Active Automation of the DITSCAP

  • Seok Won Lee
  • Robin A. Gandhi
  • Gail-Joon Ahn
  • Deepak S. Yavagal
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3495)


The Defense Information Infrastructure (DII) connects Department of Defense (DoD) mission support, command and control, and intelligence computers and users through voice, data, imagery, video, and multimedia services, and provides information processing and value-added services. For such a critical infrastructure to effectively mitigate risk, optimize its security posture and evaluate its information assurance practices, we identify the need for a structured and comprehensive certification and accreditation (C&A) framework with appropriate tool support. In this paper, we present an active approach to provide effective tool support that automates the DoD Information Technology Security C&A Process (DITSCAP) for information networks in the DII.


Leaf Node Critical Infrastructure Active Automation Information Assurance Ontological Engineering 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Committee on National Security Systems (CNSS) Instruction No. 4009.: National Information Assurance (IA) Glossary (2003)Google Scholar
  2. 2.
    DoD 8510.1-M: DITSCAP Application Manual (2000)Google Scholar
  3. 3.
    DoD Instruction 5200.40.: DITSCAP (1997)Google Scholar
  4. 4.
    Kotonya, G., Sommerville, I.: Requirements Engineering with Viewpoints. BCS/IEEE Software Engineering Journal 11(1), 5–18 (1996)CrossRefGoogle Scholar
  5. 5.
    Lee, S.W., Rine D.C.: Missing Requirements and Relationship Discovery through Proxy Viewpoints Model. Studia Informatica Universalis: International Journal on Informatics (December 2004)Google Scholar
  6. 6.
    Lee, S.W., Yavagal, D.: GenOM User’s Guide. Technical Report: Dept. of Software and Information Systems, UNC Charlotte (2004)Google Scholar
  7. 7.
    Lee, S.W., Ahn, G., Gandhi, R.A.: Engineering Information Assurance for Critical Infrastructures: The DITSCAP Automation Study. To apprear in: Proceedings of the Fifteenth Annual International Symposium of the International Council on Systems Engineering (INCOSE 2005), Rochester, New York (July 2005)Google Scholar
  8. 8.
    Swanson, M., Nadya, B., Sabato, J., Hash, J., Graffo, L.: Security Metrics Guide for information Technology Systems. NIST #800-55 (2003)Google Scholar
  9. 9.
    Swanson, M.: Security Self-Assessment Guide for Information Technology Systems. NIST #800-26 (2001)Google Scholar
  10. 10.
    Swartout, W., Tate, A.: Ontologies. IEEE Intelligent Systems 14(1) (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Seok Won Lee
    • 1
  • Robin A. Gandhi
    • 1
  • Gail-Joon Ahn
    • 1
  • Deepak S. Yavagal
    • 1
  1. 1.Department of Software and Information SystemsThe University of North Carolina at CharlotteCharlotte

Personalised recommendations