Author :
Buck, Kevin ; Das, Prasant ; Hanf, Diane
Abstract :
Offering functionality and data in a secure manner poses significant challenges for Government enterprises that are embracing approaches, such as Service- Oriented Architectures (SOA), especially when there is a desire to promote information sharing across functional, organizational, or Community of Interest (COI) boundaries. Many Government organizations evaluate Implementation of security measures against the risk that a particular vulnerability will be exploited by a particular threat. Informed Information security Investment decisions are made based upon analysis of cost, benefit, schedule, performance, and risk tradeoffs. The Investment decision-making space for Information security In a web-based, service-oriented environment is explored in this paper, and methods for evaluating operational, economic and performance implications are considered. This paper discusses the value and practicality of applying Return-on-Investment (ROI) analysis for Government information security investment decision-making, especially when information sharing is a key success driver. Recommendations are based upon preliminary findings of a MITRE Mission-Oriented Investigation and Experimentation (MOIE) effort related to SOA Performance Measures Expression In Performance-Based Acquisition (PBA) Vehicles.
Keywords :
Web services; decision making; government data processing; security of data; software architecture; government organization; information security investment decision making; information sharing; mission-oriented investigation; performance-based acquisition vehicles; return-on-investment analysis; service-oriented architecture; Cost benefit analysis; Data security; Decision making; Government; Information analysis; Information security; Investments; Particle measurements; Semiconductor optical amplifiers; Service oriented architecture;