[ISN] towards a taxonomy of Information Assurance

From: InfoSec News (isnat_private)
Date: Mon Aug 25 2003 - 00:38:46 PDT

Next message: InfoSec News: "[ISN] Microsoft Windows: Insecure by Design"

Previous message: InfoSec News: "[ISN] Minister defends Japanese "Big Brother" idenity database as hackerproof"
Next in thread: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "RE: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "RE: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "RE: [ISN] towards a taxonomy of Information Assurance"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Abe Usher <abe.usher@sharp-ideas.net>

Information Security Professionals at ISN,

Bottom line: I'd like your help in shaping a usable taxonomy of 
Information Assurance.*

I am presently working on creating a taxonomy of information assurance, 
based on the three aspects of:
(1) Information characteristics
(2) Information states
(3) Security countermeasures

These three aspects of Information Assurance (IA) were highlighted by 
John McCumber [1] as well as a team of West Point researchers [2] as a 
component of works that define an integrated approach to security.

Within the next 6 months, I would like to create a taxonomy that 
graphically depicts the relationships of these three aspects.

My intent is that this taxonomy could be used by the academic community, 
industry, and government in improving the precision of communication 
used in discussing information assurance/security topics.

I have searched the Internet widely for a taxonomy of Information 
Assurance, but I have not found anything that is sufficiently detailed 
for application with real world problems.

I've posted my initial results to the following URL:

http://www.sharp-ideas.net/ia/information_assurance.htm

for comments and peer review.

Cheers,

Abe Usher
abe.usher@sharp-ideas.net


* Information assurance is defined as "information operations that 
protect and defend information and information systems by ensuring their 
availability, integrity, authentication, confidentiality, and 
non-repudiation.  This includes providing for restoration of information 
systems by incorporating protection, detection, and reaction capabilities.

[1] McCumber, John.  "Information Systems Security: A Comprehensive 
Model".  Proceedings 14th National Computer Security Conference.  
National Institute of Standards and Technology.  Baltimore, MD.  
October 1991.

[2] Maconachy, Victor, Corey Schou, Daniel Ragsdale, and Don Welch. "A 
Model for Information Assurance: An Integrated Approach".  Proceedings 
of the 2001 IEEE Workshop on Information Assurance and Security.  
U.S. Military Academy.  West Point, NY.  June 2001.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Microsoft Windows: Insecure by Design"
Previous message: InfoSec News: "[ISN] Minister defends Japanese "Big Brother" idenity database as hackerproof"
Next in thread: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "RE: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "Re: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "RE: [ISN] towards a taxonomy of Information Assurance"
Reply: InfoSec News: "RE: [ISN] towards a taxonomy of Information Assurance"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 25 2003 - 03:52:17 PDT