SlideShare a Scribd company logo

IRS_Tier_2_Compiler_Policy_V3

D
David G. Peterson, PMP

This document establishes a policy for compiler and interpreter usage within Tier II production centers and platforms in compliance with several IRS regulations. It defines the responsibilities of the Distributed Systems Management Branch (DSMB) in managing Tier II systems, including configuration management and security. The policy outlines initial and periodic audits of compilers and interpreters on Tier II systems to ensure compliance with security standards and prevent unauthorized access. Non-compliance with the policy could compromise the integrity of Tier II systems.

1 of 11
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
DRAFT DRAFT Policy for Compiler and Interpreter Usage Within Tier II Production Centers and Platforms In Compliance with IRM 2.1.7, 2.1.8, 2.1.10, and 21.2
DRAFT DRAFT TABLE OF CONTENTS 1.0 INTRODUCTION 1 2.0 PREMISES 1 3.0 REFERENCES AND AUTHORITY 1 4.0 MISSION 1 4.1 THE ROLE OF DSMB 2 4.2 DSMB RESPONSIBILITIES 2 4.3 UNIX SECURITY 2 4.4 IRM 2.1.7 3 4.5 IRM 2.1.8 3 4.6 IRM 2.1.10 4 4.7 IRM 21.2 5 4.8 IRS DOCUMENT 9627, INFORMATION SYSTEMS SECURITY PROCEDURAL GUIDE 5 5.0 SECURITY 6 6.0 POLICY FOR COMPILER AND INTERPRETER USAGE WITHIN TIER II PRODUCTION SYSTEMS 6 6.1 PERL AND IRM 102.1.4 6 6.2 INITIAL AUDIT OF TIER II CORPORATE PLATFORMS 7 6.3 USAGE OF INITIAL AUDIT REPORT 7 6.4 FUTURE USAGE OF COMPILERS AND INTERPRETERS ON TIER II CORPORATE PLATFORMS 8 6.5 SECONDARY AND PERIODIC AUDITS 9 7.0 CONSEQUENCES RESULTING FROM NOT ESTABLISHING THIS POLICY 9
DRAFT Page: 1 DRAFT 1.0 Introduction In accordance and compliance with the standards detailed in IRM 2.1.7, Information Systems Operations; and the directives detailed in IRM 2.1.8, Information Systems Operations Support, and IRM 2.1.10, Information Systems Security; this document will: (1) Define the policy for the usage of compilers and interpreters within the Tier II Production environment at the Computing Centers and Campuses. (2) Outline the tasks required to fulfill that policy. 2.0 Premises (1) All Tier II systems operate in a trusted environment. (2) The Distributed Systems Management Branch, M:I:SS:DS (DSMB) is responsible for all Tier II platforms. (3) The Distributed Systems Management Branch, M:I:SS:DS (DSMB) is responsible for Configuration Management (CM) on all Tier II corporate platforms (SUN, NUMA-Q, EMC). (4) Without the establishment of the policy listed in the previous section, the Tier II Consolidated Environment is at risk for the compromise of system and structural integrity. 3.0 References and Authority The following documents are cited here as references and authority for this Policy: (1) Memo of June 7, 1999 from Paul J. Cosgrave, CIO, on Tier II Systems Management. (2) IRM Handbook 102.13, Information Technology Systems, Chapter 5, Basic UNIX Security Requirements (BUSR) Handbook (3) IRM 2.1.7, Information Systems Operations, dated November 1, 2000 (4) IRM 2.1.8, Information Systems Operations Support, dated November 1, 2000 (5) IRM 2.1.10, Information Systems Security, dated April 30, 1998 (6) IRM 21.2, Customer Accounts Services, dated March 3, 2001 (7) IRS Document 9627, Information Systems Security Procedures Guide (8) IRM 102.1, Standard Systems Profile, Chapter 4, Software Engineering Services (9) Tier II Systems Support Organizational Roles and Responsibilities document, Release 3.2, dated October 20, 2000. (10) Policy for Security and Access Within Tier II Centers and Platforms. 4.0 Mission (1) The following sections outline the mission and responsibilities of DSMB for Tier II Management and Technical Support.
DRAFT Page: 2 DRAFT 4.1 The Role of DSMB (1) As stated in Reference (1), management responsibility for all Tier II systems has been assigned to the Systems Support Division (SSD). This responsibility includes Management Policy, Configuration Management (CM), standards, and technical support including tuning and troubleshooting assistance. Within SSD, the Distributed Systems Management Branch (DSMB) will have primary responsibility for this activity. This branch will provide technical guidance and support for the operating systems, database management systems, system utilities, COTS products, and telecommunications interface software running on all Tier II production, D/R, and PDS platforms. DSMB management and technical support includes version and update control, distribution and problem solving of and for operating and data base management systems and configuration management of these platforms. Additionally, the branch will have direct responsibility for corporately managing Tier II systems software components, such as the Sun and Sequent systems installed in the Service's Computing Centers and Campuses, respectively. 4.2 DSMB Responsibilities (1) As stated in Reference (9), the DSMB is responsible for technical and programmatic management of all Tier II systems service wide, to include acquisition, use, management and disposition of Tier II hardware and other system resources, including asset management and reporting. The mission includes setting, and enforcing standards and strategic direction for hardware and system components, including DBMSs. DSMB may delegate responsibility to subordinate organizations to accomplish this mission. (2) Within the context of the DSMB mission, the National Office (NO) has the primary responsibility for both Configuration Management (CM) and Controlled Access Protection (C2). 4.3 UNIX Security (1) As stated in Reference (3), The IRM Handbook 102.13 provides basic security requirements for Internal Revenue Service (IRS) UNIX computer systems and networks based on C2 functionality. (2) Chapter 5 of the handbook specifically addresses the Basic UNIX Security Requirements (BUSR) for IRS Information Technology Systems.
