Title :
Implementing security policy in a large defence procurement
Author :
Nash, M.J. ; Kennett, R.J.
Author_Institution :
Gamma Secure Syst. Ltd., Camberley, UK
Abstract :
At the 1993 ACSAC conference a previous paper was presented describing the security policy developed for a large, integrated defence procurement, the United Kingdom Royal Air Force Logistics Information Technology System (LITS). The current paper describes some of the practical difficulties encountered in implementing that security policy during subsequent stages of the LITS system development. Issues discussed include the difficulties of “future proofing” a security infrastructure in the real world where user security requirements can and do change in ways that were not anticipated, the tension between security policy requirements and cost effective security solutions, and the conflict between labelling data and the use of untrusted applications
Keywords :
logistics data processing; security of data; United Kingdom Royal Air Force Logistics Information Technology System; cost effective security solutions; future proofing; labelling data; large defence procurement; security infrastructure; security policy; security policy requirements; untrusted applications; user security requirements; Computer security; Costs; Data security; Information security; Information technology; Labeling; Logistics; Procurement; Protection; Terminology;
Conference_Titel :
Computer Security Applications Conference, 1996., 12th Annual
Conference_Location :
San Diego, CA
Print_ISBN :
0-8186-7606-X
DOI :
10.1109/CSAC.1996.569665
