NIST publishes guidance on securing interconnecting IT systems. (General Developments).
A system interconnection is defined as the direct connection of two or more IT systems for the purpose of sharing data and other information resources. The document describes the benefits of interconnecting IT systems, defines the basic components of an interconnection, identifies methods and levels of interconnectivity, and discusses potential security risks. The document then presents a life-cycle approach for system interconnections, with an emphasis on security. The following four phases are addressed:
* Planning the interconnection: the organizations perform preliminary activities; examine technical, security, and administrative issues; and form an agreement governing the management, operation, and use of the interconnection.
* Establishing the interconnection: the organizations develop and execute a plan for establishing the interconnection, including implementing or configuring security controls.
* Maintaining the interconnection: the organizations maintain the interconnection after it is established to ensure that it operates properly and securely.
* Disconnecting the interconnection: one or both organizations may terminate the interconnection. The termination should be conducted in a planned manner to avoid disrupting the other party's system. In an emergency, however, one or both organizations may choose to terminate the interconnection immediately.
The new publication is available online at http://csrc.nist.gov/publications/nistpubs/index.html.
CONTACT: Joan S. Hash, (301) 975-3357; firstname.lastname@example.org.
|Printer friendly Cite/link Email Feedback|
|Publication:||Journal of Research of the National Institute of Standards and Technology|
|Date:||Sep 1, 2002|
|Previous Article:||Polaron glass in colossal magnetoresistive oxides researched. (General Developments).|
|Next Article:||New x-ray wavelength reference table to be published. (General Developments).|