CESNET CA GRID Certificate Policy: Version 1.1; Draft 2
PrevNext

5. PHYSICAL, PROCEDURAL, AND PERSONNEL SECURITY CONTROLS

Security requirements imposed on the conforming CA are indicated in the CPS. In every case this policy states that CA MUST be run on a dedicated workstation. The workstation MUST be physically secured.

5.1. Physical Controls

5.1.1. Site location and construction

No stipulation.

5.1.2. Physical access

The physical access to the site in which the CA operates MUST be restricted only to explicitly authorized people.

5.1.3. Power and air conditioning

No stipulation.

5.1.4. Water exposures

No stipulation.

5.1.5. Fire prevention and protection

No stipulation.

5.1.6. Media storage

No stipulation.

5.1.7. Waste disposal

No stipulation.

5.1.8. Off-site backup

No stipulation.

5.2. Procedural Controls

All the issues related to procedural control like the definition of trusted roles MUST be specified in the CPS.

5.2.1. Trusted roles

No stipulation.

5.2.2. Number of persons required per task

No stipulation.

5.2.3. Identification and authentication for each role

No stipulation.

5.3. Personnel Controls

The personnel operating the CA MUST be technically and professionally competent. Every conforming CA SHOULD specify in the CPS further details concerning this particular topic and the related issues.

5.3.1. Background, qualifications, experience, and clearance requirements

No stipulation.

5.3.2. Background check procedures

No stipulation.

5.3.3. Training requirements

No stipulation.

5.3.4. Retraining frequency and requirements

No stipulation.

5.3.5. Job rotation frequency and sequence

No stipulation.

5.3.6. Sanctions for unauthorized actions

No stipulation.

5.3.7. Contracting personnel requirements

No stipulation.

5.3.8. Documentation supplied to personnel

No stipulation.

PrevHomeNext
OPERATIONAL REQUIREMENTS TECHNICAL SECURITY CONTROLS