Net-Centric Information: Assurance Strategy

Net-Centric Information: Assurance Strategy

Supriya Ghosh (Arcadia Concepts, USA)
DOI: 10.4018/978-1-60566-854-3.ch009
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This chapter now shifts to describing Information Assurance and how it is a crucial topic that aids the process of Net Centricity. We start with a set of information assurance definitions that have been stated in the language within DoD guidance documents. We then define common information assurance principles and define terms such as Defense-in-Depth. We then discuss the certification and accreditation process that has been standardized throughout the DoD to ensure that security measures are in place. The latest DoD process is DIACAP, and it involves implementing a set of information assurance steps. We then introduce Common Criteria standards, an international framework that allows government and industry to work together on a common method for implementing security measures. Then we discuss net-centric information assurance goals and how information assurance aspects are adopted for netcentric operations.
Chapter Preview
Top

Chapter Content

As you explore Chapter 9, it will cover the following topics:

  • Information Assurance Definitions

  • Information Assurance Certification & Accreditation

  • Use of Common Criteria Standards

  • Net-Centric Information Assurance Vision

  • Information Assurance for Net-Centric Operations

Top

Information Assurance Definitions

Since Information Assurance (IA) is a discipline that is complex and not well understood, this section tries to introduce the subject matter by providing definitions of fundamental terms. There are a large number of defense and military guidance documents, written as DoD Directives and DoD Instructions that cover the fundamentals of Information Assurance. Information assurance definitions are also used by other government and civilian entities, and the concepts are similar in nature.

The following set of definitions has been obtained based on DoD Directive 8500.1, titled, “Information Assurance” (DoD 8500.1E, 2007). This information assurance directive is used by U.S. defense organizations that include DoD Components, Armed Force Services, and associated federal government agencies and civilian organizations.

Definition of Information Assurance

Here is a definition of Information Assurance based on the DoD Information Assurance Certification and Accreditation Process (DIACAP) documentation and DoD net-centric guidelines.

  • Information Assurance (IA) is the discipline that provides methods for managing the risks of information assets

  • Information Assurance is defined as measures taken by an organization to protect and defend information and information systems to ensure the following principles:

    • o

      Availability

    • o

      Integrity

    • o

      Authentication

    • o

      Confidentiality

    • o

      Non-Repudiation

  • This includes providing for the restoration of information systems by incorporating protection, detection and reaction capabilities

  • Information Assurance protects data whether the data is in storage, processing, or transit, and whether the data is threatened by malice or by accident

Complete Chapter List

Search this Book:
Reset