Risk Management and Information Assurance Decision Support

Abstract

Modern information technology (IT) systems rely on architectural paradigms that leverage small units of computation composed into larger, more complex systems. Component reuse enables more complex systems that are capable of processing information faster and of improved integration into dynamic workflows. For example, smart phone applications are composed from the phone hardware, the operating system (e.g., Android and iOS), the cellular network, and the individual mobile phone applications or “apps” that are sold in marketplaces. Apps increasingly use remote services for authentication, storage, runtime analytics and advertising. The DoD challenge is how to manage security risk across service compositions when services and data use must evolve to meet new mission needs. Dr. Travis Breaux at Carnegie Mellon University will investigate new ways to leverage component-based architecture in reducing security threats. These new techniques integrate human security expert judgements with notions of composable security to identify interactions among security requirements that affect overall system assurance levels. The research is based on factorial vignettes and multi-level models that can detect significant interactions among components through human subject surveys. The results will be integrated into a decision support tool that will be evaluated based to assess the effect on DoD IA certification processes. This research will yield important public benefits to private sector companies who supply and consume the dual-purpose information technology (IT) used by the DoD and who are frequently subject to security threats from organized crime, foreign governments and stateless hackers. This IT increasingly makes use of new architectural paradigms, such as mobile and cloud-based platforms, that increase reuse and agility at the risk of decreased transparency across multi-party, distributed systems. The ability to rapidly and reliability certify IT components in multi-party IT systems will have important public benefits, including increased awareness of security requirements across suppliers, increased innovation that meets emerging demands by composing new systems from trusted components, and reduced costs from increased automation and agility of the workforce. If new technologies are not trusted, companies will continue to rely on outdated hardware and software that often limits information reuse and requires unnecessary redundancy. Research Plan: The key objectives of this work include: • Objective 1: To discover how security experts use architecture as a means to increase security assurance against known threats, and to deliver tools to support security assurance decision makers in assessing the level of security achieved. To realize our continuing research objective, we propose to complete the following tasks. • Task 1: Identify mobile and cloud-based architectures of increasing sophistication and challenge to DoD certification. These architectures will be used to evaluate the recent extensions to the Eddy language, in addition, to evaluate the impact of Eddy on the DoD risk management framework to enable downstream integration. We will collect these architectures by reviewing evidence of existing and proposed systems, including commonly used components, such as Android OS and Apache, among others. • Task 2. Collect security expert judgments about the security assurance levels of given architectures against known threats. These judgments will be collected using user surveys, factorial vignettes and multi-level modeling [12]. These techniques allow us to study interactions among security requirements to discern which combinations of requirements work together to mitigate threats. This approach differs from “checklist”-based approaches that treat security controls as independent factors. The results will be used to construct a model of security feature interactions.

Document Details

Document Type

DoD Grant Award

Publication Date

Mar 30, 2017

Source ID

N002441710012

Entities

Tags