This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Managing and Administering Security Infrastructure Controls via Policy
Technical Paper
2009-01-3183
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
Managing the security of the infrastructure and applications for any aviation IT system necessitates some sort of control mechanism(s) for defining how the various components and processes of the system work. This is true for both the network components, applications within the infrastructure, and the various security infrastructure components such as access control mechanisms, intrusion detection systems, etc. The need for a comprehensive, defense in depth, solution to security can only be met if there is an association between the controls regulating the various security components, so that there is a consistent approach to regulating and controlling security.
To meet this need we propose a unifying Global Policy Framework concept, that includes a Policy Workbench for developing and administrating the policies associated with security components and the security infrastructure.
Recommended Content
Technical Paper | Do Vehicles Need Data Security? |
Technical Paper | Introduction to Vehicular Embedded Security |
Technical Paper | Industry Activities Related to Aircraft Information Security |
Authors
Topic
Citation
Ridlon, S., "Managing and Administering Security Infrastructure Controls via Policy," SAE Technical Paper 2009-01-3183, 2009, https://doi.org/10.4271/2009-01-3183.Also In
References
- DoD CIO Vision for a Net-Centric, Service-Oriented DoD Enterprise, Version 1.0 June 2007
- NSA Information Assurance Directorate Information Assurance (IA) Component of the GIG Integrated Architecture, Increment 1, Version 1.1 12 Nov 2006
- The Burton Group Enterprise Identity Management Market: 2006-20007: Not a Winner Take-All November 6 2006
- XACML Specification http://www.oasis-open.org/specs/#xacmlv2.0 OASIS February 2005