DRAFT Page: 3 DRAFT 4.4 IRM 2.1.7 (1) Section 2.1.7.1 (11-01-2000), Information Systems Operations, states: (1) This section provides general standards and requirements to be observed by all personnel throughout the Service in carrying out their Information Systems (IS) Operations responsibilities. This information is applied to all Systems including those not directly controlled by the Chief Information Officer (CIO). (2) Section 2.1.7.2.1 (11-01-2000), National Office IRMs and Handbooks, states: (3) General standards must be established at the National Office level to ensure that activities are properly administered at the local level. (3) In accordance with the above statements, the DSMB will establish all standards, policies, and procedures that will guide all aspects of Tier II Computing Centers and Campuses. This includes Configuration Management (CM) and Controlled Access Protection (C2). 4.5 IRM 2.1.8 (1) Section 2.1.8.2 (05-11-2000), Systems Control Point Overview, defines the concept, responsibilities, and duties of the Control Point function. (2) In the context of the Control Point function, and for all Tier II Computing Centers and Campuses, the DSMB will function as the high-level Control Point for standards, procedures, policies, distribution, and the SSD Configuration Control Board (CCB). The SSD CCB explicitly pertains to all installation, upgrade, or maintenance activities for operating systems, database systems, and COTS software across all Tier II Computing Centers and Campuses.
DRAFT Page: 4 DRAFT 4.6 IRM 2.1.10 (1) IRM 2.1.10, Information Systems Security, provides policies and requirements to be used by IRS organizations to carry out their respective responsibilities in information systems security. Among the subject areas covered in this IRM are the following: 10.1.3 – Information Systems Security Regulations 10.2.4 - Configuration Management (CM) 10.4 - Security Guidelines 10.4.1.8 – Information System User 10.4.3 - Controlled Access Protection (C2) 10.4.3.2 – C2 Security Features (2) All activities of Tier II Computing Centers and Campuses will comply with all subsections of 10.1.3 – Information Systems Security Regulations. (3) For all Tier II Computing Centers and Campuses, the DSMB functions as the high-level Configuration Management (CM) authority. This explicitly pertains to all installation, upgrade, or maintenance activities for operating systems, database systems, and COTS software across all Tier II Centers and Platforms. (4) For all Tier II Computing Centers and Campuses, the DSMB will define and enforce all policies and procedures pertaining to IRM 2.1.10.4 – Security Guidelines. The specific sections that apply to this policy are listed below: • IRM 2.1.10.4.1.8 – Information System User. This states the following: • protect access IDs and authentication codes (e.g., passwords, personal identification numbers (PIN), encryption codes, etc.) from any misuse and improper disclosure; • access only authorized data and applications necessary to perform management approved responsibilities. However, access capability does not equate to authority (e.g., browsing of taxpayer data is not permitted) • IRM 2.1.10.4.3 - Controlled Access Protection (C2). This explicitly pertains to all installation, upgrade, or maintenance activities for operating systems, database systems, and COTS software across all Tier II Computing Centers and Campuses. The specific section that applies to this policy is listed below: • IRM 2.1.10.4.3.2 – C2 Security Features. This states the following: • To maintain baseline security requirements for sensitive but unclassified (SBU) information systems and networks, C2 requirements shall be maintained. Controlled access protection provides the following security features: • ensure individual accountability through identification and authentication of each individual system user; • maintain an audit trail of user security relevant events; • control response to a user request to access information according to the user authorization; and
DRAFT Page: 5 DRAFT • prevent unauthorized access to a user's current or residual data by clearing all storage areas (core, disk, etc.) before the storage areas are allocated or reallocated. 4.7 IRM 21.2 (1) Subsection 21.2.2.3.2 references the Taxpayer Browsing Protection Act. This subsection states that “All IRS employees are required by law to protect the confidentiality of a taxpayer's tax matters. You must ensure you are dealing with the taxpayer or someone properly authorized to receive this data before giving out any tax information. “ (2) The provisions of this new law are listed below: a. Willful unauthorized access or inspection of non-computerized taxpayer records, including hard copies of returns - as well as computerized information - is a misdemeanor, punishable, upon conviction, by fines, prison terms and termination of employment. b. Taxpayers have the right to take legal action when they are victims of unlawful access or inspection - even if a taxpayer's information is never revealed to a third party. c. When managers or employees are criminally charged, we are required to notify taxpayers that their records have been accessed without authorization. d. In short, the new law closes the loopholes in the existing statutes on willful UNAX or inspection. It makes all cases of UNAX - electronic and paper - a crime that carries with it penalties ranging from loss of job to fines and prison terms if an individual is convicted. And in all substantiated cases of UNAX, the appropriate managerial response, absent any mitigating circumstances, will be removal. 4.8 IRS Document 9627, Information Systems Security Procedural Guide (3) The purpose of IRS Document 9627 is to provide standardized procedures to be used by Internal Revenue Service organizations to ensure the protection of sensitive but unclassified (SBU) information systems, applications, and networks. Document 9627 includes "how to" guidance for certain items addressed in IRM 2.1.10, Information Systems Security. Document 9627 is not meant to cover all procedures for all the various security processes. Additional procedures are being considered for inclusion in the future revisions of this document. (4) Document 9627 provides procedures for: • Computer Security Plan • Risk Assessment • Virus and Malicious Software Prevention • Controlled Access Protection (C2) • Security Compliance Review • Security Exception • Security Documentation
