论文信息 - Information Assurance for Enterprise Engineering - 字舞流文

Information Assurance for Enterprise Engineering

This paper describes the results to date of a research effort to apply a pattern approach to the problem of addressing information assurance (IA) in enterprise-level information engineering. IA is not effectively included in Enterprise Architectures today, largely because there is no compendium of knowledge immediately useful to enterprise engineers who are not IA specialists. The goal of this research project is to capture IA best practices from the policy level through implementation levels in a representation accessible to enterprise architects and engineers. We are using the successful paradigm of patterns to capture this best practice knowledge as well as the understanding of how and where it fits within the context of an enterprise architecture framework.

Terry Bollinger | Duane Hybertson | Susan Chapin | Jody Heaney | Douglas Williams | D. Hybertson | Douglas Williams | T. Bollinger | J. Heaney | S. Chapin

[1] David M. Dikel,et al. Software Architecture: Organizational Principles and Patterns , 2001 .

[2] Ralph Johnson,et al. design patterns elements of reusable object oriented software , 2019 .

[3] Gary Stoneburner,et al. Engineering principles for information technology security (a baseline for achieving security) :: recommendations of the National Institute of Standards and Technology , 2001 .

[4] John A. Zachman,et al. A Framework for Information Systems Architecture , 1987, IBM Syst. J..

[5] Markus Schumacher,et al. Security Engineering with Patterns , 2003, Lecture Notes in Computer Science.

[6] William Cheswick,et al. Firewalls and Internet Security , 1994 .

[7] John A. Zachman,et al. A Framework for Information Systems Architecture , 1987, IBM Syst. J..

[8] P. S. Tasker,et al. DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[9] Gary Stoneburner,et al. SP 800-27 Rev. A. Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A , 2004 .

[10] Ivar Jacobson,et al. The Unified Software Development Process , 1999 .

[11] Lisa J. Carnahan,et al. Security in Open Systems , 1994 .

[12] Eduardo B. Fernandez,et al. A pattern language for security models , 2001 .

[13] Edward Roback,et al. SP 800-12. An Introduction to Computer Security: the NIST Handbook , 1995 .

[14] Donald L. Pipkin. Halting the Hacker , 2002 .

[15] Eduardo B. Fernandez,et al. The Authenticator Pattern , 1999 .

[16] John F. Sowa,et al. Extending and Formalizing the Framework for Information Systems Architecture , 1992, IBM Syst. J..

[17] Martin Fowler,et al. Analysis patterns - reusable object models , 1996, Addison-Wesley series in object-oriented software engineering.

[18] F. Schneider. Trust in Cyberspace , 1998 .

[19] Dirk Riehle. Password Patterns , 2002, EuroPLoP.

[20] Terry Mayfield,et al. Proceedings of the Workshop of the Federal Criteria for Information Technology Security , 1994 .

[21] Marianne Swanson,et al. SP 800-14. Generally Accepted Principles and Practices for Securing Information Technology Systems , 1996 .

[22] Sami Lehtonen,et al. A Pattern Language for Key Management , 2001 .

[23] B. F. Castro. Buschmann, Frank; Meunier, Regine; Rohnert, Hans; Sommerlad, Peter; Stal, Michael. Pattern-oriented software architecture: a system of patterns, John Wiley & Sons Ltd, 1996 , 1997 .