Eggs in the Basket

Protecting the Nest

Service Examples Importance Security Strategies Wecoma

Confidental Data Personel Information, Pcode keys Very High Restrict Read, Write, Physical Access, Encrypt Captain's Safe

Data Acquisition Underway data, ADCP, CTD, ... High Restrict Write Access Not directly on network, blind dump to user space

Primary Internal Services DNS, DHCP, Time, Routing, Switching, ... High Restrict Write Access Appliances

Secondary Internal Services File Sharing, Printing, Internal Web, ... Low Minimal Appliances

External Services E-mail, File Transfer to Shore, External web browsing, ... Too High, Increasing Education, Filters, Smart Routers, Firewalls, Funnel Access through controlled site, Restrict Access IMAP, uucp, restricted to specific machines

Other External Services Provide services/tunnels to non-home sites Not Do NOT do, DMZ Not allowed

Ship Provided User Computers Browser, File Interface, Word Processor, Spreadsheet,... Medium Isolate, Education, Anti-virals, Sacrifical, Shunning Education, Anti-virals, Sacrifical, Shunning

Science Provided Computers Whatever Low Isolate, Anti-virals, Sacrifical, Shunning Education, Anti-virals, Sacrifical, Shunning

Service	Examples	Importance	Security Strategies	Wecoma
Confidental Data	Personel Information, Pcode keys	Very High	Restrict Read, Write, Physical Access, Encrypt	Captain's Safe
Data Acquisition	Underway data, ADCP, CTD, ...	High	Restrict Write Access	Not directly on network, blind dump to user space
Primary Internal Services	DNS, DHCP, Time, Routing, Switching, ...	High	Restrict Write Access	Appliances
Secondary Internal Services	File Sharing, Printing, Internal Web, ...	Low	Minimal	Appliances
External Services	E-mail, File Transfer to Shore, External web browsing, ...	Too High, Increasing	Education, Filters, Smart Routers, Firewalls, Funnel Access through controlled site, Restrict Access	IMAP, uucp, restricted to specific machines
Other External Services	Provide services/tunnels to non-home sites	Not	Do NOT do, DMZ	Not allowed
Ship Provided User Computers	Browser, File Interface, Word Processor, Spreadsheet,...	Medium	Isolate, Education, Anti-virals, Sacrifical, Shunning	Education, Anti-virals, Sacrifical, Shunning
Science Provided Computers	Whatever	Low	Isolate, Anti-virals, Sacrifical, Shunning	Education, Anti-virals, Sacrifical, Shunning

http://www.shipops.oregonstate.edu/martech/inmartec/2006/net_secure/cover.html
Last Modified: 16 Oct 2006 by Toby Martin