Title :
Integrated architecture framework and security risk management for complex systems
Author :
Andrews, C. ; Monk, C. ; Johnston, R.
Author_Institution :
Defence Inf., BAE Syst., Frimley, UK
Abstract :
The systems that are of interest in this paper are defence information systems that have links to networks that can be at the same or different levels of security to the system being designed or modified. This is what has the potential to give rise to major information security vulnerabilities. These systems require end-to-end Information Assurance (IA) solutions in their design, development, operation and throughlife support. As such we need to tackle the problems of design, assurance and implementation of these complex systems in a standards-based and coherent manner. This need has led us to a method of combining the MOD Architecture Framework (MODAF) with Information Assurance (IA) Architectural Patterns and the IA Risk Management information document set to provide a coherent structure that will allow risk to be understood holistically and therefore mitigated more effectively. This is achieved through linkage to the Information System Architecture (expressed in the MODAF set of architectural views). An integrated solution enables a parallel but linked security assessment and architectural design by means of a framework that captures common information in terms of assets and can through these assets directly influence the assessment and the design.
Keywords :
information systems; military computing; risk analysis; security of data; IA architectural patterns; IA risk management information; MOD architecture framework; MODAF; complex systems; defence information systems; end-to-end information assurance; information assurance; information security vulnerabilities; information system architecture; integrated architectural design; linked security assessment; security risk management; Architecture; Assurance; Framework; Risk; Security;
Conference_Titel :
System Safety and Cyber Security (2014), ??????9th IET International Conference on
Print_ISBN :
978-1-84919-940-7