30(a) Security Policy: Summary of the security policy for the proposed registry
|gTLD||Full Legal Name||E-mail suffix||Detail|
|.深圳||Guangzhou YU Wei Information Technology Co., Ltd.||zodiac-corp.com||View|
Security policies related to ʺ.STRINGʺ will be jointly formulated by the applicant and the Back-End Service Provider, its entrusted party of technology and operation in accordance with the security standard ISO 27001 (GB⁄T 22080) and the risk assessment of ʺ.STRINGʺ. The applicant and the Back-End Service Provider will put the security and safeguarding measures into place in accordance with the ccTLD provided by the Back-End Service Provider and the Information Security Management System (ISMS) of Chinese domain names. In particular, the technology platform concerning security management will be developed and deployed by the Back-End Service Provider, and the regular technology operation and maintenance management will also be carried out by the Back-End Service Provider; the applicant will designate specialists to carry out technical coordination, and supervise the work of the Back-End Service Provider.
30(a).1 Overview of Security Policy
The security policies and corresponding security measures provided by the Back-End Service Provider for ʺ.STRINGʺ registry services are divided into two categories. One is for technical security and the other is for management security. Technical security includes physical security, network security, system security, application security, data security and auditing security. Management security involves security management organizations, security management personnel and security management standards. Relevant security policies conform to the following standards:
(1) YD⁄T2091-2010 Security Specification for Public DNS Resolution System
(2) YD⁄T2140-2010 Technical Specification of DNS Security Framework
(3) YD⁄T 2136-2010 Technical Specifications of DNS Delegation
(4) YD⁄T 2245-2011 Security Protection Requirements for the Domain Name Registration System
(5) YD⁄T 2246-2011 Security Protection Testing Requirements for the Domain Name Registration System
(6) YD⁄T 2052-2009 Security Protection Requirements for the Domain Name System
(7) YD⁄T 2053-2009 Security Protection Testing Requirements for the Domain Name System
(8) Information Security Technology—Baseline for Classified Protection of Information System Security (GB⁄T 22239-2008)
(9) GB⁄T 22080:2008 (ISO⁄IEC 27001:2005,IDT) Information technology-Security techniques-Information security management systems-Requirements
(10) GB⁄T 22081:2008 (ISO⁄IEC 27002:2005,IDT) Information technology-Security techniques-Code of practice for information security management
Below is an overview of the above-mentioned various security policies.
30(a).1.1 Technical security policy
30(a).1.1.1 Physical security policy
All the systems related to ʺ.STRINGʺ registry services are deployed in the machine rooms that meet the following security requirements:
(1) 7*24 on-site security personnel;
(2) A 7*24 video monitoring system is used to monitor the machine room;
(3) Door-access cards and fingerprint identification technology are used for access control;
(4) Two separate circuits and one standby UPS are available to ensure uninterrupted power supply;
(5) Lightening-proof, fire prevention and anti-static measures are taken;
(6) All windows are equipped with infrared anti-theft alarm devices.
Furthermore, only authorized technicians (e.g. system administrators) are permitted to enter the machine room for operations such as system hardware or software update.
30(a).1.1.2 Network security policy
A full redundancy design is adopted for all the network equipment and links related to ʺ.STRINGʺ registry services. Four security zones are respectively defined as office network, monitoring network, service network and database network according to their security level. At the same time, a series of access control lists are configured in the boundary router which is always ready to stop any traffic that comes from a certain host, network or ISP from attacking the Back-End Service Provider. Intrusion detection systems (IDS) and equipment against DOS⁄DDOS have been deployed by ʺ.STRINGʺ. The security personnel will immediately take actions once potential network attacks are detected.
All the servers for ʺ.STRINGʺ registry services are protected by load balancers. Each server adopts the Intranet IP address defined in RFC 1918 and the load balancers will directly reject query data packets in doubt. Important internal servers such as databases also adopt Intranet IP addresses to prevent Internet users from accessing these servers.
