ImageVerifierCode 换一换
格式:PDF , 页数:19 ,大小:642.05KB ,
资源ID:979650      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-979650.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(NAVY MIL-HDBK-804-1990 NETWORK USER ID AND PASSWORD PROCEDURES《网络用户身份和密码程序》.pdf)为本站会员(eventdump275)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

NAVY MIL-HDBK-804-1990 NETWORK USER ID AND PASSWORD PROCEDURES《网络用户身份和密码程序》.pdf

1、MILITARY HANDBOOK NETWORK USER ID AND PASSWORD PROCEDURES Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-_- - MIL-HDBK-804 IP m 7777970 0055877 4 MIL-HDBK-804(0M) FOREWORD 1. Automation Command (NAVDAC), Department of Navy (DON) and is available for

2、 use by all Departments and Agencies of the;Department of Defense (DOD). This military handbook (MIL-HDBK) is approved for use by the Naval Data 2. Beneficial comments (recommendations, additions, deletions) and any pertinent data which may be of use in improving this document should be addressed to

3、: Commander, Naval Data Automation Command (COMNAVDAC), Washington Navy Yard, Washington, DC 20374-1662 using the Standardization Document Improvement Proposal (DD Form 1426) appearing at the end of this document or by letter. 3. review and refinement of current procedures for user IDS and passwords

4、 necessary. and responsibilities for information systems (IS) security. The use of advanced communications network technology in the Navy makes Also of importance is the clear definition of organizational roles 4. roles and responsibilities for computer and network security in the Navy. Worldwide Mi

5、litary Command and Control System (WWMCCS) has also identified responsibilities, procedures, and requirements for IS security throughout the WWMCCS community. The WMCCS Intercomputer Network (WIN) accommodates roles and responsibilities that are similar, applicable, and adaptable to Navy network req

6、uirements. This handbook amplifies those roles and responsibilities as they apply to the administration and control of user identification (ID) and passwords Navy-wide. 5. This handbook was reviewed and considered by the Auditor General of the Navy for incorporation into the Naval Audit Service Auto

7、matic Data Processing Audit Program. This handbook was coordinated with the Defense Communications Agency for compatibility with Defense Data Network (DDN) and with the Joint Chiefs of Staff (JCS) for authorization to assign user IDS using Navy symbols defined in JCS Publication (PUB) 6-03.7 (supers

8、edes JCS PUB 22). This handbook provides for changes in the user ID and related procedures, especially the standard user ID site code, since the initial publication of Naval Data Automation Command (NAVDAC) PUB 17.10 in March 1984. The Department of the Navy Computer Security Program has defined var

9、ious The ii Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-MIL-HDBK-80Y IP m 9997970 0055900 7 m CONTENTS PARAGRAPH 1. 1.1 1.2 1.3 1.4 2. 2.1 2.1.1 2.1.2 2.2 2.3 3. 3.1 3.2 4. 4.1 4.1.1 4.1.2 4.2 4.2.1 4.2.2 4.3 4.3.1 4.3.2 4.3.3 4.3.4 4.3.5 4.3.6 4

10、.4 4.5 5. 5.1 5.1.1 5.1.2 5.2 5.3 5.4 5.5 5.6 5.7 5.8 PAGE . SCOPE 1 Scope 1 Purpose 1 Content . 1 Applicability 1 . APPLICABLE DOCUMENTS 2 Government documents 2 Specifications, standards, and handbooks 2 Other Government documents, drawings, and publications . 2 Non-Government publications 3 Order

11、 of precedence 3 DEFINITIONS AND ABBREVIATIONS 4 Definitions 4 Abbreviations 4 Background 5 IS security policy 5 Network security management 5 Administration Automatic Data Processing Security Officer (ADPSO) 5 Network Security Officer (NSO) 5 Responsibility . 5 . . . . . . 5 GENERAL REQUIREMENTS .

