The Application Server must prevent access to organization defined security-relevant information except during secure, non-operable system states.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35740	SRG-APP-000037-AS-000026	SV-47027r1_rule		Medium

Description
Security-relevant information is any information within the information system that can potentially impact the operation of security functions in a manner possibly resulting in failure to enforce the system security policy or maintain isolation of code and data. Cryptographic key management information, key configuration files for security-oriented application server services, and access control lists are examples of security-relevant information. Secure, non-operable system states are states in which the information system is not performing mission/business-related processing (e.g., the system is off-line for maintenance, troubleshooting, boot-up, shutdown). Access to these types of data is to be prevented unless the application server system is in a maintenance mode or has otherwise been brought off-line. The goal is to minimize the potential that a security configuration or data may be dynamically and perhaps, surreptitiously overwritten or changed (without going through a formal system change process that can document the changes).

Description

Security-relevant information is any information within the information system that can potentially impact the operation of security functions in a manner possibly resulting in failure to enforce the system security policy or maintain isolation of code and data. Cryptographic key management information, key configuration files for security-oriented application server services, and access control lists are examples of security-relevant information. Secure, non-operable system states are states in which the information system is not performing mission/business-related processing (e.g., the system is off-line for maintenance, troubleshooting, boot-up, shutdown). Access to these types of data is to be prevented unless the application server system is in a maintenance mode or has otherwise been brought off-line. The goal is to minimize the potential that a security configuration or data may be dynamically and perhaps, surreptitiously overwritten or changed (without going through a formal system change process that can document the changes).

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-44083r1_chk )
Review product documentation and system configuration to determine if there are appropriate controls to protect encryption keys. This includes checking product documentation for encryption key ring file locations and checking file system permissions to ensure encryption keys cannot be modified by unauthorized persons, roles or processes.

Fix Text (F-40283r1_fix)
Configure the AS to protect encryption key material.