the widest range f security services. ALTERNATIVE 3 - Infrastructure with Classified Only Fcus: The Natinal Manager is assigned respnsibility fr establishing a security infrastructure by 1997. The infrastructure wuld apply t electrnic message systems prcessing classified infrmatin nly. Advantages: This alternative establishes a new infrastructure mdel fr the gvernment as far as classified infrmatin is prcessed acrss agencies. Frm an 22

peratins and security perspective, this wuld prvide the mst flexible and wuld be mst respnsive t the widest range f classified security requirements. The fear f excessive cst and lss f cntrl by peratins may result in the lack f full supprt fr this alternative. Furthermre, this ptin will create faster implementatin f electrnic cmmerce fr Natinal Security envirnments (e.g. industrial security). Frm an OMB and peratins perspective, cstsavings shuld be attractive t OMB and peratins if the Natinal Security cmmunity can use DOD "s,,nk csts" in the Email infrastructure. Disadvantages: The time required fr the classified versins f Email security technlgy is lnger and the applicatin f Natinal Security standards t privacy and nn-repudiatin may be mre cmplicated than using nn-natinal Security standards. The use f Natinal Security standards wuld generate higher cst because f limited user ppulatin. ALTERNATIVE 4 - Infrastructure Fr Classified and Inclusive f nn-natinal Security standards: This ptin mdifies Alternative 3 by requiring NSA t use nn-natinal Security standards t achieve privacy bjectives. Advantages: This ptin establishes a cmprehensive new infrastructure mdel fr the gvernment t secure Email systems with the mst flexibility and respnsiveness t the widest range f classified and nn-natinal Security requirements. This ptin will facilitate the fastest implementatin f electrnic cmmerce, where high security assurances have been determined t be a requirement. Assumptins Agencies will cntinue t determine their wn privacy and ther applicatin security requirements. All necessary security technlgy is either currently available r available within tw years. Cryptgraphic service technlgy includes: all necessary cryptgraphic techniques fr cnfidentiality, integrity and, when cmbined with administrative prcedures, nn-repudiatin, and prtcls fr the negtiatin f the minimum security services. Fr Alternative 3, It is assumed that the Natinal Manager will accept assigned respnsibilities t prvide cryptgraphic service technlgy that can accmmdate Natinal Security standards nly. Fr Alternative 4, It is assumed that the DOD will accept assigned respnsibilities t prvide interagency classified Email system and serve as Email prvider f last resrt fr the Natinal Security cmmunity. Als, it is assumed that the Natinal Manager culd als be assigned respnsibilities t prvide cryptgraphic service technlgy that uses nn- Natinal Security standards fr the prtectin f privacy infrmatin. Criteria The fllwing is the criteria by which the Alternatives will be assessed alng with weights and ratinale fr each criterin: 1. Implement Electrnic cmmerce as quickly as pssible - Electrnic cmmerce is a majr plitical pririty f the Administratin and is given weight f 1. OMB types will want electrnic cmmerce implemented with less cntrls while security types will assume that a successful implementatin f electrnic cmmerce will be risk, withut the full range f security assurances made easily available. 2. Minimize peratinal pain - Technlgy is suppsed t make life easier. Security and evaluatins are extra wrk and tremendus resurces. This is imprtant fr pficy acceptance and quick implementatin. OMB wants electrnic cmmerce t be implemented quicy. This is given a weight f 9. 23