DRAFT Page: 6 DRAFT 5.0 Security (1) All established IRS security procedures would be followed. The IRS form 5081 will be used to request access for primary and alternate DSMB staff to fulfill their mission. In addition, all applicable sections of the UNIX Security Standards, Reference 3, will be strictly adhered to. 6.0 Policy for Compiler and Interpreter Usage within Tier II Production Systems (1) The following section delineates the policy for the usage of compilers and interpreters within the Tier II corporate platforms. This policy will apply to all Production Tier II corporate platforms at both the Computing Centers and Campuses. (2) This policy will ensure that the Tier II environment complies with all applicable standards, policies, and regulations for Production IRS systems. 6.1 PERL and IRM 102.1.4 (1) Section 102.1.4.3 addresses Special Use Languages. In particular, this section of the IRM states that: the languages presented (i.e. C++, 4GLs, and PERL) are not approved for the development of production systems within the IRS. If adherence to this standard is either impossible or not in the best interest of the IRS then an approved waiver must be obtained. See IRM2.1.11, Systems Standards Profile, Section 1.6, SSP Waiver Process. (2) Section 102.1.4.3.3.2 Guidance states that: PERL is not a mandatory Federal Standard, but has been selected for use by the IRS for the following reasons: • PERL as a de facto standard is being widely accepted by industry; • PERL is a leading component for Internet/Intranet development; • PERL’s process, file, and text manipulation facilities make it particularly well suited for tasks involving quick prototyping, system utilities, report generation, database access, systems management tasks, and lnternet/lntranet programming. (3) While PERL has been selected for use by the IRS, its use is prohibited on Tier II corporate platforms due to the lack of security inherent in the language and lack of product support by the platform vendor. In particular, it will not reside on any Tier II production platform.
DRAFT Page: 7 DRAFT 6.2 Initial Audit of Tier II Corporate Platforms (1) DSMB will conduct an audit of all Tier II corporate platforms at both the Computing Centers and the Campuses. (2) This audit shall be used as a baseline to identify the existence and usage of compilers and interpreters on all Tier II corporate platforms. (3) The audit will be conducted in one (1) of three (3) ways: • DSMB will audit directory listings when doing site visits in accordance with Reference 10, the Policy for Security and Access within Tier II Centers and Platforms • This policy details the access accorded DSMB personnel • Access will be provided in accordance with it • By DSMB's use of infrastructure management tools • And by DSMB's coordinating with TIGTA and SPO to ensure this topic is covered in their audits (4) This audit will generate a detailed report, for each site and system, containing the following information: • Center or Campus • Platform • Operating System and Version • Compiler or Interpreter name • Compiler or Interpreter release/version • Date installed • Date uninstalled 6.3 Usage of Initial Audit Report (1) Using the audit report, all identified compilers and interpreters will be removed from every Tier II production system at both the Computing Centers and the Campuses. • All compilers and interpreters will be archived to tape. (2) The removal process will generate a detailed audit report, for each site and system, containing the following information: • Center or Campus • Platform • Operating System and Version • Compiler or Interpreter name • Compiler or Interpreter release/version • Date removed
DRAFT Page: 8 DRAFT 6.4 Future Usage of Compilers and Interpreters on Tier II Corporate Platforms (1) Future usage of compilers and interpreters within the Tier II corporate platforms will be initiated and tracked through the Change Request (CR) process. The CR must include a justification to DSMB for the proposed usage of the compiler or interpreter and approval shall be granted by DSMB. (2) Normally, DSMB Transmittal procedures will provide the authority for the use of the compiler. (3) The following policies will apply for the future usage of all compilers (e.g., COBOL, C, etc.) and interpreters (e.g., PERL, BASIC, etc.) on Tier II corporate platforms. (4) Compilers are pre-approved only to be used for compiling the UNIX kernel. However, these compilers shall be uninstalled when not required for use on the kernel. (a) The following process would be followed: • An audit trail will be initiated. • The compiler would be installed. • The kernel would be compiled. • The compiler would be removed after the compile. • The audit trail would be closed, and the audit report generated.
DRAFT Page: 9 DRAFT 6.5 Secondary and Periodic Audits (1) A secondary audit (spot check) may be conducted by DSMB to verify the removal, at the discretion of DSMB. This would be an 'unannounced' type of audit. (2) The audit will be conducted in one (1) of three (3) ways: • When doing site visits in accordance with Reference 10, the Policy for Security and Access within Tier II Centers and Platforms • This policy details the access accorded DSMB personnel • Access will be provided in accordance with it • By using infrastructure management tools • And by coordinating with TIGTA and SPO to ensure this topic is covered in their audits (3) Periodic (spot check) audits will be conducted by DSMB to verify that no compilers are resident on Tier II production systems (4) As stated in Reference (9), DSMB is responsible for the Configuration Management (CM) of the Tier II corporate platforms. In support of the CM function assigned to the National Office (NO) Systems Administrators (SAs) are responsible for controlling version updates to the Operating System (OS). (5) In accordance with Reference (9), the National Office (NO) Systems Administrators (SAs) will be granted the necessary access level (Root) to conduct the audit of any Production Tier II platform. 7.0 Consequences Resulting from not Establishing this Policy (1) To be able to provide the required controlled access environment, certain policies and subsequent implementations dictate that compilers and interpreters should be removed just as certain remote access commands need to be removed. The requirements for C2, or the comparable Common Criteria version, cannot be met without setting a policy to remove or to tightly control unnecessary software such as compilers and interpreters. (2) Without the establishment of the policy listed in the previous section, the Tier II Consolidated Environment is at risk for the compromise of system and structural integrity.

