The Associated Press has reported that for over a month, hackers effectively penetrated Microsoft's firewall, and potentially, had access to source code for future products. Over the past year, reported commercial espionage has been increasing steadily. These events underscore the necessity for security engineers to define and implement strong information assurance infrastructures. The concept of defense in depth is used to provide sufficient detection and defensive countermeasures to ensure an enterprise's information is protected. Over the past three years, Harris has conducted research leading to the development of an assurance superstructure tool: the Integrated Design Environment for Assurance (IDEA). Building upon concepts developed during the Network Vulnerability Tool (NVT) program, the IDEA program refined the design and provides a comprehensive assurance analysis superstructure. The IDEA program benefited from the NVT architecture to gain greater adaptive capabilities to address the evolving capabilities of external vulnerability assessment and risk management tools. This re-architected solution builds upon lessons learned during the NVT project.
[1]
Lotfi A. Zadeh,et al.
The Calculus of Fuzzy If/Then Rules
,
1992,
Fuzzy Days.
[2]
G. T. Gangemi,et al.
Computer Security Basics
,
2006
.
[3]
Mary Shaw,et al.
Software architecture: the next step for object technology (panel)
,
1993,
OOPSLA '93.
[4]
Ralph Johnson,et al.
design patterns elements of reusable object oriented software
,
2019
.