Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls S/MIME Working Group Meeting December 13, 2000.

Slides:



Advertisements
Similar presentations
2 3 Global Foundation Services Security Global Delivery Sustainability Infrastructure.
Advertisements

The ]po[ Workflow Introduction Frank Bergmann, This guide contains ]po[ workflow overview information for developers with experience with PostgreSQL.
The Build-up of the Red Sequence at z
ISA 562 Information System Security
MS-Excel XP Lesson 5. Exponentiation 1.A1  2 A2  3 A3  =A1^A2 B1  =2^4 2.^ for exponentiation.
Chapter 9: Access Control Lists
Chapter 4: Security Policy Documents & Organizational Security Policies.
What’s Next What We believe Who We Are Cloud Computing Big data Mobility Social Enterprise.
Security and Integrity
National Institute of Standards and Technology 1 NIST Guidance and Standards on System Level Information Security Management Dr. Alicia Clay Deputy Chief.
How computers answer questions An introduction to machine learning Peter Barnum August 7, 2008.
Mobile Testing Applications Confidential & Proprietary.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
Security Policies University of Sunderland CSEM02 Harry R. Erwin, PhD.
Joseph Kummer Terri Berry Brad White.  1. Specific instances of employee hacking and the consequences which resulted therefrom.  2. How employees utilize.
© Huron Consulting Group. All rights reserved. BOSTON CHARLOTTE CHICAGO HOUSTON NEW YORK SAN FRANCISCO Experience. Redefined. Grants Research Forum FSU/FAMU.
By: Jessica Gonzalez Eli Tizcareño SUSTAINABILITY POLICY: 20% REAL FOOD.
Security+ All-In-One Edition Chapter 19 – Privilege Management Brian E. Brzezicki.
Attorney-Client Privilege Issues
Michael Myers VeriSign, Inc.
Group E Productions Presents Group E Productions Presents.
SNMPv3 1.DESIGN REQUIREMENTS 2.BIRTH & FEATURES of SNMPv3 3.ARCHITECTURE 4.SECURE COMMUNICATION - USER SECURITY MODEL (USM) 5. ACCESS CONTROL - VIEW BASED.
Databases (2) Lesson Objective: Understand the purpose of DBMS. Understand data types, queries, forms and reports. Learning Outcome: Make a data table.
AT&T Privacy Bird Screen Shots For more information see
EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.
Unit 7 Seminar.  According to Sanderson (2009), the problems with the current paper-based health record system have been well documented. The author.
Csci5233 Computer Security & Integrity 1 Overview of Security & Java (based on GS: Ch. 1)
1 PARCC Data Privacy & Security Policy December 2013.
 In computer programming, a loop is a sequence of instruction s that is continually repeated until a certain condition is reached.  PHP Loops :  In.
Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
Computer Security: Principles and Practice
S/MIME Capabilities Certificate Extension Stefan Santesson Microsoft.
S/MIME Working Group Status Russ Housley November 2002 PLEASE SIGN THE BLUE SHEET.
CITY OF PHOENIX RECORDS MANAGEMENT AND E-PRIVACY Margie Pleggenkuhle City Clerk Department March 18, 2004.
Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.
Chapter 27 Network Management Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Color Marking Pedulum Lab Blue Red Green Purple Orange Yellow Pink.
BCOM 405 Week 4 DQ 2 Why do companies have privacy policies? What are the key elements that should be included in a company’s privacy policy? What are.
BIS 219 Week 1 Individual Information Systems and Organizational Departments Check this A+ tutorial guideline at 219/BIS-219-Week-1-Individual-Information-
Database System Implementation CSE 507
Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé
About Our Writing Services Quality & Security
Portland, Feb.14th 2008 Presenter Name
Using Alloy to Design a Safe Traffic Light System
Domain 2 – Asset Security
IS4680 Security Auditing for Compliance
Survey on Security and Energy Efficiency in the Cloud Computing Environment Wei Wu.
ICM, University of Warsaw
Butterfly Maths Each caterpillar must be coloured the correct pattern for it to turn into a butterfly. Work out each problem to know how to colour each.
BUS 511 Education on your terms/snaptutorial.com.
BUS 511 Teaching Effectively- snaptutorial.com
BUS 511 Become Exceptional/ newtonhelp.com. BUS 511 Week 1 Creating Business Strategies and Goals For more course tutorials visit BUS.
Data Privacy Laws: US vs. EC Differences
Electronic Health Record
Creating Thematic Maps
مدیریت استراتژیک منابع انسانی
شركات المساهمة​ (corporations) Joint stock company
דיני חברות ד"ר ויקטור ח. בוגנים
Signs, Signals, and Roadway Markings
Chi-Square - Goodness of Fit
IS4550 Security Policies and Implementation
Label Name Label Name Label Name Label Name Label Name Label Name
Purpose of Use CBCC WG 12/20/2016 John “Mike” Davis.
GDPR PERSONDATAFORORDNINGEN I PRAKSIS
Computer Security Access Control
Data and Applications Security Developments and Directions
Creating Thematic Maps
Java-Assignment #4 (Due, April. 9, 2004)
Presentation transcript:

Mapping Company Classification Policy to the S/MIME Security Label Weston Nicolls S/MIME Working Group Meeting December 13, 2000

Telenisus Corporation2 Purpose Informational RFC Build on Security Label feature defined in ESS for S/MIME - RFC 2634 Show how Security Label can used to implement an organizational security policy

Telenisus Corporation3 3 rd Draft Classification Policies and Examples for: –Amoco Corporation General, Confidential, Highly Confidential –Caterpillar Inc Public, Confidential Green, Confidential Yellow, Confidential Red –Whirlpool Corporation Public, Internal, Confidential

Telenisus Corporation4 3 rd Draft Security Categories syntax and examples Attribute Owner Clearance examples Privacy Mark examples

Telenisus Corporation5 Security Category Syntax SecurityCategories ::= SET SIZE (1..ub-security-categories) OF SecurityCategory ub-security-categories INTEGER ::= 64 SecurityCategory ::= SEQUENCE { type[0] OBJECT IDENTIFIER value[1] ANY DEFINED BY type } -- defined by type

Telenisus Corporation6 Security Category Syntax One example of a SecurityCategory syntax is SecurityCategoryValues, as follows. When id-securityCategoryValues is present in the SecurityCategory type field, then the SecurityCategory value field could take the form of SecurityCategoryValues as follows: SecurityCategoryValues ::= SEQUENCE OF UTF8String

Telenisus Corporation7 Example ESSSecurityLabel: security-policy-identifier: id-tsp-3 security-classification: 9 privacy-mark: ATTORNEY-CLIENT PRIVILEGED INFORMATION security-categories: SEQUENCE OF SecurityCategory SecurityCategory #1 type: id-tsp-4 value: LAW DEPARTMENT USE ONLY

Telenisus Corporation8 Example Clearance Attribute (passes access control check): Clearance: policyId: id-tsp-3 classList BIT STRING: Bits 0, 1, 2, 9 are set to TRUE securityCategories: SEQUENCE OF SecurityCategory SecurityCategory #1 type: id-tsp-4 value: LAW DEPARTMENT USE ONLY

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.