Introducing new access control policies
Page Numbers: Yes X: 527 Y: 10.5"
Inter-Office Memorandum
ToIFS and Grapevine administratorsDateMarch 13, 1982
FromEd TaftLocationPARC/CSL
SubjectIntroducing newFile[Indigo]<IFS>AccessIntro.bravo
access control policies
Introduction and motivation
The attached memo describes some new access control policies and procedures that are designed to improve information security in the Xerox Research Internet.
Generally speaking, the need for such policies is a consequence of the growth of the Internet to encompass a large number of diverse organizations. The specific reason for introducing these policies at this time is that foreign affiliates (Rank Xerox and Fuji Xerox) are becoming connected to the Internet; as a consequence, information transfer within the Internet is now subject not only to Xerox security guidelines but also to U.S. Government regulations.
These policies and procedures have been developed by a committee consisting of Andrew Birrell, Jerry Elkind, Mike Schroeder, and Ed Taft. We welcome any constructive criticisms or suggested improvements.
The new policies call for some substantial changes to existing practices, particularly with regard to assignment of individual R-Names and proper use of groups for access control. Naturally, we don’t expect that it will be possible to put them all in place immediately. The most urgently-required measures are the following:
1.Elimination of ‘‘Guest’’ and other individual R-Names with widely-known or easily-guessed passwords, in both IFSs and Grapevine.
2.Conversion of all remaining IFSs to use Grapevine for authentication and access control. (This is in progress, but is by no means complete.)
3.Registration of all individuals (particularly foreign affiliates) in their proper registries.
4.Elimination of ‘‘interest’’ groups and groups including non-affiliates and foreign affiliates from the set used for IFS access control.
5.Education of all users of the Internet in proper use of access controls so as to fulfill the information security requirements.
In particular, item (1) is of such crucial importance that we must request all administrators to begin action on it immediately.
In some cases, compliance with the new policies will require changes to be made to existing software; this is particularly true of software that uses compiled-in credentials (a problem discussed in considerable detail in the attached memo). Since management approval may be required for the implementation of such software changes, administrators should see that this memo is brought to the attention of appropriate levels of management.