Computation can have constraints on users and data {security, computer} {computer security}.
A secure computing environment involves identifying a user at logon or when accessing services (authentication) and assigning privileges to directories and files to users or groups of users (authorization).
A security policy establishes administrative procedures for reacting to break-ins, backing up data, logging on, allowing user access, and setting appropriate security levels for hardware, software, application programs, and network services.
A security configuration for a computer involves the hardware, software, application programs, and network services and includes administrative procedures, physical security, installation, network access considerations, user training, and software security, such as user accounts, object permissions, auditing, and registry keys.
C2 Security Level
The National Computer Security Center (NCSC) of the United States performs software security evaluations for operating systems and publishes the results in a book entitled "Department of Defense Trusted Computer System Evaluation Criteria, " also known as the "Orange Book."
The C2 security level has the following main requirements:
The owner of a resource (such as a file or directory) must be able to control access to the resource.
The operating system must protect objects from unauthorized reuse by other processes. (As examples, freed memory contents cannot be read by another process, and data from deleted files cannot be accessed.)
To access the system, each user must enter a unique name and password. The system must be able to track all user activities using the unique identification.
System administrators must be able to audit security-related events, and access to audit data must be limited to authorized administrators.
The operating system must protect itself from external interference or tampering (As examples, modification of a running system or modification of disk files is prevented.)
The NCSC document "Introduction to Certification and Accreditation" discusses how to configure the physical and software computing environment. Certification is the use of the computer system in a specific environment. Accreditation is an evaluation of the certification plan by administrators.
Network Security
Network security evaluations are contained in the "Red Book" of the NCSC.
Network
Isolate the workstation from the network if possible. Preferably use a network entirely contained in a secure building. If network cables are in unsecured areas, use optical fiber cables to prevent wiretaps.
Internet
Do not connect the workstation to the Internet.
FTP
If the workstation is on the Internet, file transfer protocol (FTP) might be available. FTP allows public file access via anonymous log on. There is a user account for anonymous logons (GUEST by default) and a default home directory.
If FTP must be made available, create a user account specifically for FTP and require a password. Do not assign the account to any user groups. Do not allow the account the user right to "Logon on Locally."
As the home directory, assign a separate disk partition, with no secure files or directories.
Remove the NetBios Interface.
Security Administration
System administrators should follow specific rules for effective computer security:
Allow few users to have Administrator privileges. Always log out of the Administrator account when not using the workstation.
Set computer security to the minimum level required to protect resources to minimize setup, maintenance, and security evasions (such as password sharing).
Document backup and all other security procedures to create a security policy.
Always follow the procedures of the security policy.
Monitor security logs regularly and adjust security policies and settings as needed.
Use an up-to-date anti-virus and anti-Trojan Horse program.
Use security mailing lists to be aware of virus attacks.
Check software vendors for recent security fixes.
Always update software with the latest service pack.
Use the Backup utility to back up the registry, files, and directories regularly. Allow Backup privileges only to Administrators.
Set the security features of applications to work with computer security features.
Security administration for a workstation should include physical security, installation, network security, user training, and software security (such as user accounts, object permissions, auditing, and registry keys).
Physical Security
Physical security involves computer and cable location and locking, physical access to the CPU and removable media, power on and rebooting from floppy disk or network, testing of the CPU and peripherals, hard disk set up and maintenance, and surge protection.
Access
Protect the computer workstation from theft. Place the computer in a case that requires a key to open and store the key away from the computer. Attach the computer to a wall or desk with a locked cable. Allow access to the room only to authorized persons. Establish procedures for moving or repairing the computer.
Expose only the computer's keyboard, monitor, mouse, and printer to users. Prevent unauthorized users from touching the power or reset switches, the CPU, and the removable media drives by locking the case or locking the entire CPU in a ventilated enclosure. Access to drives can be limited by using a locked opening.
Booting
Use a workstation with a power-on password to prevent unauthorized personnel from starting another operating system. Set the power-on password using the vendor's instructions, typically by changing the computer's BIOS setup.
Remove the floppy disk drive or disable a floppy-based boot. Also, remove the network card if possible. Allow booting only from the fixed disk.
Edit the boot.ini file so that the boot time-out is 0 seconds, to prevent booting another operating system.
Lock the CPU to physically prevent another operating system from being loaded.
Testing
Test the processor using diagnostic integrity tests.
Test peripherals using the integrity tests of the product.
Hard Disk Maintenance
Make the entire hard disk one file system. Do not use the FAT file system, which has no security features.
Scan and defragment disks regularly to isolate bad sectors and maintain performance.
Surge Protection
Use a surge protector or power conditioner to protect the computer and its peripherals from power spikes.
Installation
Use a password at least nine characters long with some non-alphabetic characters in the first seven characters.
Create an Emergency Repair Disk (ERD) and lock the disk in a secure area (the ERD contains security information).
Set up a special location called the Alternate Data Location, recorded in the Registry.
For Network Protocol, select only TCP/IP.
