Engineering information assurance for critical infrastructures: The DITSCAP automation study

Seok Won Lee, Gail Joon Ahn, Robin A. Gandhi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

Recent advances in information technology have transformed the way in which mission-critical services get delivered and are evaluated today. These services are heavily and increasingly relying on an interdependent crossed network of critical information infrastructures, spanning from private to government sectors. In order to enable such infrastructures to efficiently mitigate risks, optimize their security posture and evaluate their information assurance (IA) practices, we identify the need for a structured and comprehensive methodology for IA-aware critical infrastructure protection. In this paper, we focus on the automation study of the Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP) that is a standard for certifying and accrediting the information networks that comprise of the Defense Information Infrastructure (DII). We attempt to generalize a course of actions in DITSCAP that motivate our design principles and modeling techniques, supported by their theoretical backgrounds and demonstrable prototype interfaces to establish their appropriateness.

Original languageEnglish (US)
Title of host publication15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005
Pages50-62
Number of pages13
StatePublished - Dec 1 2005
Externally publishedYes
Event15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005 - Rochester, NY, United States
Duration: Jul 10 2005Jul 15 2005

Publication series

Name15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005
Volume1

Other

Other15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005
CountryUnited States
CityRochester, NY
Period7/10/057/15/05

Keywords

  • Critical Infrastructure Protection
  • Information Security Requirements Engineering
  • Information Systems Certification and Accreditation
  • Ontological Engineering
  • Risk Assessment

ASJC Scopus subject areas

  • Hardware and Architecture
  • Information Systems
  • Control and Systems Engineering

Fingerprint Dive into the research topics of 'Engineering information assurance for critical infrastructures: The DITSCAP automation study'. Together they form a unique fingerprint.

  • Cite this

    Lee, S. W., Ahn, G. J., & Gandhi, R. A. (2005). Engineering information assurance for critical infrastructures: The DITSCAP automation study. In 15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005 (pp. 50-62). (15th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2005; Vol. 1).