The evolving story of information assurance at the DoD.
Abstract
This document is a review of five documents on information assurance from the Department of Defense (DoD), namely 5200.40, 8510.1-M, 8500.1, 8500.2, and an ''interim'' document on DIACAP [9]. The five documents divide into three sets: (1) 5200.40 & 8510.1-M, (2) 8500.1 & 8500.2, and (3) the interim DIACAP document. The first two sets describe the certification and accreditation process known as ''DITSCAP''; the last two sets describe the certification and accreditation process known as ''DIACAP'' (the second set applies to both processes). Each set of documents describes (1) a process, (2) a systems classification, and (3) a measurement standard. Appendices in this report (a) list the Phases, Activities, and Tasks of DITSCAP, (b) note the discrepancies between 5200.40 and 8510.1-M concerning DITSCAP Tasks and the System Security Authorization Agreement (SSAA), (c) analyze the DIACAP constraints on role fusion and on reporting, (d) map terms shared across the documents, and (e) review three additional documents on information assurance, namely DCID 6/3, NIST 800-37, and COBIT{reg_sign}.
- Authors:
- Publication Date:
- Research Org.:
- Sandia National Laboratories
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 902561
- Report Number(s):
- SAND2006-7179
TRN: US200719%%9
- DOE Contract Number:
- AC04-94AL85000
- Resource Type:
- Technical Report
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE; CLASSIFICATION; SECURITY; US DOD; INFORMATION SYSTEMS; Intelligence service.; Information technology; United States-Management.; Military intelligence.; Information systems.; Technology-Information services.
Citation Formats
Campbell, Philip LaRoche. The evolving story of information assurance at the DoD.. United States: N. p., 2007.
Web. doi:10.2172/902561.
Campbell, Philip LaRoche. The evolving story of information assurance at the DoD.. United States. doi:10.2172/902561.
Campbell, Philip LaRoche. Mon .
"The evolving story of information assurance at the DoD.". United States.
doi:10.2172/902561. https://www.osti.gov/servlets/purl/902561.
@article{osti_902561,
title = {The evolving story of information assurance at the DoD.},
author = {Campbell, Philip LaRoche},
abstractNote = {This document is a review of five documents on information assurance from the Department of Defense (DoD), namely 5200.40, 8510.1-M, 8500.1, 8500.2, and an ''interim'' document on DIACAP [9]. The five documents divide into three sets: (1) 5200.40 & 8510.1-M, (2) 8500.1 & 8500.2, and (3) the interim DIACAP document. The first two sets describe the certification and accreditation process known as ''DITSCAP''; the last two sets describe the certification and accreditation process known as ''DIACAP'' (the second set applies to both processes). Each set of documents describes (1) a process, (2) a systems classification, and (3) a measurement standard. Appendices in this report (a) list the Phases, Activities, and Tasks of DITSCAP, (b) note the discrepancies between 5200.40 and 8510.1-M concerning DITSCAP Tasks and the System Security Authorization Agreement (SSAA), (c) analyze the DIACAP constraints on role fusion and on reporting, (d) map terms shared across the documents, and (e) review three additional documents on information assurance, namely DCID 6/3, NIST 800-37, and COBIT{reg_sign}.},
doi = {10.2172/902561},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Mon Jan 01 00:00:00 EST 2007},
month = {Mon Jan 01 00:00:00 EST 2007}
}