Abstract
In both the public and private sectors, organizations have become significantly depend over on the proper functioning of information systems. As security spending continues to rise, organizations contend that metrics initiatives will become critical to managing and understanding the impact of information security programs. This paper reviews information assurance (IA) conceptions from viewpoint of system science and analyses the construction of IA systems. An IA evaluation model is addressed in this paper, which is depicted by IA capability index, IA countermeasure index and IA cost index. This evaluation model can be used for organizations to assess their IA strategies and analyzes their security state.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
- Information Security
- Information Assurance
- Information Security Management
- National Security Agency
- Information System Security
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Hartley R.V.L.: Transmission of Information. In: Bell System Techn. vol. 1928(3) 535–563
Shannon, C.E.: Mathematical Theory of CommunicationBSTJ1948
British Standards Institute, Code of practice for information security management, BS 7799, London (1999)
Bell, D., Padula, L.: Security Computing Systems: Mathematical Foundation and Model. MITRE Report, Bedbord, MA (1975)
David, F.C.B., Michael, N.: The Chinese Wall Security Policy. In: IEEE Symposium on Research in Security and Privacy, pp. 206–214 (1989)
McCumber, J.: Information Systems Security: A Comprehensive Model. In: Proceedings 14th National Computer Security Conference. National Institute of Standards and Technology. Baltimore, MD (October 1991)
Maconachy, W.V., Schou, C.D., Ragsdale, D., Welch, D.: A Model for Information Assurance: An Integrated Approach. In: Proceedings of the, IEEE Workshop on Information Assurance and Security United States Military Academy, 2001, pp. 306–310 (2001)
ITU X.800. Security Architecture for Open Systems Interconnection for CCITT Applications (1991)
National Security Agency. National Information Systems Security Glossary. NSTISSI 4009 Fort Meade, MD (Septemper 2000)
Information Assurance Technical Framework, National Security Agency Information Assurance Solutions Technical Directors (September 2002)
Zhao, Z.S.: Lectures on Information Assurance. State Key Lab of Information Security, Chinese Academy of Sciences (in Chinese) (2005)
Chen, X., Zheng, Q., Guan, X. et al.: Multiple behavior information fusion based quantitative threat evaluation. Computers and Security 24, 218–231 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lü, X., Ma, Z. (2007). Information Assurance Evaluation for Network Information Systems. In: Wang, Y., Cheung, Ym., Liu, H. (eds) Computational Intelligence and Security. CIS 2006. Lecture Notes in Computer Science(), vol 4456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74377-4_91
Download citation
DOI: https://doi.org/10.1007/978-3-540-74377-4_91
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74376-7
Online ISBN: 978-3-540-74377-4
eBook Packages: Computer ScienceComputer Science (R0)