12、5 . . Commander, Naval Data Automation Command (COMNAVDAC) . . 6 6 Automatic Data Processing Security Officer (ADPSO) 6 Network Security Officer (NSO) 6 Customers and users 6 Contractor(s) 6 Responsibilities for Navy networks 6 Navy activities . . . Information and assistance 7 DETAILED REQUIREMENTS

13、 8 8 8 8 Standard user ID site code assignment 8 Standard user ID site code assignment exception 8 Accessrequest. 9 User ID assignments 9 . . Navy standard user ID format Standard user ID site code Standard user ID user code . . . . Password assignment and control . 10 User notification 11 ADPSO coo

14、rdination 11 iii Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-PARAGRAPH 5.9 5.9.1 5.9.2 6. 6.1 6.2 6.3 APPENDIX MIL-HDBK-04 IP m 9999970 0055701 9 m MIL-HDBK-804(0M) CONTENTS Misuse and vulnerabilities , , . . , . . . . . , . . . . . Abuse and vio

15、lation . . . . . . . . . . . . . , . . . . . Resolution . . . . . NOTES . Intended use . . . , . . . . . . . , . . . . . . . . . . . Issue of DODISS . . . . . . . , . . . . . . . , . . . Navy Information Systems Standards (NISS) . . . . . . . LIST OF APPROVED NAVY INFORMATION SYSTEMS STANDARDS . . ,

16、 . PAGE 11 11 11 12 12 12 12 13 iv Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-flIL-HDBK-Oq IP m 7777770 0055702 O m MIL-HDBK-804(0M) 1 SCOPE 1.1 Scope. This handbook describes the administrative procedures, common user ID format, and controls fo

17、r user IDS and passwords within the Navy IS community for networked systems. 1.2 Purpose. The purpose of this handbook is to provide procedures for the administration and control of user IDS and passwords in the Navy network for networked systems support. 1.3 Content. This handbook is consistent wit

18、h current Department of Defense (DOD) procedures for the WWMCCS and the DDN. 1.4 Applicability. The provisions of 6his handbook are applicable to users of Navy common user networks or networks which cross major Navy command boundaries (hereafter referred to as Navy networks), host computers, and ter

19、minals. Included are Navy networks classified below Secret, for example; Unclassified, For Official Use Only, Privacy, and Confidential. -3 1 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-MIL-HDBK-04 IP m 7777770 0055703 2 m 2. APPLICABLE DOCUMENTS

20、 2.1 Government documents. 2.1.1 Specifications, standards, and handbooks. The following specifications, standards, and handbooks form a part of this document to the extent specified herein, listed in the issue of the DOD Index of Specifications and Standards (DODISS) and supplement thereto, cited i

21、n the solicitation (see 6.2). Unless otherwise specified, the issues of these documents are those FEDERAL INFORMATION PROCESSING STANDARDS (FIPS) FIPS 112 - Password Usage (includes CSC-STD-002-85, see below). FIPS 112 is not listed in the DODISS of 1 November 1989. (Copies of Federal Information Pr

22、ocessing Standards (FIPS) listed in the DODISS are available to DOD activities from the Standardization Documents Order Desk, Building 4D, 700 Robbins Avenue, Philadelphia, PA 19111-5094. Others must order copies of FIPS from the National Technical Information Service, 5285 Port Royal Road, Springfi

23、eld, VA 22161-2171.) 2.1.2 Other Government documents, drawings. and Dubiications. The following other Government documents, drawings, and publications form a part of this document to the extent specified herein. are those cited in the solicitation. Unless otherwise specified, the issues SECNAVINST

24、5239.2 of 15 Nov 1989 OPNAVINST 5239.1A of 1 Apr 1985 JCS PUB 6-03.7 of Apr 1988 CSC-STD-002-85 of 12 April 1985 - Department of the Navy Automated Information Systems (AIS) Security Program (Stock Number 0579-LD-054-7880) (cited in paragraphs 2.3 and 4.1.1). Department of the Navy Automatic Data Pr

25、ocessing Security Program with change 1 (Stock Number 0579-LD-051-1321) (cited in paragraphs 2.3, 4.1.1, 4.2.1, 4.2.2, and 4.3) Security Policy for the Worldwide Military Command and Control System (WWMCCS) Intercomputer Network (Stock Number 0579-LP-001-0750) (supersedes JCS PUB 22, WWMCCS ADP Syst