More Related Content

PDF
Remote administration of bms through android application
eSAT Journals
 
PDF
Object Oriented Secure Modeling using SELinux Trusted Operating System
Eswar Publications
 
PDF
IRJET - Scrutinize the Utility of Preserved Data with Privacy
IRJET Journal
 
DOCX
report on network security fundamentals
Jassika
 
PDF
Analysis of Embedded Linux Literature Review Report
Sitakanta Mishra
 
PDF
NC CNC DNC - A K Mansuri
Mansuriak
 
PDF
MC 7204 OS Question Bank with Answer
sellappasiva
 
PDF
Information security management guidance for discrete automation
johnnywess
 
Remote administration of bms through android application
eSAT Journals
 
Object Oriented Secure Modeling using SELinux Trusted Operating System
Eswar Publications
 
IRJET - Scrutinize the Utility of Preserved Data with Privacy
IRJET Journal
 
report on network security fundamentals
Jassika
 
Analysis of Embedded Linux Literature Review Report
Sitakanta Mishra
 
NC CNC DNC - A K Mansuri
Mansuriak
 
MC 7204 OS Question Bank with Answer
sellappasiva
 
Information security management guidance for discrete automation
johnnywess
 

Viewers also liked (16)

PDF
Mousavi and Bazrgar 2014
Amir Behzad Bazrgar
 
PDF
FergusonAATribute
Frank "Rue" Tamru
 
PDF
N binarios
danielamontanez97
 
DOCX
Epigonal amp إيبيجونال حقن by pharmacia1.com
Ahmed Baker
 
PDF
قرار رئيسا لجمهورية مصر العربية بقانون الخدمة المدنية
mhmas
 
PDF
PhillipDaniel_CV
Phillip Daniel
 
DOCX
article on education
Ravi Dasari
 
PDF
Fes el pas
Sergi Pich Cañisà
 
PDF
Module_CLP-Markets-Staff-Training
S. M. Mainul Islam (Nutritionist, Agriculturist)
 
PPTX
IT Tecnologies
FozanRizvi
 
PDF
week8_finalproject_garst
Ashley Garst
 
PPTX
B2 b integration
Shafique002
 
DOCX
Folliropine fsh
Ahmed Baker
 
DOCX
FISH Training Module for RED
S. M. Mainul Islam (Nutritionist, Agriculturist)
 
PDF
PTCIL
Balwant Singh
 
PPTX
Daily fantasy sports
oddsandpots
 
Mousavi and Bazrgar 2014
Amir Behzad Bazrgar
 
FergusonAATribute
Frank "Rue" Tamru
 
N binarios
danielamontanez97
 
Epigonal amp إيبيجونال حقن by pharmacia1.com
Ahmed Baker
 
قرار رئيسا لجمهورية مصر العربية بقانون الخدمة المدنية
mhmas
 
PhillipDaniel_CV
Phillip Daniel
 
article on education
Ravi Dasari
 
Fes el pas
Sergi Pich Cañisà
 
Module_CLP-Markets-Staff-Training
S. M. Mainul Islam (Nutritionist, Agriculturist)
 
IT Tecnologies
FozanRizvi
 
week8_finalproject_garst
Ashley Garst
 
B2 b integration
Shafique002
 
Folliropine fsh
Ahmed Baker
 
FISH Training Module for RED
S. M. Mainul Islam (Nutritionist, Agriculturist)
 
PTCIL
Balwant Singh
 
Daily fantasy sports
oddsandpots
 
Ad

Similar to IRS_Tier_2_Compiler_Policy_V3 (20)

PPTX
One m2m 3- managment_capability
Hamdamboy (함담보이)
 
PPTX
oneM2M security summary
Jongseok Choi
 
PDF
A Survey Embedded Systems Supporting By Different Operating Systems.pdf
Fiona Phillips
 
