National Technical Reports Library - NTRL

National Technical Reports Library


Details
Actions:
Download PDFDownload XML
Download

Information Assurance Technical Framework (IATF). Release 3.1.


ADA606355

Publication Date 2002
Page Count 915
Abstract The Information Assurance Technical Framework (IATF) document, Release 3.1, provides technical guidance for protecting the information infrastructures of the United States (U.S.) Government and industry. The information infrastructure processes, stores, and transmits information critical to the mission and business operations of an organization. This information is protected through information assurance (IA) that addresses all the security requirements of today's information infrastructure. IA relies on people, operations, and technology to accomplish the mission/business and to manage the information infrastructure. Attaining robust IA means implementing policies, procedures, techniques, and mechanisms at all layers of the organization's information infrastructure. The IATF defines the information system security engineering (ISSE) process for developing a secure system. This process defines the principles, the activities, and the relationship to other processes. Applying these principles results in layers of protection known collectively as the Defense-in-Depth Strategy. The four major technology focus areas of the Defense-in-Depth Strategy are to Defend the Network and Infrastructure, Defend the Enclave Boundary, Defend the Computing Environment, and Defend Supporting Infrastructures. The Defense-in-Depth Strategy has been broadly adopted. For example, within the U.S. Department of Defense (DoD), the Global Information Grid (GIG) IA Policy and Implementation Guidance was built around the strategy. This departmental-level policy document cites the IATF as a source of information on technical solutions and guidance for the DoD IA implementation.
Keywords
  • Information assurance
  • Availability
  • Bandwidth
  • Computer access control
  • Computer network security
  • Computer viruses
  • Countermeasures
  • Data storage systems
  • Defense in depth
  • Firewalls(Computers)
  • Global information grid
  • Hacking(Computer security)
  • Information systems
  • Infrastructure
  • Interoperability
  • Intrusion detection(Computers)
  • Risk analysis
  • Tactical data systems
  • Technology assessment
  • Wireless communications
  • Wireless computer networks
  • Backbone networks
  • Computer network monitoring
  • Cyber threats
  • Cybersecurity
  • Data protection
  • Defense in depth strategy
  • Dynamic networks
  • Enclave boundaries
  • Guards
  • Information infrastructure
  • Isse(Information system security engineering)
  • Kmi(Key management infrastructure)
  • Malicious code protection
  • Multilevel security
  • Network mobility
  • Pki(Public key infrastructure)
  • Remote access
  • Systems security
  • Tactical networks
  • Voice over internet protoco (VOIP)
  • Virtual private networks(VPN)
Source Agency
  • Non Paid ADAS
NTIS Subject Category
  • 62 - Computers, Control & Information Theory
  • 62D - Information Processing Standards
Corporate Authors National Security Agency/Central Security Service, Fort George G. Meade, MD.
Supplemental Notes Supersedes ADA393328 and ADM001394.
Document Type Technical Report
NTIS Issue Number 201501
Information Assurance Technical Framework (IATF). Release 3.1.
Information Assurance Technical Framework (IATF). Release 3.1.
ADA606355

  • Information assurance
  • Availability
  • Bandwidth
  • Computer access control
  • Computer network security
  • Computer viruses
  • Countermeasures
  • Data storage systems
  • Defense in depth
  • Firewalls(Computers)
  • Global information grid
  • Hacking(Computer security)
  • Information systems
  • Infrastructure
  • Interoperability
  • Intrusion detection(Computers)
  • Risk analysis
  • Tactical data systems
  • Technology assessment
  • Wireless communications
  • Wireless computer networks
  • Backbone networks
  • Computer network monitoring
  • Cyber threats
  • Cybersecurity
  • Data protection
  • Defense in depth strategy
  • Dynamic networks
  • Enclave boundaries
  • Guards
  • Information infrastructure
  • Isse(Information system security engineering)
  • Kmi(Key management infrastructure)
  • Malicious code protection
  • Multilevel security
  • Network mobility
  • Pki(Public key infrastructure)
  • Remote access
  • Systems security
  • Tactical networks
  • Voice over internet protoco (VOIP)
  • Virtual private networks(VPN)
  • Non Paid ADAS
  • 62 - Computers, Control & Information Theory
  • 62D - Information Processing Standards
Loading