30(a).1.1.3 System security policy
All systems related to ʺ.STRINGʺ registry services conform to the following security policies:
(1) Unnecessary services or processes are prohibited;
(2) Operating systems and security patches for important application programs shall be updated at a regular basis;
(3) The SYN Cookie function shall be enabled to prevent DOS attacks;
(4) Dynamic RSA token security systems shall be deployed for system authorization, access control and access password protection.
(5) Remote operation of servers within the Intranet shall be performed through bastion hosts.
In addition, the use of host resources and service operations will be monitored on a 7*24 basis by a exclusive network operation and maintenance system and an alarm will be given off once an abnormity is detected. System-level scanning devices are used to perform systematic vulnerability scanning and system consolidation throughout the internal and external networks. De-magnetizing devices are used to delete all information when important equipment is eliminated to ensure that no vital information is leaked.
30(a).1.1.4 Application security policy
All applications related to ʺ.STRINGʺ registry services conform to the following security policies:
(a) The SRS connection between the applicant and the registrar shall adopt the SSL encryption technology, and each registrar is required to use a different key.
(b) SRS restricts the registrarʹs access IP. Only an authorized IP can be connected.
(c) If a registrar does not perform any operation within a preset period of time after successful login, SRS will automatically terminate the connection.
(d) Each registrarʹs login password in the SRS is restricted to within 6-32 characters, which is stored in an encrypted form.
(2) DNS service
(a) Hidden DNS resolution primary masters are established which are not connected with the Internet and which do not provide resolution service, so as to ensure the security of the original zone files of ʺ.STRINGʺ TLD.
(b) Transmission of zone files between hidden primary masters and each secondary server at each nameserver data center is done with IPsec, so as to achieve safe transmission of zone files of ʺ.STRINGʺ TLD.
(c) A monitoring system is set up to ensure data integrity in the process of generating and transmitting zone files of ʺ.STRINGʺ TLD.
(d) The specified security configuration regulations were formulated for the configuration of resolution software with inspection to the configuration situation at regular intervals (quarterly). If the items are not accordant with the regulations, they will be modified to keep the software configuration safe.
(e) Track the vulnerabilities of the resolution software by the specialized personnel and test and upgrade in time after detecting the vulnerabilities.
(a) Whois only permits Internet usersʹ queries and no alteration is permitted.
(b) Whois Web servers are only used to transform Whois Web requests into WhoisD query requests and transmit such requests to WhoisD servers through load balancers. Then WhoisD servers are connected to Whois database to complete the response to Whois queries.
(a) The HSM used for Key Signing Key (KSK) signing is installed in a locked electro-magnetic shielding cabinet which can effectively prevent the interference of electro-magnetic signals from the outside.
(b) Both the HSM and the cabinet are placed in a separate room with access control measures and only authorized persons may get access to the cabinet.
(5) Internationalized Domain Names (IDN)
(a) To address the problem of phishing due to similarity of internationalized domain names, an IDN anti-phishing detection system is established, through which phishing domain names related to ʺ.STRINGʺ can be detected and then corresponding measures can be taken.
30(a).1.1.5 Data security policy
Only database administrators (DBA) who are responsible for operation maintenance are permitted to access database servers. Only through specific access servers and specific accounts can a DBA access a database server. For any change in the data and programs of an internal database, an application must be submitted according to the procedures as specified for managing changes in internal databases. The application shall be reviewed by the DBA and the competent person before operations are performed at the presence of the DBA. the Back-End Service Provider DBAs inspect the data backup of the database on a daily basis to make sure that the data are correct and perform real-time check of the integrity of updated resolution data files through technical means.
Important data of the Back-End Service Provider are regularly backed up onto the local tape library and the local secondary operation center. A remote secondary operation center has been built to back up important data in the three operation centers in Beijing and Chengdu.
