TY - GEN
T1 - Engineering information assurance for critical infrastructures
T2 - 15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005
AU - Lee, Seok Won
AU - Ahn, Gail Joon
AU - Gandhi, Robin A.
PY - 2005
Y1 - 2005
N2 - Recent advances in information technology have transformed the way in which mission-critical services get delivered and are evaluated today. These services are heavily and increasingly relying on an interdependent crossed network of critical information infrastructures, spanning from private to government sectors. In order to enable such infrastructures to efficiently mitigate risks, optimize their security posture and evaluate their information assurance (IA) practices, we identify the need for a structured and comprehensive methodology for IA-aware critical infrastructure protection. In this paper, we focus on the automation study of the Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP) that is a standard for certifying and accrediting the information networks that comprise of the Defense Information Infrastructure (DII). We attempt to generalize a course of actions in DITSCAP that motivate our design principles and modeling techniques, supported by their theoretical backgrounds and demonstrable prototype interfaces to establish their appropriateness.
AB - Recent advances in information technology have transformed the way in which mission-critical services get delivered and are evaluated today. These services are heavily and increasingly relying on an interdependent crossed network of critical information infrastructures, spanning from private to government sectors. In order to enable such infrastructures to efficiently mitigate risks, optimize their security posture and evaluate their information assurance (IA) practices, we identify the need for a structured and comprehensive methodology for IA-aware critical infrastructure protection. In this paper, we focus on the automation study of the Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP) that is a standard for certifying and accrediting the information networks that comprise of the Defense Information Infrastructure (DII). We attempt to generalize a course of actions in DITSCAP that motivate our design principles and modeling techniques, supported by their theoretical backgrounds and demonstrable prototype interfaces to establish their appropriateness.
KW - Critical Infrastructure Protection
KW - Information Security Requirements Engineering
KW - Information Systems Certification and Accreditation
KW - Ontological Engineering
KW - Risk Assessment
UR - http://www.scopus.com/inward/record.url?scp=84883302612&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84883302612&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84883302612
SN - 9781622769285
T3 - 15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005
SP - 50
EP - 62
BT - 15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005
Y2 - 10 July 2005 through 15 July 2005
ER -