Evaluating information assurance strategies

Decision Support Systems

Volumn 39, Issue 3, 2005, Pages 463-484

  Hamill, J Todd ^a,b   Deckro, Richard F ^a   Kloeber Jr , Jack M ^a  

^a AIR FORCE INSTITUTE OF TECHNOLOGY   (United States)

^b USAF   (United States)

Author keywords

Computer security; Decision analysis; Information assurance; Information technoiogy

Indexed keywords

COMPUTER HARDWARE; COMPUTER NETWORKS; DECISION MAKING; DECISION THEORY; INFORMATION DISSEMINATION; NETWORK PROTOCOLS; SECURITY OF DATA;

INFORMATION ASSURANCES; INFORMATION SYSTEMS; OPERATIONAL CAPABILITIES;

INFORMATION TECHNOLOGY;

EID: 10644257873     PISSN: 01679236     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.dss.2003.11.004     Document Type: Article

References (24)

1. D.S. Alberts, Defensive Information Warfare, National Defense University, Institute for National Strategie Studies, The Center for Advanced Concepts and Technology, Washington, 1996 (August).
2. R.H. Anderson, P.M. Feldman, S. Gerwehr, B. Houghton, R. Mesic, J.D. Pinder, J. Rothenberg, J. Chiesa, Securing the U.S. Defense Information Infrastructure: A Proposed Approach, RAND, Santa Monica, 1999.
3. R.T. Clemen, Making Hard Decisions, Brooks/Cole Publishing, Pacific Grove, CA, 1996.
4. Computer Emergency Response Team/Coordination Center (CERT/CC). CERT/CC Statistics: 1998-2001, Carnegie Mellon Software Engineering Institute (Excerpt from published report, http://www.cert.org/stats/cert_stats.html#incidents), Pittsburgh, 2003 (14 Oct).
5. C.C. Davis, R.F. Deckro, J.A. Jackson, A Methodology for Evaluating and Enhancing C4 Networks, Military Operations Research 4 (2) (1999) 45-60.
6. Department of Defense, Joint Chiefs of Staff, Joint Publication 3-13, Joint doctrine for Information Operations, Pentagon, Washington, 1998 (9 Oct).
7. Department of Defense, Joint Chiefs of Staff, Joint Publication 1-02, Department of Defense Dictionary of Military and Associated Terms, Pentagon, Washington. 1999 (amended through 29 June).
8. Department of Defense, Joint Chiefs of Staff, Information Assurance: Legal, Regulatory, Policy and Organizational Legal, Regulatory, Policy and Organizational Considerations, (Fourth Edition), Pentagon, Washington, 1999 (August 1999).
9. Department of the Air Force, Identification and Authentication, AFMAN 33-223, HQ USAF, Washington, 1998 (1 June).
10. M.P. Doyle, R.F. Deckro, J. Kloeber, J.A. Jackson, Measures of merit for offensive information operations courses of action, Military Operations Research 5 (2) (2000) 5-18.
11. W. Edwards, F.H. Barron, SMARTS and SMARTER: Improved Simple Methods for Multiattribute Utility Measurement, Organizational Behavior and Human Decision Processes 60 (1994) 306-325.
12. B. Gertz, Computer hackers could disable military, The Washington Times, (1998 April 16) A1.
13. J.T. Hamill, Modeling Information Assurance: A Value Focused Thinking Approach, Masters Thesis, AFIT/GOR/ENS/00M-15, Air Force Institute of Technology, Wright-Patterson AFB, OH, 2000 (March).
14. J.T. Hamill, R.F. Deckro, J. Kloeber, "A Strategy for Information Assurance," Technical Report number 2000-02, Center for Modeling, Simulation, and Analysis, Air Force Institute of Technology, Wright-Patterson AFB, OH, 2000 (September).
15. Information Operations Symposium: Key Technologies for Information Assurance, San Diego, CA, 1999 (26-28 October).
16. R.L. Keeney, Using values in operations research, Operations Research, (1994 (September-October)) 793-813.
17. R.L. Keeney, Value Focused Thinking: A Path to Creative Decisionmaking, Harvard Univ. Press, Cambridge, 1998.
18. R.L. Keeney, H. Raiffa, Decisions with Multiple Objectives: Preferences and Value Tradeoffs, Cambridge Univ. Press, Cambridge, 1976.
19. C.W. Kirkwood, Strategic Decision Making: Multiobjective Decision Analysis with Spreadsheets, Duxbury Press, Belmont, 1997.
20. T.A. Longstaff, J.T. Ellis, S.V. Hernan, H.F. Lipson, R.D. McMillan, L.H. Pesante, D. Simmel, Security of the Internet, Carnegie Mellon University, Software Engineering Institute (Excerpt from published article, http://www.cert.org/encyc_article/tocencyc.html) Pittsburgh, 1997.
21. R.D. Materna, Assessing the Value of Information Technology, Strategic Consulting Group, NCR, Dayton, 1992 (March).
22. National Computer Security Center (NCSC), Accreditor's Guideline, NCSC-TG-032, Version 1.6, 1997 (March).
23. National Security Telecommunications and Information Systems Security Committee (NSTISSI), National Information Systems Security (INFOSEC) Glossary (Revision 1), NSTISSI No. 4009, National Security Agency, Fort Meade, 1999 (January).
24. President's Commission on Critical Infrastructure Protection (PCCIP), Critical Foundations: Thinking Differently, GPO, Washington, 1997 (October).