PDF
SAUDI-NCA-OTCC-Mapping-Guide-TXOne-WP-v.pdf
jankokersnik70
 
PDF
Mapping document
Suresh Kesavan
 
PPTX
Embedded System Design (Automation) - Lesson 1.pptx
IsankaMarasinghe1
 
PDF
Project Report on Intrusion Detection System
Vishal Polley
 
PDF
TMS320F28335 security
raje21
 
PDF
A COMBINATION OF THE INTRUSION DETECTION SYSTEM AND THE OPEN-SOURCE FIREWALL ...
IJCNCJournal
 
PDF
A Combination of the Intrusion Detection System and the Open-source Firewall ...
IJCNCJournal
 
PPT
N(I)2 Overview Including Functional Processes
kvz
 
PDF
IRJET-Domain Data Security on Cloud
IRJET Journal
 
PPT
Industrial control systems cybersecurity.ppt
DelforChacnCornejo
 
PPTX
Cyber Security.pptx
John96107
 
PDF
Src 147
sudhakar5472
 
PDF
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
PPTX
F5_and_Azure_v3.pptx
RifqiMultazamOfficia
 
PDF
Cloud Security Solution Overview
Cisco Service Provider
 
PDF
CEMS_Guideline_II.pdf
CharlesChong11
 
PDF
oneM2M Introduction and security
Jongseok Choi
 
One m2m 3- managment_capability
Hamdamboy (함담보이)
 
oneM2M security summary
Jongseok Choi
 
A Survey Embedded Systems Supporting By Different Operating Systems.pdf
Fiona Phillips
 
SAUDI-NCA-OTCC-Mapping-Guide-TXOne-WP-v.pdf
jankokersnik70
 
Mapping document
Suresh Kesavan
 
Embedded System Design (Automation) - Lesson 1.pptx
IsankaMarasinghe1
 
Project Report on Intrusion Detection System
Vishal Polley
 
TMS320F28335 security
raje21
 
A COMBINATION OF THE INTRUSION DETECTION SYSTEM AND THE OPEN-SOURCE FIREWALL ...
IJCNCJournal
 
A Combination of the Intrusion Detection System and the Open-source Firewall ...
IJCNCJournal
 
N(I)2 Overview Including Functional Processes
kvz
 
IRJET-Domain Data Security on Cloud
IRJET Journal
 
Industrial control systems cybersecurity.ppt
DelforChacnCornejo
 
Cyber Security.pptx
John96107
 
Src 147
sudhakar5472
 
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
F5_and_Azure_v3.pptx
RifqiMultazamOfficia
 
Cloud Security Solution Overview
Cisco Service Provider
 
CEMS_Guideline_II.pdf
CharlesChong11
 
oneM2M Introduction and security
Jongseok Choi
 
Ad

More from David G. Peterson, PMP (9)