30(a).1.1.6 Auditing security policy
ʺ.STRINGʺ formulates the thorough auditing technical methods and management measures;
ʺ.STRINGʺ deploys exclusive database auditing system to audit with the database orders, bastion hosts system to audit the server management operation and in addition, the specified centralized log collection and auditing system (legendsec) to collect the logs of all network devices, servers and application system, uniformlly collecting and centralizing the logs to make the records.
Auditors use the database auditing system, bastion hosts and log collection auditing system to audit at each level and produce corresponding reports on a regular basis.
30(a).1.2 Management security policy
30(a).1.2.1 Security management organization
The applicant and the Back-End Service Provider are jointly responsible for relevant security management and emergency response of ʺ.STRINGʺ registry services. the Back-End Service Provider has established a security management center. the applicant arranges special technical personnel as security contacts, who are responsible for coordinating the regular security affairs with the Back-End Service Providerʹs security management center, as well as supervising the work of the Back-End Service Provider.
The Back-End Service Provider, to strength its information security management system (ISMS), has also established, on, a ʺvirtualʺ information security management organization which consists of three tiers: the decision-making tier, the execution tier and the auditing tier.
30(a).1.2.2 Security management personnel
An investigation must be conducted on the background of the personnel responsible for security management related to ʺ.STRINGʺ registry services to make sure that they are reliable enough in terms of educational level, work experiences, credibility, etc. The investigation should be carried out by corresponding Personnel Department.
30(a).1.2.3 Security management standards
The applicant and the Back-End Service Provider will put the security management measures of the registry into place in accordance with the ccTLD provided by the Back-End Service Provider and the Information Security Management System (ISMS) of Chinese domain names.They consist of 4 tiers of documents: information security management manual; management specifications⁄measures⁄procedures⁄standards; implementation rules⁄operation guidelines⁄work guidance; and records⁄logs. See the figure below:
Please see Figure 1 in the attachment of Q30a_Attachment_Figure.
(1) The information security management manual is the guiding document for ʺ.STRINGʺ information security management work. The manual contains such contents as information security policy, overall objective and control measures that are mentioned in the statement of applicability (SOA) and that have been implemented. Documents of the second and third tiers, such as management specifications and implementation rules can be regarded as documents supporting the information security management manual.
(2) Management specifications, measures, procedures and standards clearly define various management systems and technical control measures. Documents of the second tier provide methods and guidance for implementation of the information security management system and for assignment of duties. Lower-tier documents should also be referred to in implementing ISMS.
(3) Implementation rules, operation guidelines and work guidance are documents that give a detailed description of the processes mentioned in the second-tier documents. Consisting of work guidance, tables & lists, workflow charts, service standards and system manuals, documents of this tier give a detailed description of specific work and activities.
(4) Records and logs are used to keep record of various activities, serving as evidence that these activities meet the requirements of upper-tier documents. During the implementation of ISMS, a series of record tables and reports need to be kept to serve as the evidence that relevant preventive and corrective measures have been carried out.
30(a).2 Security Capability Assessment
30(a).2.1 Security assessment report
ʺ.STRINGʺ will put the security and safeguarding measures concerning the implementation of registry services into place in accordance with the ʺ.CNʺ ccTLD provided by the Back-End Service Provider and the Information Security Management System (ISMS) of Chinese domain names. The Back-End Service Provider-established ISMS was built in compliance with ISO 27001(GB⁄T 22080) security standards and was certified on March 9, 2011 by China Information Security Certification Center (ISCCC) accredited by China National Accreditation Service for Conformity Assessment (CNAS). With relevant ISCCC certificates, ISMS conforms to ISO 27001:2005 and the statement of applicability (SOA) thereof.
Please see Figure2 in the attachment of Q30a_Attachment_Figure.
30(a).2.2 Security capability test and assessment
ʺ.STRINGʺ carries out a security risk assessment at least once a year which covers classification and categorization of information assets; identification and assessment of risks; risk treatment plan and implementation thereof; continuous improvement of risk assessment, etc. The assessment results will serve as the basis for ʺ.STRINGʺ to make decisions on overall risk management, assist the applicant in identifying overall risks facing ʺ.STRINGʺ, and formulate or adjust risk treatment measures and plans together with the Back-End Service Provider.
