Internet Security Policy (spwg) Charter Chair(s): Richard Pethia, rdp@cert.sei.cmu.edu Mailing Lists: General Discussion: spwg@nri.reston.va.us To Subscribe: spwg-request@nri.reston.va.us Archive: Description of Working Group: The Security Policy Working Group (SPWG) is chartered to create a proposed Internet Security Policy for review, possible modification, and possible adoption by the Internet Activities Board. The SPWG will focus on both technical and administrative issues related to security, including integrity, authentication and confidentiality controls, and the administration of hosts and networks. Among the issues to be considered in this Working Group are: o Responsibilities and obligations of users, database administrators, host operators, and network managers. o Technical controls which provide protection from disruption of service, unauthorized modification of data, unauthorized disclosure of information and unauthorized use of facilities. o Organizational requirements for host, local network, regional network and backbone network operators. o Incident handling procedures for various Internet components. Goals and Milestones: Done Review and approve the Charter making any necessary changes. Begin work on a policy framework. Assign work on detailing issues for each level of the hierarchy with first draft outline. Done Revise and approve framework documents. Begin work on detailing areas of concern, technical issues, legal issues, 1 and recommendations for each level of the hierarchy. Done Prepare first draft policy recommendation for Working Group review andmodification. Sep 1990 Finalize draft policy and initiate review following standard RFC procedure. 2