Information Asymmetry in Classified Cross Domain System Security Accreditation
The difficulty of cross domain systems security accreditation lies inherent in the fact that, by definition, such systems always span at least one boundary between security domains controlled by different data owners. Consequently, approved solutions regularly encounter security testing criteria tha...
| Main Author: | |
|---|---|
| Format: | Conference item |
| Published: |
Rennes‚ France
2015
|
| _version_ | 1826278667248992256 |
|---|---|
| author | Loughry, J |
| author_facet | Loughry, J |
| author_sort | Loughry, J |
| collection | OXFORD |
| description | The difficulty of cross domain systems security accreditation lies inherent in the fact that, by definition, such systems always span at least one boundary between security domains controlled by different data owners. Consequently, approved solutions regularly encounter security testing criteria that represent the duplicated responsibility for residual risk of multiple security accreditors. Each data owner perceives a site-specific set of risks that would be desirable to mitigate, a technology-dependent set of risks that it is possible to mitigate, and a residual risk it is felt acceptable not to mitigate. Time and cost inefficiency in cross domain system accreditation are shown to originate f |
| first_indexed | 2024-03-06T23:47:22Z |
| format | Conference item |
| id | oxford-uuid:7167890c-b992-41a4-a027-51d9525725fd |
| institution | University of Oxford |
| last_indexed | 2024-03-06T23:47:22Z |
| publishDate | 2015 |
| publisher | Rennes‚ France |
| record_format | dspace |
| spelling | oxford-uuid:7167890c-b992-41a4-a027-51d9525725fd2022-03-26T19:43:26ZInformation Asymmetry in Classified Cross Domain System Security AccreditationConference itemhttp://purl.org/coar/resource_type/c_5794uuid:7167890c-b992-41a4-a027-51d9525725fdDepartment of Computer ScienceRennes‚ France2015Loughry, JThe difficulty of cross domain systems security accreditation lies inherent in the fact that, by definition, such systems always span at least one boundary between security domains controlled by different data owners. Consequently, approved solutions regularly encounter security testing criteria that represent the duplicated responsibility for residual risk of multiple security accreditors. Each data owner perceives a site-specific set of risks that would be desirable to mitigate, a technology-dependent set of risks that it is possible to mitigate, and a residual risk it is felt acceptable not to mitigate. Time and cost inefficiency in cross domain system accreditation are shown to originate f |
| spellingShingle | Loughry, J Information Asymmetry in Classified Cross Domain System Security Accreditation |
| title | Information Asymmetry in Classified Cross Domain System Security Accreditation |
| title_full | Information Asymmetry in Classified Cross Domain System Security Accreditation |
| title_fullStr | Information Asymmetry in Classified Cross Domain System Security Accreditation |
| title_full_unstemmed | Information Asymmetry in Classified Cross Domain System Security Accreditation |
| title_short | Information Asymmetry in Classified Cross Domain System Security Accreditation |
| title_sort | information asymmetry in classified cross domain system security accreditation |
| work_keys_str_mv | AT loughryj informationasymmetryinclassifiedcrossdomainsystemsecurityaccreditation |