DIACAP

DIACAP

Department of Defense Information Assurance

Information Assurance (IA) comprises of "measures that defend and fight back data and data schemes by double-checking their accessibility, integrity, authentication, confidentiality, and non-repudiation. This encompasses supplying for a restoration of data schemes by integrating defense, detection, and answer capabilities." (Department of Defense Directive 8500.1 "Information Assurance," October 24, 2002)

Secure communications have developed through three very distinct phases over a past 50 years: Communications Security (COMSEC), Information Systems Security (INFOSEC) and Information Assurance (IA). After WWII and a Korean War, COMSEC efforts concentrated mainly on cryptography. A introduction and prevalent use of computers conceived new claims to defend data swaps between interconnected computer systems. This demand conceived a Computer Security (COMPUSEC) discipline. With a introduction of COMPUSEC came a acknowledgement that stand-alone COMSEC and stand-alone COMPUSEC could not defend data throughout storage, processing or move between systems. This acknowledgement provided increase to a period INFOSEC and a data defense objective took on a broader perspective. IA appeared and concentrated on a require to defend data throughout transit, processing, or storage inside convoluted and/or broadly dispersed computers and connection scheme networks. There desires to be an promise that a data dispatched is a identical data that is received.

Global Information Grid

A GIG is a globally interconnected, end-to-end set of data capabilities for assembling, processing, saving, disseminating, and organising data on demand to warfighters, principle manufacturers, and support personnel. A GIG encompasses belongs to and leased communications and computing schemes and services, programs (including applications), facts and numbers, security services, other affiliated services, and National Security Systems. Non-GIG IT encompasses stand-alone, self-contained, or embedded IT that is not, and will not be, attached to a enterprise network.

To double-check a reliable "Defense-in-Depth" implementation over constituent schemes of a GIG, IA architectural notions should finally be converted into exact architecture guidance, IA measures and protocols, mechanical obligations, and policy. This concerns to living, appearing, and future scheme development efforts for example a Joint Tactical Radio System (JTRS), Warfighter Information Network-Tactical (WIN-T), Intelligence Community System for Information Sharing (ICSIS), Transformational Communications (TC), and other programs carrying a GIG vision.

A implementation should permit both human users of a GIG, and automated services portraying representing GIG users, to get access to data and services from any location, founded on require and capability. Information should be marked and furthermore cataloged utilising metadata, permitting users to seek and get a data needed to fulfill their objective under a "smart-pull" and data administration model. This needs a GIG to understand where a data is dispatched and to identify who a client is, despite of location.

Since a primary issue of a architecture, NSA has been supplying IA guidance to foremost DoD plans, as well as to NSA's interior crosscutting IA efforts that feed exactly into transformational GIG programs. In supplement, a architecture assists to guide NSA's IA study partnerships and commerce outreach programs in a direction of a widespread GIG dream to double-check seamless interoperation of goods and to double-check that a GIG IA expertise breaches are ...