Browse Prior Art Database

Site Security Handbook (RFC1244)

IP.com Disclosure Number: IPCOM000002060D
Original Publication Date: 1991-Jul-01
Included in the Prior Art Database: 2019-Feb-11

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J.P. Holbrook: AUTHOR [+1]

Related Documents

10.17487/RFC1244: DOI

Abstract

This FYI RFC is a first attempt at providing Internet users guidance on how to deal with security issues in the Internet. This FYI RFC provides information for the Internet community. It does not specify an Internet standard. [FYI 8]

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 2% of the total text.

Network Working Group P. Holbrook Request for Comments: 1244 CICNet FYI: 8 J. Reynolds ISI Editors July 1991

Site Security Handbook

Status of this Memo

This handbook is the product of the Site Security Policy Handbook Working Group (SSPHWG), a combined effort of the Security Area and User Services Area of the Internet Engineering Task Force (IETF). This FYI RFC provides information for the Internet community. It does not specify an Internet standard. Distribution of this memo is unlimited.

Contributing Authors

The following are the authors of the Site Security Handbook. Without their dedication, this handbook would not have been possible.

Dave Curry (Purdue University), Sean Kirkpatrick (Unisys), Tom Longstaff (LLNL), Greg Hollingsworth (Johns Hopkins University), Jeffrey Carpenter (University of Pittsburgh), Barbara Fraser (CERT), Fred Ostapik (SRI NISC), Allen Sturtevant (LLNL), Dan Long (BBN), Jim Duncan (Pennsylvania State University), and Frank Byrum (DEC).

Editors’ Note

This FYI RFC is a first attempt at providing Internet users guidance on how to deal with security issues in the Internet. As such, this document is necessarily incomplete. There are some clear shortfalls; for example, this document focuses mostly on resources available in the United States. In the spirit of the Internet’s "Request for Comments" series of notes, we encourage feedback from users of this handbook. In particular, those who utilize this document to craft their own policies and procedures.

This handbook is meant to be a starting place for further research and should be viewed as a useful resource, but not the final authority. Different organizations and jurisdictions will have different resources and rules. Talk to your local organizations, consult an informed lawyer, or consult with local and national law enforcement. These groups can help fill in the gaps that this document cannot hope to cover.

Site Security Policy Handbook Working Group [Page 1]

RFC 1244 Site Security Handbook July 1991

Finally, we intend for this FYI RFC to grow and evolve. Please send comments and suggestions to: ssphwg@cert.sei.cmu.edu.

Table of Contents

1. Introduction..................................................... 3 1.1 Purpose of this Work............................................ 3 1.2 Audience........................................................ 3 1.3 Definitions..................................................... 4 1.4 Related Work.................................................... 4 1.5 Scope........................................................... 4 1.6 Why Do We Need Security Policies and Procedures?................ 5 1.7 Basic Approach.................................................. 7 1.8 Organization of this Document................................... 7 2. Establishing Official Site Policy on Computer Security........... 9 2.1 Brief Overview.................................................. 9 2.2 Risk Assessment...................................................

Processing...
Loading...