| The evolving story of information assurance at the DoD. | |
| Campbell, Philip LaRoche | |
| Sandia National Laboratories | |
| 关键词: Information Systems.; Us Dod; Classification; 99 General And Miscellaneous//Mathematics, Computing, And Information Science; Military Intelligence.; | |
| DOI : 10.2172/902561 RP-ID : SAND2006-7179 RP-ID : AC04-94AL85000 RP-ID : 902561 |
|
| 美国|英语 | |
| 来源: UNT Digital Library | |
 PDF
|
|
【 摘 要 】
This document is a review of five documents on information assurance from the Department of Defense (DoD), namely 5200.40, 8510.1-M, 8500.1, 8500.2, and an ''interim'' document on DIACAP [9]. The five documents divide into three sets: (1) 5200.40 & 8510.1-M, (2) 8500.1 & 8500.2, and (3) the interim DIACAP document. The first two sets describe the certification and accreditation process known as ''DITSCAP''; the last two sets describe the certification and accreditation process known as ''DIACAP'' (the second set applies to both processes). Each set of documents describes (1) a process, (2) a systems classification, and (3) a measurement standard. Appendices in this report (a) list the Phases, Activities, and Tasks of DITSCAP, (b) note the discrepancies between 5200.40 and 8510.1-M concerning DITSCAP Tasks and the System Security Authorization Agreement (SSAA), (c) analyze the DIACAP constraints on role fusion and on reporting, (d) map terms shared across the documents, and (e) review three additional documents on information assurance, namely DCID 6/3, NIST 800-37, and COBIT{reg_sign}.
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| 902561.pdf | 606KB |  download |
878987797
028-85220240
