Link to the home page.
Print from PDF version
 

Additional Resources

Adobe PDFInformation Security in Integrated Justice Applications: An Introductory Guide for the Practitioner

This guide provides an overview for criminal justice practitioners on the security issues they face when planning, procuring, and implementing integrated justice systems. It discusses important security technologies, such as encryption, public key infrastructure, biometrics, firewalls, and virtual private networks, and security standards for an integrated justice environment.

PowerPoint DocumentMaking the Web Available While Protecting Assets

Providing information security for Web services presents the challenge of balancing services with security. To address Web security challenges, Ms. Carlynn Thompson, Department of Defense, Defense Technical Information Center, has developed an educational security briefing—Making the Web Available While Protecting Assets. This briefing contains best practices for Web security policies, multilevel security architectures, risk mitigation, and access control. In addition, a case study in the automation of password management using Lightweight Data Access Protocol (LDAP) is provided for educational purposes. This briefing demonstrates that security for Web services is critical and provides a strong case for risk management instead of risk avoidance.

http://it.ojp.gov/...

The Justice Standards Clearinghouse for Information Sharing (JSC or Clearinghouse) is a repository of standards and specifications that help practitioners increase the nation's safety. This dynamic Web site was developed as part of the U.S. Department of Justice interoperability effort to facilitate information sharing. The Web site captures existing standards and alerts users of new or emerging standards. It also provides comment areas for users to offer support for the listed standards.

http://www.state.me.us/...

State information is a valuable asset that must be protected from unauthorized disclosure, modification, use, or destruction. Prudent steps must be taken to ensure that its integrity, confidentiality, and availability are not compromised.

This document provides a uniform set of information technology security policies, standards and general guidelines for every state department, agency, board, bureau, commission, and authority which are required to comply with Maine Revised Statute Annotated (MSRA) Title 5, Chapter 158 §§ 1871 - 1896. All Maine State Government entities, unless specifically exempted, are required to abide by the policies hereby established. All users (employees, contractors, vendors, and other parties) are expected to understand and abide by them.

http://gita.state.az.us/...

The state of Arizona’s Security Architecture substantiates the fundamental significance of security to the state by delineating a set of processes, recommended standards, and best practices that will securely and economically protect the state’s business functions, including public access to appropriate information and resources, while maintaining compliance with the legal requirements established by existing federal and state statutes pertaining to confidentiality, privacy, accessibility, availability, and integrity. Security Architecture provides the framework and foundation to enable secure communication, protect agency business processes and information resources, and ensure that new methods for delivering service are secure.

http://www.state.ma.us/...

The Massachusetts Online Government Task Force investigated several technologies with an eye toward solutions that are cost-effective and meet our business needs for implementing systems that are simple and efficient for the user. Much of the attention of the Task Force was focused on information security technology and, particularly, on implementations of public key cryptography. The use of so-called digital signatures was a major issue. Please see Appendix D for more information on Electronic Authentication.

Missouri Security Guidelines

This document serves as an example of the Information Technology Guidelines for information sensitivity levels and access controls. The Missouri Office of the State Courts Administrator (OSCA) provides these Data Security Guidelines to any user of the OSCA-supported network with access to sensitive information upon employment or start of contract. Outside consultants, contractors, and temporaries are subject to the same security requirements and have the same security responsibilities as court employees.