Upload File

cnes security development process. 2 basic rules high level principles for iss activities on...

  • Home
  • Documents
  • CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must
8
CNES security development process

Upload: melissa-wade

Post on 04-Jan-2016

213 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

CNES security development process

Page 2: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

2

Basic rules

High level principles for ISS activities on projects are:■Decisions dealing with security risks must be approved on relevant

functional/hierarchical level.■For each project, ISS must be integrated in the project management.■Each project must integrate CNES security requirements.■CNES ISS authorities (independent of project team) must be

involved in each key event of the project.■Security requirements must be function of functional sensitivity and

security risks.

Page 3: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

3

ISS approach 1/6

■ ISS approach for project development must be integrated in the global approach of the project.

■The following slides describe the main stages (V cycle) of a project and, for each of them, what are the relevant security items.

■Two security activities are dealt with: security of target IS to be developed, security of development environment.

Page 4: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

4

ISS approach 2/6

Phase ISS actions Documents involved in ISS

identification of IS functional sensitivity

Expressions of the needs

Expression of functional needs

Expression of security needs and objectives (EBIOS method – Expression of Security Needs and Identification of Security Objectives)

MoU

MoA

Page 5: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

5

ISS approach 3/6

Phase ISS actions Documents involved in ISS

development of security requirements to be included in system requirements document

Requirements System requirements document

development of requirements for securing development environment

Environment security requirements

MoU, MoA

Page 6: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

6

ISS approach 4/6

Phase ISS actions Documents involved in ISS

Project specific ISS training Management plan

Design /

Development

Testing plan

ISS follow-up (auditing, validation of documents, validation of project milestones)

Design document

Security directory

Audit report

Page 7: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

7

ISS approach 5/6

Phase ISS actions Documents involved in ISS

testing results

Testing testing compliance between security requirement and IS implementation

ISS assessment

Maintenance, operation and support manuals

Audit report

Page 8: CNES security development process. 2 Basic rules High level principles for ISS activities on projects are: ■Decisions dealing with security risks must

8

ISS approach 6/6

Phase ISS actions Documents involved in ISS

Operation /

Maintenance

ISS follow-up, Survey (auditing, ISS advisories management, …)

Reporting document


Le CNES et les jeunes - cnes-csg.fr · Le CNES et les jeunes Le CNES (Centre national d'études spatiales), à travers le service Culture spatiale, est un interlocuteur privilégié

Living Security Program - Riskinforiskinfo.com.au/.../acl-living-security-program-pds-no3-iss-200704.pdf · Living Security Program Product Disclosure Statements ... 50th birthday;

stion CE - cnes

SATELLITE TELECOMMUNICATIONS - cnes

Information Systems Security Line of Business (ISS LoB) Goals of ISS LoB • Support performance of the Federal government’s mission through improved information systems security

Scanning with ISS Security-SIG 15 December 2005 David Taylor & John Lupton ISC Information Security ISC/Information Security

CNES Confidential

ISS-926•Product Lifecycle Policy - IBM · Introduction IBM Internet Security Systems™ (ISS) is dedicated to providing customers with the highest quality security products to protect

Integrated Security System (ISS) - Energy.gov · The Integrated Security System (ISS) is a security platform that provides multi-layered security features and intrusion detection

Improving human security in Africa - Amazon Web ServicesThe ISS understands and responds to human security challenges on the continent During 2013 ISS researchers, policy advisors

GUYANE - cnes

Présentation du cnes

Information Security Whitepaper - ISS...Information Security Whitepaper An overview of information security, business continuity, disaster recovery and cybersecurity controls. Published:

Iconographie - cnes-geipan.fr

C. Huc/CNES, D. Boucon/CNES-SILOGIC Producer-Archive Interface Specification

Manual de Usuario Para el Internet Security Server (ISS) V1ansel.com.mx/soporte/tarjetas/producto/docs/pdf/miss.pdf · Para el Internet Security Server (ISS) V1 Todos los derechos

Integrated Security System (ISS) - Energy.gov...Integrated Security System (ISS) A security platform providing multi-layer intrusion detection and security management for a networked

COROT CNES/LESIA

Bosch Security and Safety Systems and Intelligent Security Systems (ISS) · Set up details ISS is a leading developer of video management and video intelligence solutions, as well

C. Huc/CNES, D. Boucon/CNES-SILOGIC

CNES OpenSearch implementations

eScan ISS ESET - Q-Project Comparison/eScan ISS/eScan... · 2012-04-17 · ESET Smart Security 4 eScan Internet Security Suite v11 Product Name Manufacturer/Developer MicroWorld ESET

OBSERVATION - cnes

Cnes manual

Mercury ISS- security analysis of iVote...2017/12/29  · Mercury ISS- security analysis of iVote Page 4 of 10 Submission Introduction The purpose of this submission is to detail security

Cnes gepan

CHALLENGE - cnes

CNES Data Center

CNES program status CNES program status E. Thouvenot, CNES March 2007

CNES Presentation 2015

Keynote CNES ScilabTEC2014

GRL - ISS squareiss.iisec.ac.jp/sympo18/posters/M2_208poster18.pdf2018 ISS Square (2019/2/22) No. Cipher Post-Quantum Security Level Remarks COLM 64-bit Not suited for long-term security

sm - cnes-geipan.fr

5808 ISS Gender, Peace and Security in SA · Senior research fellow, SSG, ISS Cheryl Hendricks opened the meeting and welcomed delegates to the workshop on Gender, Peace and Security

CNES and French MoD: a common approach for Security and