Internet Security Policy (spwg) ------------------------------- Charter Last Modified: 07/27/1997 Current Status: Concluded Working Group Chair(s): Richard Pethia Security Area Director(s): Jeffrey Schiller Steve Bellovin Security Area Advisor: Jeffrey Schiller Mailing Lists: General Discussion:spwg@nri.reston.va.us To Subscribe: spwg-request@nri.reston.va.us Archive: Description of Working Group: The Security Policy Working Group (SPWG) is chartered to create a proposed Internet Security Policy for review, possible modification, and possible adoption by the Internet Activities Board. The SPWG will focus on both technical and administrative issues related to security, including integrity, authentication and confidentiality controls, and the administration of hosts and networks. Among the issues to be considered in this Working Group are: \begin{itemize} \item Responsibilities and obligations of users, database administrators, host operators, and network managers. \vspace{.2in} \item Technical controls which provide protection from disruption of service, unauthorized modification of data, unauthorized disclosure of information and unauthorized use of facilities. \vspace{.2in} \item Organizational requirements for host, local network, regional network and backbone network operators. \vspace{.2in} \item Incident handling procedures for various Internet components. \end{itemize} Goals and Milestones: Done Review and approve the Charter making any necessary changes. Begin work on a policy framework. Assign work on detailing issues for each level of the hierarchy with first draft outline. Done Revise and approve framework documents. Begin work on detailing areas of concern, technical issues, legal issues, and recommendations for each level of the hierarchy. Done Prepare first draft policy recommendation for Working Group review andmodification. Done Finalize draft policy and initiate review following standard RFC procedure. Internet-Drafts: No Current Internet-Drafts. Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC1281 I NOV 91 Guidelines for the Secure Operation of the Internet