The National Academies Press

Currently Skimming:

5. Security
Pages 58-65

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 58... ... Unfortunately, current projects are being implemented without an overall enterprise-wide security technical framework, which almost guarantees inadequate support of security requirements. Without immediate, extensive, and effective implementation of the recommendations mace in this chapter, the gap between the current TSM security posture and the minimum security acceptable will continue to widen, thus virtually ensuring massive security breeches in the coming years. Read the entire page →
From page 59... ... The threats that the committee believes the IRS needs to design against are the following: � Outsiders, including individuals, organizations, companies, and foreign governments that want to obtain confidential IRS taxpayer information and to access control passwords and protocols for the purpose of selling the information, blackmailing taxpayers, causing political embarrassment to the IRS, improving their negotiating position in criminal or civil actions, denying system availability, and modifying or destroying records; � IRS employees, contractors, and vendors who are disgruntled or have been bribed to obtain such information for the above-stated purposes; and � Some combination of outside and inside collaborators. Until several years ago, all taxpayer data were processed on stand-alone systems and moved physically on magnetic tape. Read the entire page →
From page 60... ... Hence, the defenses built into the TSM systems must be significantly better than those needed by other agencies. ASSESSMENT OF SECURITY POLICY, REQUIREMENTS, AND ARCHITECTURES The committee endorses the top-down approach that the IRS has taken, starting with security policy, security requirements, security architecture, and specific security design and trade-off evaluation guidelines. Read the entire page →
From page 61... ... Without a detailed security architecture driving the infrastructure project design and the application developments, the resulting security approach and implementation will require extensive and expensive corrections in the future. The infamous quote, "We always have time to do it right the second time," is not applicable here. Read the entire page →
From page 62... ... Such solutions significantly increase a manager's ability to control access to information by insiders and to decrease the risk of intrusion by outsiders. In adclition, an individual user-based authentication scheme provides a much-improved audit trail for investigating potential security violations. Read the entire page →
From page 63... ... Developers and ac~ministrators should reroute sensitive traffic over encrypted circuits, and no further waivers should be granted for any noncompliant CON security conditions. � The following macrolevel security design standards shouIci be used by all IRS, not just TSM, development projects: 1. Read the entire page →
From page 64... ... Security is an organizational problem. Therefore, the entire IRS management corps must emphasize that security is a key performance criterion for operational acceptance of new and upgraded TSM projects, and that rewards and promotion of key personnel depend on achieving an adequate security posture and meeting security milestones. Read the entire page →
From page 65... ... As stated in Chapter 2 of this report, the fRS must increase the maturity of its development processes immecliately, including the methods by which security requirements are promulgated, implemented, and enforced. The security simulation and modeling tools to perform enterprise-wide analysis, detailed security trade-offs, identification and measurement of metrics, and throughput analysis are not available or integrated into the normal security design process. Read the entire page →

From page 58...

... Unfortunately, current projects are being implemented without an overall enterprise-wide security technical framework, which almost guarantees inadequate support of security requirements. Without immediate, extensive, and effective implementation of the recommendations mace in this chapter, the gap between the current TSM security posture and the minimum security acceptable will continue to widen, thus virtually ensuring massive security breeches in the coming years.

Read the entire page →

From page 59...

... The threats that the committee believes the IRS needs to design against are the following: � Outsiders, including individuals, organizations, companies, and foreign governments that want to obtain confidential IRS taxpayer information and to access control passwords and protocols for the purpose of selling the information, blackmailing taxpayers, causing political embarrassment to the IRS, improving their negotiating position in criminal or civil actions, denying system availability, and modifying or destroying records; � IRS employees, contractors, and vendors who are disgruntled or have been bribed to obtain such information for the above-stated purposes; and � Some combination of outside and inside collaborators. Until several years ago, all taxpayer data were processed on stand-alone systems and moved physically on magnetic tape.

Read the entire page →

From page 60...

... Hence, the defenses built into the TSM systems must be significantly better than those needed by other agencies. ASSESSMENT OF SECURITY POLICY, REQUIREMENTS, AND ARCHITECTURES The committee endorses the top-down approach that the IRS has taken, starting with security policy, security requirements, security architecture, and specific security design and trade-off evaluation guidelines.

Read the entire page →

From page 61...

... Without a detailed security architecture driving the infrastructure project design and the application developments, the resulting security approach and implementation will require extensive and expensive corrections in the future. The infamous quote, "We always have time to do it right the second time," is not applicable here.

Read the entire page →

From page 62...

... Such solutions significantly increase a manager's ability to control access to information by insiders and to decrease the risk of intrusion by outsiders. In adclition, an individual user-based authentication scheme provides a much-improved audit trail for investigating potential security violations.

Read the entire page →

From page 63...

... Developers and ac~ministrators should reroute sensitive traffic over encrypted circuits, and no further waivers should be granted for any noncompliant CON security conditions. � The following macrolevel security design standards shouIci be used by all IRS, not just TSM, development projects: 1.

Read the entire page →

From page 64...

... Security is an organizational problem. Therefore, the entire IRS management corps must emphasize that security is a key performance criterion for operational acceptance of new and upgraded TSM projects, and that rewards and promotion of key personnel depend on achieving an adequate security posture and meeting security milestones.

Read the entire page →

From page 65...

... As stated in Chapter 2 of this report, the fRS must increase the maturity of its development processes immecliately, including the methods by which security requirements are promulgated, implemented, and enforced. The security simulation and modeling tools to perform enterprise-wide analysis, detailed security trade-offs, identification and measurement of metrics, and throughput analysis are not available or integrated into the normal security design process.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

5. Security Pages 58-65

5. Security
Pages 58-65