Recommendations on the safety of systems, presented below, were developed for the aid to the administrators of networks and the leaders of the divisions of safety in the estimation of risk and the creation of countermeasures. Such important aspects, as physical safety, safety, connected with life-support systems and number of others, here are not examined. They are not examined here and the possible mechanisms of the realization of the protective systems - too the different methods this of reaching for the different operating systems.

Introduction

With the development of the programs of providing safety it is necessary to select the concept of control of risk level. This concept includes identification and quantitative assessment of risk and the realization of the practical reasonable countermeasures, which justify expenditures. For guaranteeing the effectiveness of the measures for safety adopted must be executed realistic estimations.

The development of the program of safety begins from the solution of the following problems:

* What to protect

* From what to protect

* What means to employ for this

After this, follows the stage of the realization of the solutions accepted. It is necessary is also regularly (minimum of times per year) to produce the estimations of risk level, also, if necessary the revision of safeguards.

The problem of providing safety can be divided into several parts as follows:

1. Administrative safety (distribution of responsibilities, control of their realization, organizational and technical documents, connected with the actions in the unforeseen circumstances, with the disturbances of safety so forth.)

2. Physical safety (guarantee of physical protection of equipment, regime of the access into the accommodations so forth.)

3. Safety of environment (questions, connected with the electric power supply, by the guarantee of fire protection, flows of water so forth.)

4. Questions, connected with the personnel (basic moments connected with the method to the work, the release, the agreements about the nondisclosure of official information so forth.)

5. Computer and operational safety (program or firmware means for guaranteeing the differentiation of access, authorization, collection of statistics, protection of information with the transfer, the questions, connected with the operator servicing of systems, reserve copying, by service maintenance)

Factors of the risk

The factors, which influence safety level, are: security, accessibility and integrity. Since these three concepts are important for evaluating safety level and one should clear understand that precisely they indicate, the possible troubles and the quantitative parameters, connected with them, the suppositional estimates of cost and expenditures.

Security

Security implies the need of retaining the secrets. A question about the retention of security must concern entire information in the company, except that that it is easily attainable from the open sources.

Closed or other classified information must be protected, since its unsanctioned disclosure can lead to the significant losses. Frequently the security proves to be depending on the time. Requiring primary of enormous efforts for its protection, information gradually loses value. A similar possibility should be taken into consideration with the analysis.

It does not interfere with also attempt to estimate the sum of moneys, which it could spend men or the group of the persons for obtaining this information. Thus frequently it is possible to previously estimate the size of threat, in particular, when this concerns information on marketing either budget or when this is connected with the corporate activity or the actions with the extract of bills. For example, with the economical utilization the lists with the names of users can present significant value.

There is a mass of information, which, after becoming moderately priced, can involve large difficulties or loss of the prestige of company. And although the transfer of this form of threat into the dollar equivalent is very complex, nevertheless should be undertaken such attempts.

Accessibility

Term "accessibility" indicates the requirement of the continuous accessibility of one or other service or another. The fact that to user be required the services (services) for data processing, are assumed that they have for the user the specific value. Possibly, readiness can be connected with the maximum period of idle time, which user can itself.

Services on data processing must be accessible to the association of the users, when for them there is necessity. Although the total loss of information is improbable however the unplanned periods of idle time with the different degree of gravity prove to be absolutely obvious. The author must determine the boundaries, in limits of which he can rely on the system. This confidence can lead to the substantial difference in the operating costs for system, which will involve the introduction of additional requirements for the recovery of information or the systems of reserve copying.

Integrity

The integrity of data processing relates to their authenticity, accuracy and completeness. Many users blindly entrust the integrity of computer systems, believing in the fact that the computers do not make errors. Unfortunately, the information introduced into the system cannot be subject to restoration because of the committed errors, the inadvertences, the failures or the ill-intended damage. Hence it follows that it does not be worthwhile to blindly entrust the integrity of information in the computers, unless are accepted the corresponding precautionary measures.

The possibility of the transfer of the integrity of information into the money equivalent, when data possess any cost, is sufficiently obvious. For example, as the cost of the integrity of financial system one should take the maximum of the yearly-expected losses, if someone energetically manipulated by programs or data. For the system of the calculation of goods this could be the cost of the equipment disappeared in yr. On control systems process this could be the cost of the losses, which would appear with the deviations of process work. For other systems the cost of integrity can be connected with the loss of prestige or with the eventual result of the extraction of the falsification information.

Administrative safety

The administrator of safety must be assigned for each system. He must bear responsibility for all questions of safety, including:

* the coordination of all security aspects

* the periodic testing of means of protection

* consultation on the problems of the safety

The administrator of safety of system must answer for the determination of safety level of systems and services. The estimations of safety level must be carried out on the regular basis. The frequency of such estimations depends on the level of the secrecy of processed information and criticality of services.

It is necessary to distribute responsibilities on the basis of the principle of the "separation of responsibilities". Where this principle cannot be realized because of the limitedness of personnel, should be established the compensating control.

With the determination of authorities it is necessary to be guided by the principle of the minimum of the rights of users and administrators

For all systems it is necessary to compose documentation with the description of requirements for the security, accessibility and integrities. In it any changes with respect to vulnerability must be reflected.