[cabfcert_policy] Section 5.1 Proposed New Language

"Barreira Iglesias, Iñigo" i-barreira at izenpe.eus
Fri Dec 4 00:55:24 MST 2015 

Hi,

 

Can the sentence "The backup shall be stored at a separate site with physical and procedural controls sufficient to protect the confidentiality, integrity, and availability of the information backed up" be changed a little bit? 

There are security vaults with fire/floods/etc. protections that can be in the same site (mean building not where the data center is) and are secure enough and not having them in different locations (if this is what you mean). 

 

Regards

 

 

Iñigo Barreira
Responsable del Área técnica
i-barreira at izenpe.eus <mailto:i-barreira at izenpe.eus>  

945067705

 

 

 

ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!
ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.

 

De: policyreview-bounces at cabforum.org [mailto:policyreview-bounces at cabforum.org] En nombre de Ben Wilson
Enviado el: jueves, 03 de diciembre de 2015 16:54
Para: policyreview at cabforum.org
Asunto: Re: [cabfcert_policy] Section 5.1 Proposed New Language

 

Here is a modified version of section 5.1.8 for further on-list discussion.

 

5.1.8.     Off-site backup

The purpose of an off-site backup is to recover from system failure resulting from damage to the equipment or similar causes.   For components of the Certificate System operated in an online fashion, any backup necessary to recover from system failure SHALL be made at least once per week or so that no changes made prior to the last week might be lost.  Root CA Systems and other components operated in an offline fashion SHALL be backed up prior to taking them offline.  Only the latest backup needs to be retained.  The backup shall be stored at a separate site with physical and procedural controls sufficient to protect the confidentiality, integrity, and availability of the information backed up.  See Section 6.2.4 for requirements for CA private key backup.

 

From: policyreview-bounces at cabforum.org [mailto:policyreview-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Thursday, December 3, 2015 8:24 AM
To: policyreview at cabforum.org
Subject: [cabfcert_policy] Section 5.1 Proposed New Language

 

Per our discussion on today's call

 

5.1.        PHYSICAL SECURITY CONTROLS

5.1.1.     Site location and construction

The location and construction of the facilities housing the CA and RA equipment SHALL be consistent with facilities used to house high-value, sensitive information.  The site location and construction, when combined with other physical security protection mechanisms such as guards, high security locks, and intrusion sensors, SHALL provide robust protection against unauthorized access to the CA equipment and records.

 

5.1.2.     Physical access

CAs SHALL maintain controls to provide reasonable assurance that: physical access to CA facilities and equipment is limited to authorized individuals, protected through restricted security perimeters, and is operated under multiple person (at least dual custody) control; CA facilities and equipment are protected from environmental hazards; loss, damage or compromise of assets and interruption to business activities are prevented; and compromise of information and information processing facilities is prevented.

 

5.1.3.     Power and air conditioning

The CA shall have backup power capability sufficient to lock out input, finish any pending actions, and record the state of the equipment automatically before lack of power or air conditioning causes a shutdown.  The backup power capabilities shall support the availability requirements of Section 4.10.2.

5.1.4.     Water exposures

CA equipment shall be installed such that it is not in danger of exposure to water (e.g., on tables or elevated floors).

Potential water damage from fire prevention and protection measures (e.g., sprinkler systems) should be minimized.

5.1.5.     Fire prevention and protection

The CA shall comply with local commercial building codes for fire prevention and protection. 

 

5.1.6.     Media storage

Media shall be stored so as to protect it from accidental damage (water, fire, electromagnetic) and unauthorized physical access.  Media not required for daily operation or not required by policy to remain with the CA or RA that contains security audit, archive, or backup information shall be stored securely in a location separate from the CA or RA equipment.

 

Media containing private key material shall be handled, packaged, and stored in a manner compliant with the requirements for the sensitivity level of the information it protects or provides access.  Storage protection of CA and RA private key material shall be consistent with stipulations in Section 5.1.2.

5.1.7.     Waste disposal

Sensitive media and documentation that are no longer needed for operations shall be destroyed in a secure manner. For example, sensitive paper documentation shall be shredded, burned, or otherwise rendered unrecoverable.

5.1.8.     Off-site backup

The purpose of an off-site backup is to recover from system failure resulting from damage to the equipment or similar causes.   For components of the Certificate System operated in an online fashion, any backup necessary to recover from system failure SHALL be made at least once per week or so that no changes made prior to the last week might be lost.  Root CA Systems and other components operated in an offline fashion SHALL be backed up prior to taking them offline.  Backups shall be stored offsite.  Only the latest backup needs to be retained.  The backup shall be stored at a site with physical and procedural controls commensurate to that of the Certificate System.  See Section 6.2.4 for requirements for CA private key backup. 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/policyreview/attachments/20151204/e1b96b78/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 8648 bytes
Desc: image001.jpg
Url : https://cabforum.org/pipermail/policyreview/attachments/20151204/e1b96b78/attachment-0001.jpg

More information about the Policyreview mailing list