CAPABILITY INFORMATION EXCHANGE SECURITY Sample Clauses

CAPABILITY INFORMATION EXCHANGE SECURITY. Information exchanged between the U.S. Federal Government agencies and the DHS TAXII systems occurs using Federal Information Processing Standard (FIPS) 140-2 compliant HTTP over TLS (Transmission Control Protocol (TCP) port 8443) with AES-256 as the minimum standard encryption algorithm. This connection will use the exchange of trusted Public Key Infrastructure (PKI) certificates for the establishment of secure communications. PKI certificates for the TAXII server are issued from the DHS Certificate Authority (CA) or Federal Bridge CAs per DHS Policy for Public Key Enablement. Each Federal entity connecting must provide DHS with PKI certificates for their TAXII instance. Those certificates should either be issued by the Federal entity’s CA or purchased from a commercial vendor that issues certs with a Federal Bridge CA relationship. Each organization will maintain the boundary protections to include firewalls, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), and any other perimeter protections required for their respective network as dictated by organization security policies. All traffic between U.S. Federal agencies and the DHS TAXII server is routed through a managed Trusted Internet Connection (TIC) compliant network interface. Both organizations will ensure that virus and spyware detection and eradication capabilities are used where appropriate (e.g., workstations, laptops, servers, etc.) and that adequate system access controls are in place and maintained on all components connected to the systems. Specific protocols and ports that are needed to support this interconnection are provided in Appendix A. Ports and protocols not specifically defined in Appendix A will be approved by DHS firewall change control procedures. Currently data for the STIX/TAXII system is not encrypted at rest. However, data is encrypted while being transmitted. In addition, the TAXII database (MySQL) is encrypted by Amazon Web Services.
Sample 1
AutoNDA by SimpleDocs

Related to CAPABILITY INFORMATION EXCHANGE SECURITY

  • PERSONAL INFORMATION PRIVACY AND SECURITY CONTRACT 11 Any reference to statutory, regulatory, or contractual language herein shall be to such language as in 12 effect or as amended.

  • - CLEC INFORMATION CLEC agrees to work with Qwest in good faith to promptly complete or update, as applicable, Qwest’s “New Customer Questionnaire” to the extent that CLEC has not already done so, and CLEC shall hold Qwest harmless for any damages to or claims from CLEC caused by CLEC’s failure to promptly complete or update the questionnaire.

  • Student Information Those living in The Village hereby agree that the Owner shall receive all Student information provided in the Agreement and waives and releases Owner from any duty of confidentiality that may apply to such information.

  • Patient Information Each Party agrees to abide by all laws, rules, regulations, and orders of all applicable supranational, national, federal, state, provincial, and local governmental entities concerning the confidentiality or protection of patient identifiable information and/or patients’ protected health information, as defined by any other applicable legislation in the course of their performance under this Agreement.

  • Facility Information The Product is: Renewable Energy Facility or Unit Specific; if so, complete the following: Name of Facility Location of Facility EIA number Online Date Renewable Energy Source specific; if so, state: Aggregator area specific. Use the following table for generator aggregation programs: REC Delivery Unit Specific Generating Renewable Energy Unit / Renewable Energy Source Generating Renewable Energy Aggregation Program / Renewable Energy Sources Location of Generator or Area of Aggregation Delivery 3

  • Securities Law Information The Participant acknowledges that he or she is permitted to sell the Shares acquired under the Plan through the designated broker appointed by the Company, provided the sale of the Shares takes place outside of Canada through facilities of a stock exchange on which the Shares are listed (i.e., the NYSE).

  • Confidential System Information HHSC prohibits the unauthorized disclosure of Other Confidential Information. Grantee and all Grantee Agents will not disclose or use any Other Confidential Information in any manner except as is necessary for the Project or the proper discharge of obligations and securing of rights under the Contract. Grantee will have a system in effect to protect Other Confidential Information. Any disclosure or transfer of Other Confidential Information by Xxxxxxx, including information requested to do so by HHSC, will be in accordance with the Contract. If Grantee receives a request for Other Confidential Information, Xxxxxxx will immediately notify HHSC of the request, and will make reasonable efforts to protect the Other Confidential Information from disclosure until further instructed by the HHSC. Grantee will notify HHSC promptly of any unauthorized possession, use, knowledge, or attempt thereof, of any Other Confidential Information by any person or entity that may become known to Grantee. Grantee will furnish to HHSC all known details of the unauthorized possession, use, or knowledge, or attempt thereof, and use reasonable efforts to assist HHSC in investigating or preventing the reoccurrence of any unauthorized possession, use, or knowledge, or attempt thereof, of Other Confidential Information. HHSC will have the right to recover from Grantee all damages and liabilities caused by or arising from Grantee or Grantee Agents’ failure to protect HHSC’s Confidential Information as required by this section. IN COORDINATION WITH THE INDEMNITY PROVISIONS CONTAINED IN THE UTC, Xxxxxxx WILL INDEMNIFY AND HOLD HARMLESS HHSC FROM ALL DAMAGES, COSTS, LIABILITIES, AND EXPENSES (INCLUDING WITHOUT LIMITATION REASONABLE ATTORNEYS’ FEES AND COSTS) CAUSED BY OR ARISING FROM Grantee OR Grantee AGENTS FAILURE TO PROTECT OTHER CONFIDENTIAL INFORMATION. Grantee WILL FULFILL THIS PROVISION WITH COUNSEL APPROVED BY HHSC.

  • Eligibility Information Group shall provide timely and accurate eligibility information, including Medicare status, and identify all persons subject to the Medicare Secondary Payer statutes and regulations. Group acknowledges that BCN will rely upon the accuracy of all eligibility information Group provides, and Group shall indemnify and hold BCN harmless against any loss, claim or action, including costs, penalties and reasonable attorney fees, arising from the provision of inaccurate eligibility information.

  • Registration Information Customer shall be responsible for the accuracy and legality of all account, Agent, and registration information (including without limitation Customer’s legal name and payment information, Customer/Agent contact information, and any personal data included therein) (“Registration Information”) and the means of its acquisition.

  • Client Information (2) Protected Health Information in any form including without limitation, Electronic Protected Health Information or Unsecured Protected Health Information (herein “PHI”);

Time is Money Join Law Insider Premium to draft better contracts faster.