This course explores concepts and issues pertaining to information assurance architectures (IAA) and technologies, such as cryptographic commercial issues, layered security architecture, defense in depth, methods and technologies for critical infrastructure cybersecurity, cloud-computing security architecture, and IAA and technologies applications. Defense in depth is presented as a subset of NIST (National Institute of Standards and Technology) Systems Security Engineering multidisciplinary guidance for the engineering of trustworthy secure systems. Topics include the NIST Framework for Improving Critical Infrastructure Cybersecurity; critical information infrastructure protection (CIIP); U.S. Comprehensive National Cybersecurity Initiative (CNCI) Trusted Internet Connections (TIC) Reference Architecture; and multi-agency security information and event management (SIEM) issues. Commercial IAA examples of network security architecture and SIEM are also discussed for integrated enterprise wired and wireless services. The relationships of IAA and technologies with selected multitier architectures are discussed for applications such as risk management and enterprise architecture (EA) disciplines, security for virtualized environments, secure software engineering for services, and secure telecommunication for transport. IAA multitier architecture issues are illustrated with cases, such as a NIST-recommended three-tier approach for organization-wide risk management and a three-tier security controls architecture developed for cybersecurity standards for critical infrastructure protection that is compatible with guidance from NIST. Selected applied IAA and technologies are examined in large-scale programs, such as CNCI TIC; the Federal Aviation Administration (FAA) System Wide Information Management (SWIM) Program; and NIST Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements.
695.401 Foundations of Information Assurance or equivalent, and 605.471 Principles of Data Communications Networks or 635.411 Principles of Network Engineering.