PDF
Winstar_NEW_Billing_High_Level_Merged
David G. Peterson, PMP
 
PDF
Winstar_FM2B_VIEWS_V21
David G. Peterson, PMP
 
PDF
MCPS_ADMINISTRATIVE_REPORTS_OVERVIEW
David G. Peterson, PMP
 
PDF
IRS_DGP_Modernization_Oracle_DB_Naming_Stds
David G. Peterson, PMP
 
PDF
IRS_T2_TA_TRR_SOP_V1_0
David G. Peterson, PMP
 
PDF
MCPS_IDMS_to_Oracle_Conversion
David G. Peterson, PMP
 
PDF
CCATS_CONVERSION
David G. Peterson, PMP
 
PDF
PGCPS_DataConversion_High_Level
David G. Peterson, PMP
 
PDF
IRS_CHCS_Respond to Inquiries
David G. Peterson, PMP
 
Winstar_NEW_Billing_High_Level_Merged
David G. Peterson, PMP
 
Winstar_FM2B_VIEWS_V21
David G. Peterson, PMP
 
MCPS_ADMINISTRATIVE_REPORTS_OVERVIEW
David G. Peterson, PMP
 
IRS_DGP_Modernization_Oracle_DB_Naming_Stds
David G. Peterson, PMP
 
IRS_T2_TA_TRR_SOP_V1_0
David G. Peterson, PMP
 
MCPS_IDMS_to_Oracle_Conversion
David G. Peterson, PMP
 
CCATS_CONVERSION
David G. Peterson, PMP
 
PGCPS_DataConversion_High_Level
David G. Peterson, PMP
 
IRS_CHCS_Respond to Inquiries
David G. Peterson, PMP
 

IRS_Tier_2_Compiler_Policy_V3

  • 1. DRAFT DRAFT Policy for Compiler and Interpreter Usage Within Tier II Production Centers and Platforms In Compliance with IRM 2.1.7, 2.1.8, 2.1.10, and 21.2
  • 2. DRAFT DRAFT TABLE OF CONTENTS 1.0 INTRODUCTION 1 2.0 PREMISES 1 3.0 REFERENCES AND AUTHORITY 1 4.0 MISSION 1 4.1 THE ROLE OF DSMB 2 4.2 DSMB RESPONSIBILITIES 2 4.3 UNIX SECURITY 2 4.4 IRM 2.1.7 3 4.5 IRM 2.1.8 3 4.6 IRM 2.1.10 4 4.7 IRM 21.2 5 4.8 IRS DOCUMENT 9627, INFORMATION SYSTEMS SECURITY PROCEDURAL GUIDE 5 5.0 SECURITY 6 6.0 POLICY FOR COMPILER AND INTERPRETER USAGE WITHIN TIER II PRODUCTION SYSTEMS 6 6.1 PERL AND IRM 102.1.4 6 6.2 INITIAL AUDIT OF TIER II CORPORATE PLATFORMS 7 6.3 USAGE OF INITIAL AUDIT REPORT 7 6.4 FUTURE USAGE OF COMPILERS AND INTERPRETERS ON TIER II CORPORATE PLATFORMS 8 6.5 SECONDARY AND PERIODIC AUDITS 9 7.0 CONSEQUENCES RESULTING FROM NOT ESTABLISHING THIS POLICY 9
  • 3. DRAFT Page: 1 DRAFT 1.0 Introduction In accordance and compliance with the standards detailed in IRM 2.1.7, Information Systems Operations; and the directives detailed in IRM 2.1.8, Information Systems Operations Support, and IRM 2.1.10, Information Systems Security; this document will: (1) Define the policy for the usage of compilers and interpreters within the Tier II Production environment at the Computing Centers and Campuses. (2) Outline the tasks required to fulfill that policy. 2.0 Premises (1) All Tier II systems operate in a trusted environment. (2) The Distributed Systems Management Branch, M:I:SS:DS (DSMB) is responsible for all Tier II platforms. (3) The Distributed Systems Management Branch, M:I:SS:DS (DSMB) is responsible for Configuration Management (CM) on all Tier II corporate platforms (SUN, NUMA-Q, EMC). (4) Without the establishment of the policy listed in the previous section, the Tier II Consolidated Environment is at risk for the compromise of system and structural integrity. 3.0 References and Authority The following documents are cited here as references and authority for this Policy: (1) Memo of June 7, 1999 from Paul J. Cosgrave, CIO, on Tier II Systems Management. (2) IRM Handbook 102.13, Information Technology Systems, Chapter 5, Basic UNIX Security Requirements (BUSR) Handbook (3) IRM 2.1.7, Information Systems Operations, dated November 1, 2000 (4) IRM 2.1.8, Information Systems Operations Support, dated November 1, 2000 (5) IRM 2.1.10, Information Systems Security, dated April 30, 1998 (6) IRM 21.2, Customer Accounts Services, dated March 3, 2001 (7) IRS Document 9627, Information Systems Security Procedures Guide (8) IRM 102.1, Standard Systems Profile, Chapter 4, Software Engineering Services (9) Tier II Systems Support Organizational Roles and Responsibilities document, Release 3.2, dated October 20, 2000. (10) Policy for Security and Access Within Tier II Centers and Platforms. 4.0 Mission (1) The following sections outline the mission and responsibilities of DSMB for Tier II Management and Technical Support.
  • 4. DRAFT Page: 2 DRAFT 4.1 The Role of DSMB (1) As stated in Reference (1), management responsibility for all Tier II systems has been assigned to the Systems Support Division (SSD). This responsibility includes Management Policy, Configuration Management (CM), standards, and technical support including tuning and troubleshooting assistance. Within SSD, the Distributed Systems Management Branch (DSMB) will have primary responsibility for this activity. This branch will provide technical guidance and support for the operating systems, database management systems, system utilities, COTS products, and telecommunications interface software running on all Tier II production, D/R, and PDS platforms. DSMB management and technical support includes version and update control, distribution and problem solving of and for operating and data base management systems and configuration management of these platforms. Additionally, the branch will have direct responsibility for corporately managing Tier II systems software components, such as the Sun and Sequent systems installed in the Service's Computing Centers and Campuses, respectively. 4.2 DSMB Responsibilities (1) As stated in Reference (9), the DSMB is responsible for technical and programmatic management of all Tier II systems service wide, to include acquisition, use, management and disposition of Tier II hardware and other system resources, including asset management and reporting. The mission includes setting, and enforcing standards and strategic direction for hardware and system components, including DBMSs. DSMB may delegate responsibility to subordinate organizations to accomplish this mission. (2) Within the context of the DSMB mission, the National Office (NO) has the primary responsibility for both Configuration Management (CM) and Controlled Access Protection (C2). 4.3 UNIX Security (1) As stated in Reference (3), The IRM Handbook 102.13 provides basic security requirements for Internal Revenue Service (IRS) UNIX computer systems and networks based on C2 functionality. (2) Chapter 5 of the handbook specifically addresses the Basic UNIX Security Requirements (BUSR) for IRS Information Technology Systems.
