NIST Special Publication 800-47
Security Guide f or
Interconnecting Inf ormation
Technolog y Systems
Recommendations of the National Institute
of Standards and Technology
Tim Grance
Joan Hash
Steven Peck
Jonathan Smith
Karen Korow-Diks
Security Guide for
Interconnecting Information
Technology Systems
Recommendations of the National Institute of
Standards and Technology NIST Spe cial Pu blicatio n 800-47
C O M P U T E R S E C U R I T Y
Computer Security Division
Information Technology Laboratory
National Inst itute of Stan dards and T echnology
Gaithersburg, MD 2089 9-8930
August 2002
U.S. Departme nt of Commerc e
Donald L. Eva ns, Secreta ry
Technolog y Administratio n
Phillip J. Bond, Under Secretary for Tech nology
Natio nal Institu te of Standards and T echnol ogy
Arden L. Bement, Jr., Director
Acknowledgements
The authors, Joan Hash an d Tim Grance of the National Institute of Standards and Technology (NIST),
and Steven Peck, Jonathan Sm ith, and Karen Korow-Di ks of Booz Allen Ham ilton, wish to t hank their
colleagues who reviewed drafts of this docum ent an d contributed to its technical content. We also
gratefully acknowledge and appreciate the many comme nts we received from readers of the public and
private sector s, whose valuable insights im proved the quality and usefulness of th is docum ent. Finally ,
we wish to express thanks to the U.S. Custo ms Serv ice for use of the Interconnection Securit y Agreem ent
(ISA) guidan ce docu ment and sam ple ISA, which are included in this docum ent.
Any mention of commercia l products or reference to commercial organizati ons is for informati on only; it
does not impl y recommendation or endorsement by NIST nor does it imply that t he products mentioned
are neces sarily the best available for the purpose.
i SECURIT Y GUIDE FOR INTERC ONNECTING IT S YSTEMS
Table of Contents
EXECUTIVE SUMMARY ........................................................................................................ ES-1
1. INTRODUCTION ................................................................................................................ 1-1
1.1 Authority ................................................................................................................... 1-1
1.2 Purpose .................................................................................................................... 1-1
1.3 Scope ....................................................................................................................... 1-1
1.4 Audience .................................................................................................................. 1-1
1.5 Other Appro aches to System Interconnectivity ........................................................ 1-2
1.6 Document Structure ................................................................................................. 1-2
2. BACKGROUND ................................................................................................................. 2-1
3. PLANNI NG A SYSTE M INTERCONNECTI ON................................................................. 3-1
3.1 Step 1: Establish a Joint Planning Te am................................................................. 3-1
3.2 Step 2: Define the Busin ess Case ........................................................................... 3-1
3.3 Step 3: Perform Certification and Accreditation ....................................................... 3-2
3.4 Step 4: Determine Interconnection R equirements ................................................... 3-2
3.5 Step 5: Document Interconnection A greement ........................................................ 3-5
3.6 Step 6: Approve or Reject System In terconnectio n................................................. 3-6
4. ESTABLI SHING A SY
NIST.SP.800-47 Security Guide for Interconnecting Information Technology Systems
安全标准 >
NIST >
文档预览
中文文档
58 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共58页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2022-12-05 09:09:51上传分享