Security Policy
advertisement
MADEIRA WP6 Deliverable Document Security Policy MAD-WP6-DD-0003-01 PROJECT CONFIDENTIAL Author(s) Julio Vivero (SGI) SGI Date: 8/30/2006 Pages: 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 Table of Contents Table of Contents .................................................................................................................. 2 Index of Tables ...................................................................................................................... 3 0 Document Information .................................................................................................... 4 0.1 Document History .................................................................................................... 4 0.2 Keywords ................................................................................................................ 4 0.3 Glossary and Abbreviations..................................................................................... 4 0.4 Purpose of the Document ........................................................................................ 4 0.5 Project Internal References ..................................................................................... 4 0.6 External References ................................................................................................ 5 0.7 Relationship to Other Documents ............................................................................ 5 0.8 Open Issues ............................................................................................................ 5 1 Executive Summary ....................................................................................................... 6 2 Scope ............................................................................................................................. 7 3 Policy ............................................................................................................................. 7 4 Enforcement ................................................................................................................... 8 5 References ..................................................................................................................... 9 6 Abbreviations ................................................................................................................10 Page 2 of 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 Index of Tables Table 1: Document History .................................................................................................... 4 Table 2 : Glossary and Abbreviations .................................................................................... 4 Table 3 : Project Internal References .................................................................................... 4 Table 4 : External References ............................................................................................... 5 Table 5 Open Issues ............................................................................................................. 5 Page 3 of 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 0 Document Information 0.1 Document History Issue 0.1 Date 30/08/2006 Comments Initial deliverable version Editor J. Vivero Table 1: Document History 0.2 Keywords MADEIRA, P2P, Network Management, Security Policy 0.3 Glossary and Abbreviations This glossary and abbreviations list only explains items proprietary to this document. All other items are explained in the Madeira Project Glossary [GLOSS]. Term Explanation Table 2: Glossary and Abbreviations 0.4 Purpose of the Document The purpose of this policy is to outline the acceptable use of computer equipment and services offered by Madeira. These rules are in place to protect the end-user and the Madeira system. Inappropriate use exposes to risks including virus attacks, compromise of network systems and services, and legal issues. 0.5 Project Internal References Short Code Document Reference Table 3: Project Internal References Page 4 of 10 MADEIRA Security Policy 0.6 PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 External References Short Code Document Reference Table 4: External References 0.7 Relationship to Other Documents 0.8 Open Issues - Number 1 Description Table 5: Open Issues Page 5 of 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 1 Executive Summary The Madeira system implements several mechanisms to protect end-users and OSSs from illegal or damaging actions by individuals, either knowingly or unknowingly. The services offered by Madeira to end-users and OSSs are to be used for the original intended purpose. Effective security is a team effort involving the participation and support of every user with information and/or information systems. It is the responsibility of every user to know these guidelines, and to conduct their activities accordingly. Page 6 of 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 2 Scope This policy applies to all users of the Madeira system, including end-users and operators. This policy applies to all equipment that is part of the Madeira network.. 3 Policy Users or applications must present authentication information before they exercise that username’s identity or privileges. Each peer must correctly provide the other with proof of its identity whenever a session is established. The other peer must verify the other’s proof before the session is allowed carry messages. No intermediary node, if any exist, should be able to intercept or access to the meaning of Madeira network related messages exchanged within the Madeira network. Keep identity information secure and do not share accounts. Authorized users are responsible for the security of their authentication information and accounts. The following actions represent unacceptable use of the Madeira system and services: Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, e-mail bombs, etc.). Revealing authentication information to others or allowing use of an account by others. Effecting security breaches or disruptions of network communication. Security breaches include, but are not limited to, accessing data of which the user is not an intended recipient or logging into a server or account that the user is not expressly authorized to access, unless these duties are within the scope of regular duties. For purposes of this section, "disruption" includes, but is not limited to, network sniffing, pinged floods, packet spoofing, denial of service, and forged routing information for malicious purposes. Port scanning or security scanning is expressly prohibited Executing any form of network monitoring which will intercept data not intended for the user’s host. Circumventing user authentication or security of any host, network or account. Interfering with or denying service to any user other than the user's host (for example, denial of service attack). Madeira reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy. Page 7 of 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 4 Enforcement Any user found to have violated this policy may be subject to disciplinary action, up to and including legal prosecution. Page 8 of 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 5 References Page 9 of 10 MADEIRA Security Policy PROJECT CONFIDENTIAL 8/30/2006 MAD-WP6-DD-0003-01 6 Abbreviations Page 10 of 10