  • 5. DRAFT Page: 3 DRAFT 4.4 IRM 2.1.7 (1) Section 2.1.7.1 (11-01-2000), Information Systems Operations, states: (1) This section provides general standards and requirements to be observed by all personnel throughout the Service in carrying out their Information Systems (IS) Operations responsibilities. This information is applied to all Systems including those not directly controlled by the Chief Information Officer (CIO). (2) Section 2.1.7.2.1 (11-01-2000), National Office IRMs and Handbooks, states: (3) General standards must be established at the National Office level to ensure that activities are properly administered at the local level. (3) In accordance with the above statements, the DSMB will establish all standards, policies, and procedures that will guide all aspects of Tier II Computing Centers and Campuses. This includes Configuration Management (CM) and Controlled Access Protection (C2). 4.5 IRM 2.1.8 (1) Section 2.1.8.2 (05-11-2000), Systems Control Point Overview, defines the concept, responsibilities, and duties of the Control Point function. (2) In the context of the Control Point function, and for all Tier II Computing Centers and Campuses, the DSMB will function as the high-level Control Point for standards, procedures, policies, distribution, and the SSD Configuration Control Board (CCB). The SSD CCB explicitly pertains to all installation, upgrade, or maintenance activities for operating systems, database systems, and COTS software across all Tier II Computing Centers and Campuses.
  • 6. DRAFT Page: 4 DRAFT 4.6 IRM 2.1.10 (1) IRM 2.1.10, Information Systems Security, provides policies and requirements to be used by IRS organizations to carry out their respective responsibilities in information systems security. Among the subject areas covered in this IRM are the following: 10.1.3 – Information Systems Security Regulations 10.2.4 - Configuration Management (CM) 10.4 - Security Guidelines 10.4.1.8 – Information System User 10.4.3 - Controlled Access Protection (C2) 10.4.3.2 – C2 Security Features (2) All activities of Tier II Computing Centers and Campuses will comply with all subsections of 10.1.3 – Information Systems Security Regulations. (3) For all Tier II Computing Centers and Campuses, the DSMB functions as the high-level Configuration Management (CM) authority. This explicitly pertains to all installation, upgrade, or maintenance activities for operating systems, database systems, and COTS software across all Tier II Centers and Platforms. (4) For all Tier II Computing Centers and Campuses, the DSMB will define and enforce all policies and procedures pertaining to IRM 2.1.10.4 – Security Guidelines. The specific sections that apply to this policy are listed below: • IRM 2.1.10.4.1.8 – Information System User. This states the following: • protect access IDs and authentication codes (e.g., passwords, personal identification numbers (PIN), encryption codes, etc.) from any misuse and improper disclosure; • access only authorized data and applications necessary to perform management approved responsibilities. However, access capability does not equate to authority (e.g., browsing of taxpayer data is not permitted) • IRM 2.1.10.4.3 - Controlled Access Protection (C2). This explicitly pertains to all installation, upgrade, or maintenance activities for operating systems, database systems, and COTS software across all Tier II Computing Centers and Campuses. The specific section that applies to this policy is listed below: • IRM 2.1.10.4.3.2 – C2 Security Features. This states the following: • To maintain baseline security requirements for sensitive but unclassified (SBU) information systems and networks, C2 requirements shall be maintained. Controlled access protection provides the following security features: • ensure individual accountability through identification and authentication of each individual system user; • maintain an audit trail of user security relevant events; • control response to a user request to access information according to the user authorization; and
  • 7. DRAFT Page: 5 DRAFT • prevent unauthorized access to a user's current or residual data by clearing all storage areas (core, disk, etc.) before the storage areas are allocated or reallocated. 4.7 IRM 21.2 (1) Subsection 21.2.2.3.2 references the Taxpayer Browsing Protection Act. This subsection states that “All IRS employees are required by law to protect the confidentiality of a taxpayer's tax matters. You must ensure you are dealing with the taxpayer or someone properly authorized to receive this data before giving out any tax information. “ (2) The provisions of this new law are listed below: a. Willful unauthorized access or inspection of non-computerized taxpayer records, including hard copies of returns - as well as computerized information - is a misdemeanor, punishable, upon conviction, by fines, prison terms and termination of employment. b. Taxpayers have the right to take legal action when they are victims of unlawful access or inspection - even if a taxpayer's information is never revealed to a third party. c. When managers or employees are criminally charged, we are required to notify taxpayers that their records have been accessed without authorization. d. In short, the new law closes the loopholes in the existing statutes on willful UNAX or inspection. It makes all cases of UNAX - electronic and paper - a crime that carries with it penalties ranging from loss of job to fines and prison terms if an individual is convicted. And in all substantiated cases of UNAX, the appropriate managerial response, absent any mitigating circumstances, will be removal. 4.8 IRS Document 9627, Information Systems Security Procedural Guide (3) The purpose of IRS Document 9627 is to provide standardized procedures to be used by Internal Revenue Service organizations to ensure the protection of sensitive but unclassified (SBU) information systems, applications, and networks. Document 9627 includes "how to" guidance for certain items addressed in IRM 2.1.10, Information Systems Security. Document 9627 is not meant to cover all procedures for all the various security processes. Additional procedures are being considered for inclusion in the future revisions of this document. (4) Document 9627 provides procedures for: • Computer Security Plan • Risk Assessment • Virus and Malicious Software Prevention • Controlled Access Protection (C2) • Security Compliance Review • Security Exception • Security Documentation