Meanwhile, ʺ.STRINGʺ invites a third-party security service organization to conduct security inspection and assessment every year, the result of which will be used as an important basis for carrying out security-related work.
30(a).3 Security Level Commitment
30(a).3.1 Introduction to Classified Protection Standard
ʺ.STRINGʺ registry services perform effective security management by adopting classified information security protection system. Relevant security level determination conforms to state classified protection standard, and the applicant promises to the public to achieve the security requirements of corresponding levels.
According to the classified protection standard, information system is classified into five Classes from low to high depending on the importance to the state security, economic construction, social life, and the damage extent to the state security, social order, public interests, legal rights of citizen, legal person and other organs. ʺGB⁄T 22239-2008 Information Security Technology--Baseline for Classified Protection of Information System Securityʺ clarifies the security requirements which the information system of different levels shall achieve as below:
Class I: prevent the system from malicious attacks from individual-level threats with very little resources, ordinary natural disaster, and vital resources damage caused by other threats with corresponding damage extent. The system can be recovered for partial functions after it is damaged.
Class II: prevent the system from the malicious attack from small-organization-level threats with little resources, common natural disaster, and important resources damage caused by other threats with corresponding damage extent. The important security bugs and incidents can be detected. Partial functions can be recovered within a specific period of time after the system is damaged.
Class III: prevent the system from the malicious attack from organization-level threats with relatively abundant resources, relatively serious natural disaster, and the major resources damage caused by other threats with corresponding damage extent. Most functions can be recovered relatively quickly after the system is damaged.
Class IV: under the unified security strategy, prevent the system from the malicious attack from the state-level threats with abundant resources, serious natural disaster, and the resources damage caused by other threats with corresponding damage extent. All functions can be recovered promptly after the system is damaged.
Class V: (yet to be defined)
ʺInformation Security Technology—Baseline for Classified Protection of Information System Security (GB⁄T 22239-2008)ʺ defines the security requirements for information system with different levels. Based on this, ʺSecurity Protection Requirements for the Domain Name System (YD⁄T 2052-2009)ʺ and ʺSecurity Protection Requirements for the Domain Name Registration System (YD⁄T 2245-2011)ʺ further define the security requirements to domain name system and domain name registration system with different security levels. These security requirements are classified into the basic technical requirements and basic management requirements. Technical security requirements are related to the technology and security mechanism provided by the information system and achieved mainly through deployment of the software and hardware and the proper configuration of the security functions. Management security requirements are related to the activities various roles participate in and achieved by mainly controlling the activities of various roles from the angles of policy, regulations, procedures and records and so on.
30(a).3.2 Security Level Commitment
ʺ.STRINGʺ undertakes the following security commitments to registrants:
(1) The DNS ⁄DNSSEC service system provides global Internet users with ʺ.STRINGʺ domain name resolution services. Class-4 protection is used for the primary operation centers and Class-3 protection for nameserver data centers (all name server data centers as one unit).
(2) With Class-3 protection, SRS service provides global users with ʺ.STRINGʺ domain name registration service through registry.
(3) With Class-3 protection, Whois service provides global users with ʺ.STRINGʺ domain name query service.
The applicant and the BESP have jointly agreed to set up corresponding security policy with the reference to the security requirements to information systems of different levels, deploy security assurance measures, satisfy each requirement in the standards and accept the examination of the third-party, in a view to guaranteeing ʺ.STRINGʺʹs fulfillment of its security-level commitments.
Similar gTLD applications: (2)
|gTLD||Full Legal Name||E-mail suffix||z||Detail|
|.佛山||Guangzhou YU Wei Information Technology Co., Ltd.||zodiac-corp.com||-4.04||Compare|
|.广州||Guangzhou YU Wei Information Technology Co., Ltd.||zodiac-corp.com||-4.04||Compare|