Definition of Government
Government security involves the process of keeping government technology systems secure to protect our information, information systems, and information operations from potential adversaries.
|
|
Government
|
|
Government Financial Architecture A Focus on Centralized Security and Continuity of Operations
To reverse trends of weak security in government technology systems, Congress now requires Federal agencies to better manage internal IT security. Financial operations are of specific interest, and this effort involved looking at the technical architecture supporting the financial activities of a large Federal agency undergoing the implementation of a new financial system. The information contained in this document was provided to the Chief Financial Officer (CFO) in response to concerns of compliance.
Read the Article
|
Computer Security Issues that Affect Federal, State, and Local Governments and the Code Red Worm
The first signs of the Code Red worm appeared on July 13, 2001. Code Red is a malicious program called a worm because it is self-propagating. When it compromises a computer, the worm uses that computer to begin looking for other vulnerable computers; it then propagates itself to those computers without any user action. Code Red took advantage of the fact that many computers on the Internet ran vulnerable versions of IIS.
Read the Article
|
Seeking Security: The New Paradigm for Government Agencies
This document serves as a roadmap by using the US Federal Government Agency IT community as an example of how to overcome bureaucratic inertia. This guide is divided into five comprehensive activities to be used by "Any-Agency" IT operations personnel to begin to eliminate the security vulnerabilities associated with IT assets. Finally, a process is outlined to begin to change the culture and mindset of many agencies and managers from territorial elitism to cooperative interoperability.
Read the Article
|
Implementation of a Secure Web Environment for a Government Agency
This paper details the decision making process and implementation of a secure, multi-site redundant web hosting environment for a large government agency. The security objectives are detailed and the implementation of both the logical and actual security models examined. The system in question has extremely high visibility, and though it does not harbor classified information there would be a potentially severe economic impact to the country in the event of a security breach.
Read the Article
|
Federal Intrusion Detection, Cyber Early Warning and the Federal Response
This paper evaluates Priority One of the National Strategy to Secure Cyberspace, entitled "Priority 1: A National Cyberspace Security Response System". This paper critically analyzes the technical model for FIDNet, its genesis within the Presidential Commission on Critical Infrastructure Protection (PCCIP) and its evolution through several attempts at a National Plan to protect the United States critical infrastructures.
Read the Article
|
What is the Federal Government Doing to Improve the State of Information Security?
Information security is crucial to protecting our economy and national infrastructure since most critical infrastructure sectors rely on data networks and computer systems. People often complain that the Government is slow in acting and reacting or joke about the $300 toilet seat or the $200 hammer. In some cases such charges appear to be valid. However, it seems that Uncle Sam sees a clear and present danger in cyber terrorism and cyber crime and is taking decisive action to improve the state of information security in the United States. The pieces to the overall plan include presidential directives and policies, legislative acts, executive agencies, special programs, and agreements with other nations. Some of the major themes are government-industry partnerships, cooperation with law enforcement abroad, Government sponsored research, developing a larger cadre of information technology professionals, empowering the individual, and protecting the right to privacy.
Read the Article
|
The Need for a REAL Defensive Information Operations Capability
The military includes both Offensive Information Operations and Defensive Information Operations; however, this paper is limited to discussions of the later. DIO in this paper is derived from the United States Department of Defense concept that includes those actions that protect our information, information systems, and information operations from potential adversaries. Areas examined include a traditional information security program, operations security, counterintelligence, counterpropaganda operations, electronic protection, and counter-deception.
Read the Article
|
FIPS 140 Evaluation - Microsoft
Federal Information Processing Standard 140-1 (FIPS 140-1) and its successor FIPS 140-2 are US Government standards that provide a benchmark for implementing cryptographic software. They specify best practices for implementing crypto algorithms, handling key material and data buffers, and working with the operating system. An evaluation process that is administered by National Institute of Standards and Technology's (NIST) Cryptographic Module Validation (CMV) Program (http://csrc.nist.gov/cryptval/) allows encryption product vendors to demonstrate the extent to which they comply with the standards, and thus the trustworthiness of their implementations.
Read the Article
|
Sensitive But Unclassified
As a matter of policy, employees and contractors that perform work for the federal government are frequently asked to protect "sensitive" information. Recent terrorist events have raised the level of concern for sensitive information. The search engines of the Internet make it possible for anyone to pull together information from many sources. What was once seen as simply unclassified information may now be described as sensitive.
Read the Article
|
Federal Systems Level Guidance for Securing Information Systems
A global explosion of Internet has taken place over the past several years, with this rapid increase of system deployment the information security community has witnessed a dramatic increase in the number of private, business and government networks being compromised. It is estimated that over 90 million computer systems are currently deployed worldwide.
Read the Article
|
|
|
Page: 1 2
Members currently browsing this category:
|
|
