Chair: Jody Heaney, The MITRE Corporation, USA
Dr. Duane Hybertson, The MITRE Corporation, USA
Dr. Ann Reedy, The MITRE Corporation, USA
Susan Chapin, The MITRE Corporation, USA
Malcolm Kirwan, The MITRE Corporation, USA
As the focus of software engineering has expanded from information technology supporting the department, to supporting the organization, and to supporting the enterprise, engineering communities have attempted to extend their focus using Enterprise Frameworks and Enterprise Architectures (EAs). Unfortunately in doing so, information assurance (IA) is seldom considered for inclusion in such frameworks and architectures. On the occasions when IA is included in the frameworks or architectures, it is not addressed in a complete and comprehensive manner. In addition, even when known IA solutions exist, they are often not effectively applied. Enterprise architects and systems/software engineers often do not know the basics of IA. Patterns have recently become common for conveying best practice approaches to development and integration for well-known technologies in the system and software engineering communities. However, the use of patterns to capture a full range of enterprise solutions and IA solutions is still very new.
This forum will provide lessons learned from a research and development effort to document IA best practices in patterns and to organize them within the context of Enterprise Frameworks and Architectures. Using the Zachman Framework as a starting point, the team has been developing an IA view that can be added to that framework. At the same time, the team also generated pattern templates that could be used to capture the best practices of IA usable to support the decision making process inherent in architecture development. Initial efforts have focused on the three traditional areas that are basic to any IA taxonomy: identification and authentication, accounting, and authorization. All forum participants have been key members of the team undertaking this effort.
Forum Speakers and Their Key Areas