26、em Security Manual). JCS PUB 6-03.7 is cited in paragraph 5 on page ii and in paragraphs 4.1.2 and 4.3.1). Guideline (included as appendix E of FIPS - - - Department of Defense Password Management 112) (Copies of SECNAVINST 5239.2, OPNAVINST 5239.18 and JCS PUB 6-03.7 are available from the Commandi

27、ng Officer, Naval Publications and Forms Center, 5801 Tabor Avenue, Philadelphia, PA 19120-5099. Use DOD Single Line Item Requisition (DD Form 1348) citing the stock numbers shown above. Copies of CSC-STD-002-85 are available from the Superintendent of Documents (SupDoc), U. S. Government Printing O

28、ffice (GPO), Washington, DC 20402, 202-783-3238, SupDoc stock number 008-000-00443-9, $1.75. Single copies are available to Government activities 2 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-MIL-HDBK-04 IP W 7797770 005570V MIL-HDBK-804(0M) with

29、out charge from the DOD Computer Security Center (CSC), Fort George G. Meade, Maryland 20755, Autovon 235-8742, Commercial 301-688-8742. However, CSC-STD-002-85 is reprinted as appendix E of FIPS 112.) 2.2 Non-Government publications. Not Applicable. 2.3 Order of Drecedence. and regulations unless a

30、 specific exemption has been obtained. a conflict between the text of this handbook and the Navy instructions cited herein, the Navy instructions take precedence. that instruction takes precedence over OPNAVINST 5239.1A. Nothing in this handbook supersedes applicable laws In the event of As stated i

31、n SECNAVINST 5239.2, 3 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-I_-_ - - MIL-HDBK-04 IP m 9999770 0055905 b m 3. DEFINITIONS AND ABBREVIATIONS 3.1 Definitions. Definitions are contained in section 1 (Terms and Conventions) of FIPS 112 and in s

32、ection 4 (Definitions) of appendix E of FIPS 112. 3.2 Abbreviations. page and paragraph number for page ii (foreword) and appendix. Abbreviations which appear only in the appendix are not included. Abbreviations with index to location by paragraph number or ADPSO COMNAVDAC CSC DD DDN DOD DODISS DON

33、FIPS ID IS JCS NARDAC NAVDAC NDAT S NISS NSO MIL-HDBK O PNAV I NS T PUB SECNAVINST SNDL STD WIN WTJMCCS Automatic Data Processing Security Officer, 4.2.1, 4.3.3, 4.3.5, 4.3.6, 4.4, 5.1.1, 5.2, 5.4, 5.5, 5.6, 5.7, 5.8. 5.9.1, 5.9.2 Commander, Naval Data Automation Command, page ii, 2; 4.-3.1; 4.2.1;

34、4.3.1; 5.1.1 Computer Security Center, 2.1.2; 5.6 Department of Defense, page ii, 2; 2.1.2; 6.3 Defense Data Network, page ii, 5; 1.3; appendix, 17.20 Department of Defense, page ii, 1; 1.3; 2.1.1; 4.1.2; 4.3.5; DOD Index of Specifications and Center, 2.1.1; 6.2 Department of the Navy, page ii, 2; 4

35、.1.1 Federal Information Processing Standard, 2.1.1; 3.1; 5.6 Identification, page ii, 3,4,5; 1.1; 1.2; 4.1.2; 4.2.1; 4.2.2; 5.1; 5.6; 6.3 4.3.3; 5.1; 5.1.1; 5.1.2; 5.2; 5.3; 5.4b(l); 5.4b(2); 5,4b(3); 5.4; 5.5; 5.6; 5.7; 5.8; 5.9.1; 6.1 Information System, page ii, 3; 1.2; 4.1.1; 4.1.2; 4.2.1; 4.3.

