Difference between revisions of "Template:LIMSpec/Cybersecurity"
From LIMSWiki
Jump to navigationJump to searchShawndouglas (talk | contribs) (Created as needed.) |
Shawndouglas (talk | contribs) (Added NIST 800-53 to various items) |
||
| Line 16: | Line 16: | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.8.2.1]<br /> | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.8.2.1]<br /> | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.10.1.2]<br /> | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.10.1.2]<br /> | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy Appendix G.6] | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy Appendix G.6]<br /> | ||
[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf NIST 800-53, Rev. 4, AC-17(2)] | |||
| style="background-color:white;" |'''35.1''' The system should use secure communication protocols like SSL/TLS over Secure Hypertext Transfer Protocol with 256 bit encryption. | | style="background-color:white;" |'''35.1''' The system should use secure communication protocols like SSL/TLS over Secure Hypertext Transfer Protocol with 256 bit encryption. | ||
|- | |- | ||
| Line 26: | Line 27: | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.5.2.4]<br /> | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.5.2.4]<br /> | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.10.1.2]<br /> | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.10.1.2]<br /> | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy Appendix G.6] | [https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy Appendix G.6]<br /> | ||
[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf NIST 800-53, Rev. 4, SC-13 and SC-28(1)] | |||
| style="background-color:white;" |'''35.2''' The system should support database encryption and be capable of recording the encryption status of the data contained within. | | style="background-color:white;" |'''35.2''' The system should support database encryption and be capable of recording the encryption status of the data contained within. | ||
|- | |- | ||
| style="padding:5px; width:500px;" |[https://www.law.cornell.edu/cfr/text/42/493.1231 42 CFR Part 493.1231]<br />[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.6.2.2.1] | | style="padding:5px; width:500px;" |[https://www.law.cornell.edu/cfr/text/42/493.1231 42 CFR Part 493.1231]<br /> | ||
[https://www.fbi.gov/services/cjis/cjis-security-policy-resource-center CJIS Security Policy 5.6.2.2.1]<br /> | |||
[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf NIST 800-53, Rev. 4, AC-3]<br /> | |||
[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf NIST 800-53, Rev. 4, IA-2, IA-2(1–4), and IA-8]<br /> | |||
[https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf NIST 800-53, Rev. 4, MA-4] | |||
| style="background-color:white;" |'''35.3''' The system should be able to support multifactor authentication. | | style="background-color:white;" |'''35.3''' The system should be able to support multifactor authentication. | ||
|- | |- | ||
