Friday, November 11, 2011

New Australian Government Information Security Procedures

The Attorney-General, Robert McClelland, discussed the new approach to Australian Government information security policy July 2011. The Australian Government Protective Security Policy Framework is available on-line. The Australian Government Information management Office (AGIMO) has provided an Email Protective Marking Standard for the Australian Government to implement the security policy:
This Standard defines the format of protective markings for Internet email message headers used for messages exchanged within and between Australian Government agencies. A protective marking is used to convey the protection requirements for information in a message, as defined within the Australian Government Protective Security Policy Framework. The protective marking may
also contain additional information about the message that tells systems and system users how to appropriately disseminate the information contained in the message.

Table of Contents

  1. Introduction
    1. Document Terminology and Conventions
    2. Audience
    3. Pre- and co-requisite reading
    4. Assumptions
  2. The Standard
    1. Scope
    2. Out of Scope
    3. Version
    4. Namespace
    5. Syntax of the Protective Marking
  3. References
  4. Appendix A
    1. Change Log
    2. Conventions used in this document
  5. Appendix B
    1. Registration of Message Header with IANA
    2. Examples
Example

A message containing SECRET information, that is ACCOUNTABLE MATERIAL and which
can only be released to AUSTEO members
From: neville.jones@ato.example.org
To: alice@example.org
Message-ID: <4214543637754743747347745@ato.example.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: This is an example subject line [SEC=SECRET,
CAVEAT=ACCOUNTABLE-MATERIAL, CAVEAT=AUSTEO]
This is an example message body.
Bye,
Neville

No comments: