Abstract
The Defense Information Infrastructure (DII) connects Department of Defense (DoD) mission support, command and control, and intelligence computers and users through voice, data, imagery, video, and multimedia services, and provides information processing and value-added services. For such a critical infrastructure to effectively mitigate risk, optimize its security posture and evaluate its information assurance practices, we identify the need for a structured and comprehensive certification and accreditation (C&A) framework with appropriate tool support. In this paper, we present an active approach to provide effective tool support that automates the DoD Information Technology Security C&A Process (DITSCAP) for information networks in the DII.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Committee on National Security Systems (CNSS) Instruction No. 4009.: National Information Assurance (IA) Glossary (2003)
DoD 8510.1-M: DITSCAP Application Manual (2000)
DoD Instruction 5200.40.: DITSCAP (1997)
Kotonya, G., Sommerville, I.: Requirements Engineering with Viewpoints. BCS/IEEE Software Engineering Journal 11(1), 5–18 (1996)
Lee, S.W., Rine D.C.: Missing Requirements and Relationship Discovery through Proxy Viewpoints Model. Studia Informatica Universalis: International Journal on Informatics (December 2004)
Lee, S.W., Yavagal, D.: GenOM User’s Guide. Technical Report: Dept. of Software and Information Systems, UNC Charlotte (2004)
Lee, S.W., Ahn, G., Gandhi, R.A.: Engineering Information Assurance for Critical Infrastructures: The DITSCAP Automation Study. To apprear in: Proceedings of the Fifteenth Annual International Symposium of the International Council on Systems Engineering (INCOSE 2005), Rochester, New York (July 2005)
Swanson, M., Nadya, B., Sabato, J., Hash, J., Graffo, L.: Security Metrics Guide for information Technology Systems. NIST #800-55 (2003)
Swanson, M.: Security Self-Assessment Guide for Information Technology Systems. NIST #800-26 (2001)
Swartout, W., Tate, A.: Ontologies. IEEE Intelligent Systems 14(1) (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, S.W., Gandhi, R.A., Ahn, GJ., Yavagal, D.S. (2005). Active Automation of the DITSCAP. In: Kantor, P., et al. Intelligence and Security Informatics. ISI 2005. Lecture Notes in Computer Science, vol 3495. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11427995_46
Download citation
DOI: https://doi.org/10.1007/11427995_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25999-2
Online ISBN: 978-3-540-32063-0
eBook Packages: Computer ScienceComputer Science (R0)