CompositeStructure diagram: 8.3 Security Context Diagram
This diagram shows how the security controls identified in 8.3 are allocated to the rest of the functional architecture. Segment 1 functionality implements most of the security controls required for Segment 2 also. The main difference between Segment 1 and Segment 2 is the allocation of System and Communications Protection security controls to air-ground messages. These controls are allocated to 2.0 Ground Data Processing and 6.0 Airborne Data Processing.
CompositeStructure diagram: 8.3 Security
8.3.2 Audit & Accountability
Type: Component
Status: Proposed. Version 1.0. Phase 1.0.
Package: 8.0 Support Functions Keywords:
Detail: Created on 2/28/2007. Last modified on.2/28/2007.
GUID: {00878F86-5A87-4130-81BC-9CF72A41D642}
The Audit and Accountability security control family ensures that all activity on the information system is audited (i.e., logged and reviewed) and that users are accountable for their actions.
Audit and Accountability addresses the following functional areas:
1. Auditable events;
2. Content of audit records;
3. Audit reduction and report generation;
4. Protection of audit information; and
5. Audit retention.
Typical implementations of the Audit and Accountability security family include:
1. Syslog (provided by the operating system); and
2. Application security events.
8.3.5 System & Information Integrity
Type: Component
Status: Proposed. Version 1.0. Phase 1.0.
Package: 8.0 Support Functions Keywords:
Detail: Created on 2/28/2007. Last modified on.2/28/2007.
GUID: {8DC40BCF-4A51-498b-8EC3-A2D6CC980ACD}
The System and Information Integrity security control family ensures that the information system and the information it processes are protected from unauthorized changes, whether malicious or unintentional.
System and Information Integrity addresses the following functional areas:
1. Malicious code protection;
2. Intrusion detection;
3. Security functionality verification; and
4. Software and information integrity;
Typical implementations of the System and Information Integrity security family include:
1. Checksums;
2. File system integrity tools (e.g., Tripwire); and
3. Anti-virus and anti-spam tools.
Note that intrusion detection is addressed with the System and Communications Protection security family for the purposes of this functional architecture.
8.3.4 System & Communications Protection
Type: Component
Status: Proposed. Version 1.0. Phase 1.0.
Package: 8.0 Support Functions Keywords:
中国航空网 www.aero.cn
航空翻译 www.aviation.cn
本文链接地址:Functional Architecture for the Data Communication System(92)
