ILP지식 > ACTUAL PRINTING > Propriety of access control(2)

사업소개: 아이엘피 대학원 복권학회협동조합 회원정보 질의응답 연락처 정보와입찰 뉴스 기부와공유

빅데이터: 사례·연구 기술·정보 경제관련통계 문화관련통계 복권관련통계 행사·학회 한국의복권

사행산업: 복권 카지노 경마 베팅·게임 경견 인터넷겜블 모바일겜블 스포츠베팅 학제간연구

논문·연구: 중독·부작용 게임설계 심리적도박 문화·경제 보안·규제 기술·알고리즘 고객·참여자 위험관리 선호·결정 마케팅·홍보 우수사례

지식·경험: 서적·논문 인쇄복권감리 기획·조직 인쇄계획 선인쇄 인쇄·생산 감수 보관·배송 유통·판매 당첨금지급 상품마감 학술대회자료 복권학회학술지

세계시장: 교육기관 협회·잡지 아시아복권 호주복권 캐나다복권 유럽복권 미국복권 남미복권 아프리카복권 시스템업체

MY PAGE: MY PAGE JOIN GREETINGS COMMUNITY MY ARTICLE MY COLLETION REAL LECTURE WORK DIARY ILP DATA

Object to be audited in Actual Printing

Ensure that the printing business meets the target, by verifying the quality of test lottery tickets and producing lottery tickets meeting the requirements of the production order.

date : 2010-07-13 21:06|hit : 444

Propriety of access control(2)

Check List	Access limitation according to time
Purpose	To check if control is in place to ensure that instant lottery game data printing system operates only during the necessary hours.
Audit resources	Procedure	Verification
	Document	Access record
	Product
Detailed study list and method	- Check if automatic log-off or end session takes place when there is no activity for specific time period. - Check if access time to crucial systems is limited.

Check List	The interception to the instant lottery game data printing system network
Purpose	To ensure that the instant lottery game data printing system and the systems designed for other use must be operated separately. In particular, game data server and game data printing server must be installed in the stand-alone format, disconnected from the network to prevent unnecessary access.
Audit resources	Procedure	Verification
	Document	System design drawing, system architecture diagram, network assets list
	Product
Detailed study list and method	- Check if the system’s extent of importance is assessed. - Check if crucial system is separated from other systems and the network.

Check List	Portable computer usage
Purpose	To ensure that try game data printing system must be excluded from portable computing, and such a control must be maintained even at the time of maintenance and repair by an outside sources. However, when portable computing is unavoidable, the following control must be implemented.
Audit resources	Procedure	Verification
	Document	portable computer assets list and register
	Product
Detailed study list and method	- Check if there is a control countermeasure when portable computer is used outside. - Check if there is a protection countermeasure in case of theft of laptop (notebook) or PDA containing game data.

Check List	Wireless LAN usage
Purpose	To ensure that the wireless LAN should not be applied in the instant lottery process, but if required, check that a control guide for the wireless LAN is being applied
Audit resources	Procedure	Verification
	Document	Wireless LAN security guide
	Product
Detailed study list and method	- Wireless LAN must not be applied to instant lottery work. If the use of the wireless LAN is inevitable, the following requirements must be checked - Check if the default SSID is being modified (optional) - Check if WEP encrypted key over 128bit is being applied when in use (optional) - Check if WPA(802.1x) authentication is used to authenticate user - Check if there is a control over illegal AP that does not come through the manager

The Criteria to Winner: Security and Risk Management for Printed Lottery by Hyejung Moon is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
Based on a work at www.itpolicy.co.kr.
Permissions beyond the scope of this license may be available at http://www.lulu.com.

reply : 0

list: prev

next

Terms Of Use | Privacy Policy | Guidelines
110-052, 31-1 Jeokseon-dong Jongno-gu Seoul S.Korea