Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

IA Roadmap
From: InfoSec News <isn () c4i org>
Date: Tue, 26 Jul 2005 00:40:17 -0500 (CDT)
http://www.military-information-technology.com/article.cfm?DocID=1027

By Patrick Chisholm
July 25, 2005 

To realize the Department of Defense's vision for the Global 
Information Grid (GIG), information assurance (IA) requirements 
include robust identity, authentication and privilege management, 
policy for dynamic access control, security management, and 
"persistence monitoring" or continual monitoring throughout the 
network, according to Daniel G. Wolf, the director of information 
assurance for the National Security Agency (NSA). 

Protecting information across the entire GIG is a top priority of NSA, 
which recently revised its IA roadmap for the GIG and continues to 
update it as technology advances. In doing so, NSA is working with the 
military services and DoD agencies to form alliances and validate the 
GIG IA program requirements, budget requirements and implementation 
strategy based on the architecture that NSA has proposed. 

To be sure, implementing the roadmap is a long-term project: the 
architectural plan for data sharing on the GIG is to be carried out 
over the next 15 to 20 years. 

The roadmap leverages the five tenets of IA: availability, integrity, 
authentication, confidentiality and non-repudiation.

Essential components of the IA roadmap include: 

* Maintaining availability in an end-to-end encrypted "black core"
  environment that is "unforgeable" and "unspoofable."

* Identity management, specifying people, objects (data and
  applications) and machines.

* Privilege management, laying out the rights and privileges of users.

* Dynamic access enforcement.

* Mediated access between and among people, objects and machines based
  on identities and privileges.

* Assured information sharing.

* Underlying security management infrastructure.

[...]



_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com

  By Date           By Thread  

Current thread:
  • IA Roadmap InfoSec News (Jul 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]