Certification and Accreditation: A Program for Practitioner Education

ABSTRACT

Large complex systems need to be analyzed prior to operation so that those depending upon them for the protection of their information have a well-defined understanding of the measures that have been taken to achieve security and the residual risk the system owner assumes during its operation. The U.S. military calls this analysis and vetting process certification and accreditation. Today there is a large, unsatisfied need for personnel qualified to conduct system certifications. An educational program to address those needs is described.


AUTHORS

Karen Burke

Associate Research Professor, Department of Computer Science, Naval Postgraduate School, Monterey, California
USA

Karen L. Burke is a Research Associate Professor in the Department of Computer Science at the Naval Postgraduate School. She has 16+ years as an information system security engineer with the US Air Force and in private industry. She has developed Information Assurance policies and guidance, has performed accreditations, and has been a team member on the development of multilevel secure systems. She is currently constructing courses and lectures in certification and accreditation. She is a member of the Armed Forces Communications and Electronics Association.

Craig Rasmussen

Associate Professor, Department of Applied Mathematics, Naval Postgraduate School, Monterey, California
USA

Craig W. Rasmussen is an Associate Professor in the Department of Applied Mathematics at the Naval Postgraduate School, where he has been since 1991. For most of the intervening years, his principal research interest has been graph theory. He has more recently developed a keen interest in applications of mathematics to information assurance and secure communications. He is a member of the Society for Industrial and Applied Mathematics, the American Mathematical Society, and the Mathematical Association of America.

Cynthia Irvine

Director, Center for Information System Security Studies and Research (CISR);
Associate Professor, Department of Computer Science, Naval Postgraduate School, Monterey, California
USA

Cynthia E. Irvine is an Associate Professor of Computer Science at the Naval Postgraduate School and Director of the Center for Information System Security Studies and Research (CISR). She has spent the past 16 years developing theory for, design, implementation, and analysis of high assurance secure systems. She has developed security aware applications for high assurance systems and currently leading the development of separation kernel intended for EAL7 evaluation. She has authored over 70 papers in the area of trusted computing. Dr. Irvine is a senior member of the IEEE, a member of the Association for Computing Machinery, the American Astronomical Society and a Life Member of the Astronomical Society of the Pacific.

George Dinolt

Associate Professor, Department of Computer Science, Naval Postgraduate School, Monterey, California
USA

George W. Dinolt is an Associate Professor of Computer Science at the Naval Postgraduate School. Dr. Dinolt has 20+ years as a researcher and developer in the area of computer security in academia and in industry. His principal research focus is mathematical models of security. He has been a security architect on several projects and was part of a team that developed a very high assurance system for the US Department of Defense, where he also developed the mathematical models of security for the system.

Timothy Levin

Associate Research Professor, Department of Computer Science, Naval Postgraduate School, Monterey, California
USA

Timothy E. Levin is an Associate Research Professor at the Naval Postgraduate School. He has spent over 17 years working in all aspects of secure computer systems research and development, including the design of security features and formal verification for A1 operating systems and relational database management systems. His current research interests include management and quantification of security in heterogeneous networks, data integrity in distributed systems, and the application of formal methods to secure computer systems. Mr. Levin is a member of the Association for Computing Machinery and International of Electrical and Electronics Engineers.


Published In

Volume 2, Issue 3

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

(

2

3

4

8

9

A
AI
APT

a

B

C
C2
C2S
CDX
CIA
CIP
CPS

D
DNS
DoD
DoS

E

e

F

G

H

I
IA
ICS

i

J

K

L

M

N

O

P

Q

R

S
SOA

T

t

U

V

W

X
XRY

Y

Z

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com