Use a fixed IP address. Do not use DHCP.
Add the workstation only to a secure domain.
Do not install by disk duplication (which uses the xcopy command).
Do not install any other operating systems on the computer.
After installation, reboot Windows and log on as an Administrator.
Check the Installation Report.
User Training
User training involves use of passwords, proper log on, file protection for copies, data deletion at log off, necessary restarts, proper log off, and use of XXXX file checksums.
Passwords
Users should follow the password rules:
Memorize passwords (never write them down).
Use passwords longer than five characters.
Change passwords frequently.
Never reuse previous passwords.
Never use easily-guessed passwords or words in a dictionary.
Use a combination of letters and numbers.
Log On
Users should always press CTRL+ALT+DEL to log onto Windows, in order to obtain the secure Windows log-on screen. Other logon methods or dialogs risk use of a substitute log-on screen designed to collect account passwords.
File Copies
When a file is copied to a new directory, the file acquires the permissions of files in the new directory. The protections assigned to the document in the old directory are lost.
After copying a file to a new directory, users should set the protections on the file, or alternatively, first move the file to the new directory and then copy the file back to the original directory to reset the protections.
Data Deletion
Users should remove sensitive data from floppy disks or CD-ROM drives before logging off.
Restart
Users should restart the computer before using the tape drive.
Log Off
Users should log off or lock the workstation when not at the computer. Users should set the workstation to lock automatically if not used for a period of time. A 32-bit screen saver with the Password Protected option has this feature.
Checksums
All data files include a checksum value. Compare file checksums to determine if the file has been modified by any other application or any outside process.
Software Security
Software security involves user and group accounts, auditing, file and directory permissions, and registry key settings. Software security protects against accidental or deliberate changes to the data files, the operating system software, and the computer set up and security configuration.
Check the user accounts, security settings, trust relationships, network access points, and the registry regularly. Check for inconsistent permissions of users and objects, user accounts that should be disabled, and unauthorized network connections.
User and Group Accounts
Create users and user groups. Assign users to user groups.
Password and Account Lockout Policies
Set password and account lockout policies for user accounts.
Set the maximum password age to 42 days. Allow the password to change immediately. Set the minimum password length to six (or more). (Make sure that the Permit Blank Password box is not checked.) Set the password uniqueness so that no password history is kept.
Set account lockout to allow only three invalid logon attempts, to reset the count after 60 minutes, and to have a duration of 60 minutes.
User Rights and Auditing Policies
Give each user or user group user rights.
Grant privileges to objects and procedures.
File and Directory Permissions
Control access to files and directories.
Event Auditing
Select auditing options and Audit Policies.
Alerts
Set administrative alerts (electronic mail messages) to System Administrator if any attempt at unauthorized use or other security problem occurs.
Software {digital rights management} (DRM) can prevent copying files.
Applications {rootkit} at root-user level can hide program files, such as copy-protection programs.
Methods {row-level security} can control access to project data based on role assigned to a user by the administrator, because projects and roles are linked. The table privileges granted to a role are removed. A package has a function to make the predicate for the queries. Policies use the predicate-creating function on all statements (SELECT, INSERT, UPDATE, DELETE) on the project tables. Depending on the role assigned to the user and the projects paired with that role, users logging in will only see the protocols or experiments associated with the allowed projects.
Applications can request password, fingerprint, or electronic signature {challenge, computer} {computer challenge}, before allowing access to information or functions.
Users must enter username and/or password {electronic signature} before committing data to database. A field holds a unique code based on user ID and password. Electronic signatures include the user name, date, time, role of signer (review, approval, authorship, or ownership), and digital signature. Digital signatures are generated using biometrics or cryptography.
Saving files is the typical example of an event that requires an electronic signature. Creating an electronic signature displays the role to be applied and requires entry of the user name and password; if multiple signatures are required in one user session, later signatures require only a password. Electronic signatures are only assigned to verified individuals. Electronic signatures cannot be assigned to someone else. Persons with electronic signatures certify that their electronic signatures are to be legally equivalent to handwritten signatures.
Programs {auditing} can record who changed database data, when, and why, as shown in audit logs.
Users have identification and authentication information, plus information about what user can access {keychain}.
Users can have permission to execute specific functions {profile, computer}.
Users do not update system data {static data}, such as instrument locations, entered by administrator at system setup or upgrade.
People {user, computer} can access software or data, after authentication.
Users {root user} can control whole computer.
Users {administrator, computer} {computer administrator} can have access to whole system have privileges to add, remove, or edit all data and manage access control for other users.
Users can access only data in their datagroups {datagroup}.
Users have permission to execute specific functions {role, computer}. Roles control user access to application functions. Interfaces can display available commands and not display unavailable commands.
User groups {security group} can access data types in special ways: read/view, update, create, and/or delete.
Users, such as technicians, administrators, scientists, or guests {user group}, can have same privileges to access data and functions.
Outline of Knowledge Database Home Page
Description of Outline of Knowledge Database
Date Modified: 2022.0225