Proposed methodology to enhance C4I systems security on architectural level
نویسندگان
چکیده
Command control, communication, computer and intelligence (C4I) systems are the back bone complex information and communication systems for modern information warfare (IW). Managing security in C4I systems is a challenge due to complexity and criticality of these systems. This paper elaborates design methodology to incorporate security in the C4I systems in systematic and consistent way instead of patching and random approach. The approach in this work exploits the opportunity provided by architecture frameworks (AF) to capture threats and devise security measures. Assurance cases have been used to model security of the C4I system in order to enhance the process of security design and overcome challenges.
منابع مشابه
An architectural systems engineering methodology for addressing cyber security
This paper discusses important shortcomings of current approaches to systems security engineering. The value and limitations of perimeter security designs are examined. An architectural approach to systems security engineering is introduced as a complementary means for strengthening current approaches. Accordingly, this paper outlines a methodology to identify classes of new reusable system sec...
متن کاملService Oriented Architecture Support in Various Architecture Frameworks: A Brief Review
Service Oriented Architecture (SOA) is a promising approach used to reduce the time and cost of business solutions in enterprises, and it provides enterprises with agility to respond dynamically to its changing requirements. Therefore, there is a need for great efforts to move agencies and enterprises into systems, such as C4I systems and those that are supported by SOAs. For this reason, numer...
متن کامل3 . Information Systems Security
The greater the military leverage that C4I systems provide for U.S. forces, the larger the incentives are for an opponent to attack those systems. Indeed, it makes little sense for an opponent to challenge the U.S. “symmetrically”, i.e., force-on-force. More likely avenues of challenge are “asymmetric”, i.e., avenues that exploit potential U.S. vulnerabilities. Attacking U.S. C4I systems – whet...
متن کاملImproving Inter-Enclave Information Flow for a Secure Strike Planning Application
DoD operates many system high enclaves with limited information ow between enclaves at di erent security levels. Too often, the result is duplication of operations and inconsistent and untimely data at different sites, which reduces the e ectiveness of DoD decision support systems. This paper describes our solution to this problem as it arises in installations of the Joint Maritime Command Info...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کامل