Cited By
View all- Huff JMedal HGriendling K(2018)A model‐based systems engineering approach to critical infrastructure vulnerability assessment and decision analysisSystems Engineering10.1002/sys.2146022:2(114-133)Online publication date: 2-Aug-2018
Information assurance modeling using the Department of Defense architecture framework
Authors: 
Ryan O'Farrell, Sriharsha Banavara, Donald Folds, 
John A. Hamilton, Jr.Authors Info & Claims
Article No.: 173, Pages 1 - 8
Abstract
Information assurance modeling is an important part of the overall security of an information technology system. In this paper we discuss the implementation of an Information Assurance Model using Department of Defense Architecture Framework so as to have traceability between systems and requirements. An assessment of the potential threats to a development effort is presented. Residual Risk was calculated using quantitative analysis. We describe a procedure to analyze the operational risk of an IT system using the DoDAF architecture and relate this operational risk to battlefield risk. We then present the verification and validation of the model. DIACAP scorecard and CNSSI 1253 control set are used as mediums to relate implementation and model.
References
[1]
Amer, S. H. and Hamilton, J. A. 2008. Understanding security architecture. In Proceedings of the 2008 Spring Simulation Multiconference (Ottawa, Canada, April 14--17, 2008). Spring Simulation Multiconference. Society for Computer Simulation International, San Diego, CA, 335--342.
[2]
Conkling, William R. and Hamilton, John A. Jr. 2009. Suggested Improvements to the DoDAF for Modeling Architectural Security. In Proceedings of the 2009 Spring Simulation Multiconference (San Diego, CA, March 22--27, 2009). Spring Simulation Multiconference. Society for Computer Simulation International, San Diego, CA.
[3]
DoD Architecture Framework Working Group. 2004. DoD Architecture Framework Version 1.5 - Volume II: Product Descriptions.
[4]
DoD Architecture Framework Working Group. 2009. DoD Architecture Framework Version 2.0 - Volume II: Product Descriptions.
[5]
Hamilton, John A. Jr. 2006. DoDAF-Based Information Assurance Architectures, CrossTalk The Journal of Defense Software Engineering, Feb. Issue.
[6]
Peterson, Gunnar. "Security Architecture Blueprint". 2006. Available at: http://arctecgroup.net/pdf/ArctecSecurityArchitectureBlueprint.pdf.
[7]
Richardson, Kevin. Security Extensions to the DoD Architecture Framework, Available at: http://www.eng.auburn.edu/users/hamilton/security/Workshop2005/Security%20Extensions%20to%20the%20DOD%20Architecture%20Framework.ppt {accessed November 22, 2009}.
[8]
Sargent, R. G. 2005. Verification and validation of simulation models. In Proceedings of the 37th Conference on Winter Simulation (Orlando, Florida, December 04--07, 2005). Winter Simulation Conference. Winter Simulation Conference, 130--143.
[9]
Schneider, E. A. 2000. Security architecture-based system design. In Proceedings of the 1999 Workshop on New Security Paradigms (Caledon Hills, Ontario, Canada, September 22--24, 1999). NSPW '99. ACM, New York, NY, 25--31. DOI= http://doi.acm.org/10.1145/335169.335185.
- Information assurance modeling using the Department of Defense architecture framework
Recommendations
Leveraging the DODAF to model information assurance architectures
SCSC '08: Proceedings of the 2008 Summer Computer Simulation ConferenceThe DOD Architecture Framework (DODAF) is the prescribed means for documenting information systems in the DOD and is an integral part of the Joint Capabilities Integration and Development System (JCIDS). The inclusion of DODAF architectures in new ...
Non risk assessment information security assurance model
InfoSecCD '09: 2009 Information Security Curriculum Development ConferenceThis article is present information assurance model based on Non risk assessment model. The model based on diligence model where assurance is achieved by using threat and vulnerability reviews and countermeasures based on tangible best practices. An ...
The Assessment of Learning Outcomes in Information Assurance Curriculum
InfoSecCD '13: Proceedings of the 2013 on InfoSecCD '13: Information Security Curriculum Development ConferenceWe present an overview of the design and conduct of learning outcomes assessment for an undergraduate information assurance curriculum. The described program of assessment provides for an evidence-based, decision-making process that can be used to ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
April 2010
1726 pages
ISBN:9781450300698
- General Chairs:
- Robert McGraw,
- Eric Imsand,
- Program Chair:
- Michael J. Chinni
Sponsors
- SCS: Society for Modeling and Simulation International
In-Cooperation
Publisher
Society for Computer Simulation International
San Diego, CA, United States
Publication History
Published: 11 April 2010
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
Conference
SpringSim '10
Sponsor:
- SCS
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 312Total Downloads
- Downloads (Last 12 months)6
- Downloads (Last 6 weeks)0
Reflects downloads up to 13 Dec 2024
Other Metrics
Citations
Cited By
View all- Huff JMedal HGriendling K(2018)A model‐based systems engineering approach to critical infrastructure vulnerability assessment and decision analysisSystems Engineering10.1002/sys.2146022:2(114-133)Online publication date: 2-Aug-2018
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in