 |
Page History
| Page info | ||||
|---|---|---|---|---|
|
| Panel | ||||
|---|---|---|---|---|
| ||||
|
| Panel | ||
|---|---|---|
| ||
Author: Craig Stancl |
Sign off | Date | Role | CBIIT or Stakeholder Organization | Reviewer's Comments (If disapproved indicate specific areas for improvement.) |
|---|---|---|---|---|
— | --- | — | — | --- |
— | — | — | --- | — |
— | --- | — | — | — |
The purpose of this document is to document the security plan for the National Cancer Institute Center for Biomedical Informatics and Information Technology (NCI CBIIT) caCORE LexEVS Release 6.1.
Information Systems Security Plan
A list of the industry standard security controls expected in this product
- HTTPS
REST security (if needed)Multiexcerpt include nopanel true MultiExcerptName ExitDisclaimer PageWithExcerpt wikicontent:Exit Disclaimer to Include - Possible uses:
- URI Resolver administration
- CTS2 Development Framework administration
- LexEVS REST secure ontology access/token transfer
- Possible uses:
- RFC 2196
Multiexcerpt include nopanel true MultiExcerptName ExitDisclaimer PageWithExcerpt wikicontent:Exit Disclaimer to Include - Specifiically, section 3.1.2 Separation of Services
Multiexcerpt include nopanel true MultiExcerptName ExitDisclaimer PageWithExcerpt wikicontent:Exit Disclaimer to Include - This architecture will allow services to be separated to those needing to be exposed externally and those that do not.
- Services NOT to expose externally:
- URI Resolver administration
- CTS2 Development Framework administration
- Specifiically, section 3.1.2 Separation of Services
The components of the CBIIT technologies used for security controls
None
Any expected deviation from the standards
None
