2. KTIS Security System Architecture and Resource

I ~4 KTIMATOLOGIO S.A.

HELLENIC CADASTRE

KT INFORMATION SYSTEM (KTIS) SECURITY STANDARDS AND GUIDELINES

ATHENS January, 1999 KT_SECUR.doc Version 1.0

)

KTI:VIATOLOCIO S.A

I--:T I\FOR\J..HI()~ SYSTEM (KTIS) SECURITY STANDARDS A~D GlJIDELI:\iES /

KT SECli R.doc

PREFACE

3

1. INTRODUCTION

3

1.1 1.2 1.3 1.4 1.5

BACKGROUND GENERAL GOALS AND OBJECTIVES PURPOSE SCOPE OTHER RELEVANT DOCUMENTS

3

4

5

5

5

2. KTIS SECURITY SYSTEM ARCHITECTURE AND RESOURCE PROTECTION

REQUIREMENTS ,

6

2.1 KT's SECURITY SYSTEM ARCHITECTURE 2.1.1 PHYSICAL SECURITY 2.1.2 ACCESS CONTROLS 2.1.3 IDENTIFICATION 2.1.4 AUTHENTICATION 2.1.5 NETWORK SECURITy 2.1.6 SECURITY SOFTWARE 2.1.7 SECURITY MONITORING AND AUDITING 2.1.8 COMMUNICATIONS 2.1.9 ADDITIONAL CONSIDERATIONS 2.2 PROTECTION OF KTIS RESOURCES 2.2.1 MAINTAINING AVAILABILITY OF KTIS 2.2.2 IMPLEMENTATION OF PROCESS CONTROL FOR SECURITY RELATED CHANGES 2.2.3DATA PROTECTION 2.2.4 DATA ENCRYPTION

6

6

7

7

8

8

9

9

9

9

10

10

10

10

11

3. SECURITY POLICY IMPLEMENTATION

12

3.1 KTIS ELEMENT SECURITY PROCESS 3.2 ATTRIBUTES OF EFFECTIVE SECURITY 3.2.2 ASSIGNMENT OF SENSITIVITY LEVELS 3.2.3 SECURITY PLAN 3.2.4 PERIODIC RISK ASSESSMENTS 3.2.5 CONTINGENCY PLANS 3.2.6 SECURITY INCIDENT RESPONSE 3.2.7 KTIS ELEMENT CERTIFICATION 3.2.8 CONFIGURATION MANAGEMENT PLAN 3.2.9 SECURITY AWARENESS TRAINING 3.2.10 SECURITY WAIVER GENERATION

12

12

12

12

13

13

14

14

14

15

15

4. SECURITY RESPONIBILITIES

17

4.1 KTIS ELEMENT MANAGERS 4.2 KTIS ELEMENT SECURITY OFFICIALS

D.

nclik:lr:lll~l(lll

17

17

2/IS

.Jan. 99

J

..\

KTIM.\TOLOGIO S...\

KT Ii\FORi\IATION SYSTEM (KTIS) SECtRITY STANDARDS AND GIIIDELINES I

KT SECt R.doc

PREFACE This document on KT's Information System (KTIS) Security Standards and Guidelines addresses the following issues: a. Security requirements for KT's Data Assets and its Information Technology Resources (ITRs); b. Security administration, including access control to all IT equipment at KT's main facility and at the HC Regional Offices which will be used for the development, operation and management of the Hellenic Cadastre (such as system networks and computer systems of interrelated elements); c. software and digital data assets; and d. Government property and equipment located at the KT's facilities. J

The KTIS systems at the KT Main Facility and at the HC Regional Offices, for the porposes of this document shall be referred to as the KTIS Elements. The term Information Technology Resource (ITR) refers to any equipment or interconnected system or subsystem(s) of equipment, including networks and their interconnecting hardware, along with the applications used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data and information. This also includes the data which resides on the resource.

1. INTRODUCTION 1.1 Background

The KTIS is envisaged as a comprehensive data and information system that will be using a distributed, open systems architecture and will perform a wide variety of functions, supporting a diverse national multi-user community. This approach shall allow for the allocation of KTIS Elements to various locations to benefit from different institutional capabilities and IT expertise. HC data products will be used by a wide spectrum of professionals and the public throughout the extended life of the HC program and in the decades to follow. The commitment to provide a long-term database of usable and up-to-date technical information to the various user communities distinguishes KTIS from ordinary data systems. The KTIS shall depend on automated information technology resources for essential support in accomplishing operational and management objectives. Among certain elements of this planned infrastructure (for example, the communications networks), the degree of interdependency shall be especially strong, and a dysfunction (e.g. power outage, communication failure) in anyone may produce consequences in the others. The KTIS Elements shall all depend upon each other to varying degrees, forming in a way a vast, vital-and vulnerable-system of systems. This dictates that an effective central security D. Ddih.:lnlOglou

3/1 S

.Jan. 99

KT 1:\ FOR:\I.-\nON SYSTEiVI

KTI.\IATOLOGIO S.A

SECVRITY STANDARDS AND G(JIDELli\ES I

KT SECl:R.doc

(I~T1S)

management approach be taken to allow continuous security of KTIS from identifiable risks of deliberate or accidental misuse, loss, disruption, or destruction, so that to ensure that:

* * *

the KTIS systems and data have a high degree of integrity; the potential for abuse or misuse of the KTIS automated information resources is

minimized; and

continuity of the KTIS operations is maintained.

Fundamental to this security approach is the realization that individual systems supporting a common mission increasingly need to be viewed as a single, integrated, logical entity to users (rather than a set of individual systems each with its own restrictive interfaces). The irp.plications of such a view are that the individual KTIS Element Managers shall each be responsible for the larger whole and should empowered to safeguard the integrated system against any threat or unnecessary risk.

_ 1.2 General Goals and Objectives The goals of the KTIS Security Plan are: (a) to provide cost-effective protection that shall ensure the integrity, availability, and confidentiality of all KT information technology resources, (b) to address security risks that span across individual interconnected systems up to the system-of-systems level and (c) to provide a level of security consistent with the potential risk from the loss, inaccuracy, alteration, unavailability, or misuse of these systems. Specifically, the immediate broad objectives are to: • Protect against deliberate or accidental corruption of KT information, by incorporating cost-effective management, general, and application controls to ensure the He program's integrity and accuracy. • Protect against deliberate or accidental actions that would cause the KT information technology resources to be unavailable to users when needed, by implementing sufficient control interfaces, communication and data access with cost-effective technical, administrative, and environmental safeguards. • Ensure that there would be no deliberate or accidental disclosure of KT sensitive information to any unauthorized personnel, by establishing adequate protective measures that will provide an effective and functional response to identified KTIS risks. • Protect against unauthorized access to KT's ITRs by maintaining security procedures that will control changes to any security-related and sensitive software, hardware or procedure in the system. In the longer term, two major issues need to be addressed as KT should consider how best to protect critical elements of the KTIS infrastructure. The first is the need to define the KTIS security-related roles of the Regional Offices and to develop a plan for sharing responsibility between them. The second is the need to understand how each system in the infrastructure functions and how it affects the others so that its interdependencies can be studied. Both issues would involve a multitude of considerations, including identifying likely barriers to sharing proprietary and competitively sensitive information and carrying out risk assessments D. Dclika rao~lllli

~1l8

.1 an. 99

KT I\FORM.-\TIO"l S...·STEiVI

KTI\I.\TOLOCIO S."\

SECl:RITY STANDARDS A:"ID