"/ >

PAe - Opened the term for an analysis HTTPS of environments and web applications of the public sector
the accesskey _ mod _ content

Abierto el plazo para solicitar un análisis HTTPS de los entornos y aplicaciones web del sector público

11 April 2017

CCN-CERT Logo

El CCN-CERT, dentro de su campaña de impulso a la implantación de HTTPS en las sedes electrónicas del sector público, ha abierto el plazo para solicitar un análisis de los dominios, servidores y aplicaciones web de todos aquellos organismos y entidades que así lo deseen.

Los solicitantes de este servicio tienen hasta el 19 de mayo para entrar a formar parte del estudio del CERT Gubernamental Nacional cuyo objetivo es evaluar la implementación de HTTPS y el estado actual del ecosistema HTTPS en el sector público. Para ello tan sólo deberán rellenar un fichero Excel y enviarlo a una dirección de correo, ambos disponibles en la website CCN-CERT's report (Opens in new window) .

In this file, should provide all domains, servers and web applications wishing to include in the study. Once analysed web environments objective, CCN-CERT send a report with detailed results of the analysis HTTPS. The study is complemented with the report of recommendations for its correct implantation.

The CCN-CERT (Opens in new window) notes the importance of making use of web communications as safe as possible, i.e. based solely on the use of the protocol HTTPS address HTTP, regardless of the device client used.

Parallel to this service, the CCN-CERT has published its Report of Good Practices CCN-CERT BP-01 / 17. Recommendations for implementation of HTTPS which stresses the importance of making use of web communications as safe as possible, i.e. based solely on the use of this protocol address HTTP, which provides both authentication mechanisms as encryption and integrity. Using HTTPS in web technologies is application in both corporate environments as for individual use of the same, regardless of whether they are accessed from traditional computers and mobile devices, or from any other technological device, as partners to the Internet of things (IoT, Internet of Things).

On this occasion, the report of good practices is particularly aimed at those responsible for security (not the end user) and includes technical details for implementation and safe deployment HTTPS protocol in environments, servers and web applications.

Original source of the news (Opens in new window) .

 

  • Security
  • Administrative cooperation
  • Electronic services
General access point
 
General access point