Defense Graphs and Enterprise Architecture for Information Assurance Analysis

摘要

The JQRR metrics for Information Assurance (IA) and Computer Network Defense (CND) are combined with a framework based on defense graphs. This enables the use of architectural models for rational decision making, based on the mathematical rigor of extended influence diagrams. A sample abstract model is provided, along with a simple example of its usage to assess access control vulnerability. With the advent of Network Centric Warfare, Information Assurance (IA) is becoming ever more important to the success of military operations. Reliable and secure IT systems are vital to ensure success on the battlefield, and precisely because of this, they also become the focus of adversarial attention. IA, however, is a complicated function of many different concepts such as technical countermeasures, organizational policies, security procedures, and more. Measuring the level of IA, therefore, is a non-trivial exercise; making rational decisions and prioritizations about the use of scarce resources is ever more so. To efficiently protect computer networks and the information stored in them, combatant commanders and combat support agencies need to be able to assess the current security level of their IT systems as well as the security level after improvements. An example of a framework for such assessment is the Information Assurance (IA) and Computer Network Defense (CND) Joint Quarterly Readiness Review (JQRR) Metrics, which provides six different categories of metrics, used for readiness assessments of US forces: 1. Personnel, 2. Training, 3. Operations, 4. Technology (equipment), 5. Supporting Infrastructure, and 6. Intelligence.