Interpretation of System Security Policy

System Security Principle

The security of government systems and information must not be undermined by use of trusted computing and digital rights management technologies.

System Security Policy

13. Ability to identify harmful communications

Agencies will reject the use of TC/DRM mechanisms, and information encumbered with externally imposed digital restrictions, unless they are able to satisfy themselves that the communications and information are free of harmful content, such as worms and viruses.

Rationale

TC/DRM’s use of encrypted traffic challenges the effectiveness of conventional, perimeter-based scanning of incoming data. Government needs to consider whether it has adequate means of protection before using TC/DRM mechanisms, or accepting information with usage restrictions.

Supports System Security principle.

Scope & Interpretation

Harmful content includes viruses, ‘malware’ and any other potentially damaging electronic communications or file contents that the agency deems as a risk to the organisation or its data.

Mechanisms to deal with this issue could include:

• the sender assigning rights to an 'organisational user ID' to inspect the communications/information;
• agency border capability to emulate the intended recipient;
• checking of material on the desktop, if that is the point at which it is decrypted;
• isolating the content to ensure it has no access to other resources;
• trust agreements (most likely to be appropriate when communications are agency to agency).