Security

Last update: 16 October 2001

This page is devoted to information security compliance, assessment, assurance and survivability. Because standards, such as Common Criteria for IT Security Evaluation are constantly changing we have included links to documents related to these standards instead of making the documents directly available from this page.

We also have pages on specific security topics as follow:

For other IT-related topics please see our map of sites that we maintain. We would be pleased to answer any questions, respond to comments or try to fulfill requests.

Security Papers

Collection of Policies Comprising an Internet Security Policy Guide (Includes Firewall Policy) MS Word Documents in Zip Format
Guide for Developing Security Plans for Information Technology Systems MS Word Format
Security Planning Guide MS Word Format
LAN Risk Management Guide - A guide book and accompanying spreadsheets for conducting a local area network risk assessment MS Word and Excel Formats in a Zip File
PowerPoint presentation on securing routers
PowerPoint presentations on Host-based security and Securing Unix
PowerPoint Presentation on E-security issues and related white paper in Adobe Acrobat format
Collection of PowerPoint, Word and Acrobat files on the Information Security Capability Maturity Model
Adobe Acrobat document titled, Creating, Implementing and Managing the Information Security Lifecycle
PowerPoint presentation on Information Assurance Efforts (DoD)
PowerPoint presentation on Developing Security Policies
Adobe Acrobat document on Survivable systems and networks
Adobe Acrobat document on Active-X Security
Adobe Acrobat document on Content Security
Adobe Acrobat presentation on Denial of Service Attacks
Adobe Acrobat paper on Security Architectures
Adobe Acrobat paper on Survivable Network Analysis Methods
Adobe Acrobat paper on Taxonomy of Security Costs
Adobe Acrobat paper on Securing databases
PowerPoint presentation on Role-Based Access Controls

Security Links

Link to Risks Digest - ACM Committee on Computers and Public Policy, Forum On Risks To The Public In Computers And Related Systems
Link to National Information Assurance Partnership (Collaboration between NIST and NSA)
Link to Common Criteria for IT Security Evaluation (CC) International Standard (IS) 15408 Site(NIST) and the International Site
SANS System Administration, Networking, and Security Institute
CERT/CC Computer Emergency Response Team/Coordination Center
COAST Computer Operations, Audit, and Security Technology
NIST CSRC National Institute of Standards and Technology Computer Security Resource Clearinghouse
InfoSysSec The Security Portal for Information System Security Professionals
Security Document Archive Private collection maintained by Kent Anderson
Security Watch Security Portal
Project and papers related to network and system survivability
Role-Based Access Control Page
IT Security Cookbook
Practices for securing information assets
Practices for securing information assets
Information Assurance Technical Framework

Information is Provided "As-Is" with no Warranty or Guarantees. Use At Your Own Risk
Web Page Copyright © 2000, 2001 Linda Zarate and Mike Tarrani. All rights reserved.
Content Subject to Copyright of Respective Owners and Providers