  • 8. DRAFT Page: 6 DRAFT 5.0 Security (1) All established IRS security procedures would be followed. The IRS form 5081 will be used to request access for primary and alternate DSMB staff to fulfill their mission. In addition, all applicable sections of the UNIX Security Standards, Reference 3, will be strictly adhered to. 6.0 Policy for Compiler and Interpreter Usage within Tier II Production Systems (1) The following section delineates the policy for the usage of compilers and interpreters within the Tier II corporate platforms. This policy will apply to all Production Tier II corporate platforms at both the Computing Centers and Campuses. (2) This policy will ensure that the Tier II environment complies with all applicable standards, policies, and regulations for Production IRS systems. 6.1 PERL and IRM 102.1.4 (1) Section 102.1.4.3 addresses Special Use Languages. In particular, this section of the IRM states that: the languages presented (i.e. C++, 4GLs, and PERL) are not approved for the development of production systems within the IRS. If adherence to this standard is either impossible or not in the best interest of the IRS then an approved waiver must be obtained. See IRM2.1.11, Systems Standards Profile, Section 1.6, SSP Waiver Process. (2) Section 102.1.4.3.3.2 Guidance states that: PERL is not a mandatory Federal Standard, but has been selected for use by the IRS for the following reasons: • PERL as a de facto standard is being widely accepted by industry; • PERL is a leading component for Internet/Intranet development; • PERL’s process, file, and text manipulation facilities make it particularly well suited for tasks involving quick prototyping, system utilities, report generation, database access, systems management tasks, and lnternet/lntranet programming. (3) While PERL has been selected for use by the IRS, its use is prohibited on Tier II corporate platforms due to the lack of security inherent in the language and lack of product support by the platform vendor. In particular, it will not reside on any Tier II production platform.
  • 9. DRAFT Page: 7 DRAFT 6.2 Initial Audit of Tier II Corporate Platforms (1) DSMB will conduct an audit of all Tier II corporate platforms at both the Computing Centers and the Campuses. (2) This audit shall be used as a baseline to identify the existence and usage of compilers and interpreters on all Tier II corporate platforms. (3) The audit will be conducted in one (1) of three (3) ways: • DSMB will audit directory listings when doing site visits in accordance with Reference 10, the Policy for Security and Access within Tier II Centers and Platforms • This policy details the access accorded DSMB personnel • Access will be provided in accordance with it • By DSMB's use of infrastructure management tools • And by DSMB's coordinating with TIGTA and SPO to ensure this topic is covered in their audits (4) This audit will generate a detailed report, for each site and system, containing the following information: • Center or Campus • Platform • Operating System and Version • Compiler or Interpreter name • Compiler or Interpreter release/version • Date installed • Date uninstalled 6.3 Usage of Initial Audit Report (1) Using the audit report, all identified compilers and interpreters will be removed from every Tier II production system at both the Computing Centers and the Campuses. • All compilers and interpreters will be archived to tape. (2) The removal process will generate a detailed audit report, for each site and system, containing the following information: • Center or Campus • Platform • Operating System and Version • Compiler or Interpreter name • Compiler or Interpreter release/version • Date removed
  • 10. DRAFT Page: 8 DRAFT 6.4 Future Usage of Compilers and Interpreters on Tier II Corporate Platforms (1) Future usage of compilers and interpreters within the Tier II corporate platforms will be initiated and tracked through the Change Request (CR) process. The CR must include a justification to DSMB for the proposed usage of the compiler or interpreter and approval shall be granted by DSMB. (2) Normally, DSMB Transmittal procedures will provide the authority for the use of the compiler. (3) The following policies will apply for the future usage of all compilers (e.g., COBOL, C, etc.) and interpreters (e.g., PERL, BASIC, etc.) on Tier II corporate platforms. (4) Compilers are pre-approved only to be used for compiling the UNIX kernel. However, these compilers shall be uninstalled when not required for use on the kernel. (a) The following process would be followed: • An audit trail will be initiated. • The compiler would be installed. • The kernel would be compiled. • The compiler would be removed after the compile. • The audit trail would be closed, and the audit report generated.
  • 11. DRAFT Page: 9 DRAFT 6.5 Secondary and Periodic Audits (1) A secondary audit (spot check) may be conducted by DSMB to verify the removal, at the discretion of DSMB. This would be an 'unannounced' type of audit. (2) The audit will be conducted in one (1) of three (3) ways: • When doing site visits in accordance with Reference 10, the Policy for Security and Access within Tier II Centers and Platforms • This policy details the access accorded DSMB personnel • Access will be provided in accordance with it • By using infrastructure management tools • And by coordinating with TIGTA and SPO to ensure this topic is covered in their audits (3) Periodic (spot check) audits will be conducted by DSMB to verify that no compilers are resident on Tier II production systems (4) As stated in Reference (9), DSMB is responsible for the Configuration Management (CM) of the Tier II corporate platforms. In support of the CM function assigned to the National Office (NO) Systems Administrators (SAs) are responsible for controlling version updates to the Operating System (OS). (5) In accordance with Reference (9), the National Office (NO) Systems Administrators (SAs) will be granted the necessary access level (Root) to conduct the audit of any Production Tier II platform. 7.0 Consequences Resulting from not Establishing this Policy (1) To be able to provide the required controlled access environment, certain policies and subsequent implementations dictate that compilers and interpreters should be removed just as certain remote access commands need to be removed. The requirements for C2, or the comparable Common Criteria version, cannot be met without setting a policy to remove or to tightly control unnecessary software such as compilers and interpreters. (2) Without the establishment of the policy listed in the previous section, the Tier II Consolidated Environment is at risk for the compromise of system and structural integrity.