3. Ease f implementatin near term - Ease f implementatin will be quickly perceived by peratinal implementrs and is critical t acceptance f any plicy alternative by peratinal types. A weight f 8 is given fr security and peratins perspectives while a weight f 9 is given fr the OMB perspective. 4. Ease f implementatin lng term - Same as abve but fr the lng term a greater pprtunity t achieve acceptance f the plicy is pssible. A weight f 6 is given. 5. Flexibility fr additinal security - This is highly imprtant frm a security perspective. This is given a weight f 1. This is nt as imprtant t OMB r peratins perspectives where a weight f 8 is given. 6. Respnsive t widest privacy needs - This a majr administratin issue and is given a weight f 1. 7. Least cstly - This is imprtant t OMB but nt as imprtant t security r peratins. It is given a weight f 7 frm a security perspective while it is given a weight f 1 fr peratins and OMB perspectives. 8. Respnsive t agency budget - This is very imprtant frm a OMB perspective but nt as imprtant t security. This is given a weight f 7 fr security and peratins perspectives but frm an OMB perspective a weight f 9 is given. 9. Maximizes agency decisins - Since agency wnership f security issues is imprtant t the success f security as well as agency acceptance f a plicy, a weight f 7 is given. The OMB perspective wuld agree because this prvides best risk management decisins and assciated budget decisins. Operatins wuld value agency decisin wnership the mst f the three perspectives, where a weight f 1 is given. expected t receive strng supprt frm the OMB perspective. With thl.q understanding, the next steps wuld be t present the analysis t the Chair f the SISS with the fllwing recmmendatins; Validate reasnableness f Analysis (i.e. weights, alternatives) with the Secure Email Wrking Grups; Validate technical and plitical realities f all assumptins; Test the acceptability (e.g. SISS members, NSA, NIST, OMB) f having the Natinal Security cmmunity accepting nn-natinal Security standards fr privacy matters; Create a draft plicy based n Alternative 4 fr the Secure Emall Wrking Grup's review and cmment; Include the evaluatin requirement/ f Alternative 2 in the draft plicy since this has received strng supprt frm OMB and Operatinal perspectives; and Share the analysis with the IITF Email Task Frce fr cmment. Finally, assuming that Alternative 4 is accepted as the plicy fr securing Natinal Security Emall systems, the Natinal Manager needs t cnsider the pritizatin f the security services that wuld be ffered t best serve the users at the lwest cst. Cnclusins Frm a security perspective the analysis indicates that Alternative 4 wuld be the preferred plicy directin. Als, the analysis indicates Alternative 4 wuld be expected t receive strng supprt frm an peratins perspective. Alternative 4 is nt 24

D.1 O I/5 CO ~I ~D O i ~ el~ ~ I-I u~,4,-i,-i ~j ~ DA to to O ~ '~' r~ t OJ ~ ~O,,,-I i,-4 u~ e4 k4 ;U. ~J.I,-~.I 4 ~) r' 4 O E~ O ~ ~b ~ ~ -,4 ~I,'-4 -~ *,4 4J -,4 U ~ ~1 M O 4 4 -,.4 ~ -,~ O~ r..) Mi ~) ~) i,-.i ~),-4 13., ~ ~ -,'4,El -.4 -,4 -,4 ~i m O m NI -,'4 ~ ~,-4 25

I e~,~' ~D ~D ~D O O O ~, O I ~.!",. t ~. m t~ O O O ~--I, i-i i-4 I I ~. ~D ~,D I~ I ~ O O~ ~ e'l O 1-1 E~ U3 I ~ CO O~ O t'q t'q t~ O CO; i OO ',~ O O O ~O O '~ O~ CO e'~,~' O,-4 O ~ O'~ tc) ~ ~1 e,.4 O~ I-4 Z,-i u) O..I.a -,,4 'O G) G) m U 4-1 E~,~ ~.= =..~ I-I ~1 i O O r.l1 I~ ~i.,.4 -~ -,..4 -,-.I '13 O 1'4 ~1 ",-I "O -,"4 U G) O O G) O t~ q-~ q-i -,,-I IJ "~I El O O,~.,.4 r~ ~ r~ r~ > m :> ~ ~ D.~ -,-I KI a'j X Q) ~ ~l 26

L U'll I (n ~ go I O tn GO ~ ~ ~ U~ ~ ~ L~ U~ L~ ~D ~D CO ~ ~ O O ~i O O O O O O ~I O O O O O O O O~ O ~D r~ g,,=1 't ~ O~ t-i O"t = O't r~ t-i ~ 't ~ t-i ~-I O~ r ~,-I.Q -~I U~ 'O i @ ~ ~l ~-I -,-t -,-I -~I =: ~ n:l "O >, O.lU > O', -~ ~-I '.~=.,-I -~ 4~ ~ ~ -~ X. m n' - ~ 2?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information