36、2; 4.4; 5.4; 5.4b(2); 5.6; 6.1; Joint Chiefs of Staff, page ii, 5; 2.1.2; 4.3.1 Military Handbook, page ii, 1 Navy Regional Data Automation Center, 4.2.1 Naval Data Automation Command, page ii, 1; 4.2.1 Naval Data Automation Technical Standards, 6.3 Navy Information System Standards, 6.3 Network Sec

37、urity Officer, 4.2.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, Office of the Chief of Naval Operations Instruction, 2.1.2; Publication, page ii, 5; 2.1.2; 4.1.2; 4.3.1; Secretary of the Navy Instruction, 2.3, 4.1.1 Standard Navy Distribution List, 5.2a Standard, 2.1.1 WWMCCS Information Network, page ii, 4; 4.1.

38、2; 5.1 Worldwide Military Command and Control System, page ii, 4 4.4a, 5.8, 5.9.1, 5.9.2 4.1.1; 4.2.1; 4.2.2; 4.3 4 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-MIL-HDBK-04 IP 9979770 0055906 4. GENERAL REQUIREMENTS 4.1 Background. 4.1.1 IS securi

39、ty policy. SECNAVINST 5239.2 and OPNAVINST 5239.18 establish the Department of the Navy (DON) IS Security Program and provide guidance on the development and implementation of IS security policies, responsibilities, and procedures for Navy IS activities, systems, and networks. 4.1.2 Network security

40、 management. - JCS PUB 6-03.7 identifies roles, responsibilities, procedures, and requirements for administration of IS security throughout the WWMCCS community including the WIN. the basis for Navy implementation of network security management because the WWMCCS network environment is similar CO an

41、d satisfies DON network requirements for user IDS and passwords. DOD document that addresses network security management and that defines the roles and responsibilities associated with user IDS and passwords. DON uses JCS PUB 6-03.7 as JCS PUB 6-03.7 is also the only fully coordinated 4.2 Administra

42、tion 4.2.1 Automatic Data Processing Security Officer (ADPSO). OPNAVINST 5239.18 requires Navy activities using or planning to use Navy networks to appoint an ADPSO. Activities should formally notify the Commander, NAVDAC (COMNAVDAC) of their ADPSO assignment by providing this information in writing

43、 to COMNAVDACs agent, the Navy Regional Data Automation Center (NARDAC) Newport. NARDAC Newports address is: Commanding Officer Navy Regional Data Automation Center, Newport Code 53, Building 1A Newport, RI 02841-5053 Autovon 948-2685, Commercial 401-841-2685 Each ADPSO is responsible for user ID an

44、d password administration for all subordinate activity IS sites, including host computer and terminal locations. 4.2.2 Network Securitv Officer (NSO). OPNAVINST 5239.1A indicates that the NSO designated for each Navy network implements network security primarily through coordination with the activit

45、y ADPSOs connected to that network. The NSO also conducts risk assessments to evaluate the security posture of each network component (i.e., host system, terminal, node configuration) and develops a plan to assure that each ADPSO maintains adequate security protection so that network c-mrity or reli

46、ability is not compromised. User ID and password control in compliance with this handbook should be certified by the NSO for all ADPSOs on the same network. 5 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-MIL-HDBK-804 IP U 7777370 0055707 T U 4.3 R

47、esDonsibility. The responsibilities outlined below are in accordance with OPNAVINST 5239.1A. 4.3.1 Commander. Naval Data Automation Command (COMNAVDAC). COMNAVDAC is the Program Manager for the Department of the Navy ADP Security Program and the approving authority for Navy networks operating in a m

48、ulti-level or controlled Security mode. COMNAVDAC administers user ID and password control in the Navy within the framework of the DON ADP Security Program. the three position standard user ID site code to all Navy activities, and keeps the user ID series assignments consistent with JCS PUB 6-03.7.

49、is maintained for use within Navy by NARDAC Newport. COMNAVDAC also assigns A list of ADPSOs 4.3.2 Navv activities. in writing a single ADPSO to act as the focal point for all activity IS security matters and sends this information to NARDAC Newport. The Commanding Officer of each Navy activity appoints 4.3.3 Automatic Data Processing Security Officer (ADPSO). The activity ADPSO ensures

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1