Jump to content

英文维基 | 中文维基 | 日文维基 | 草榴社区

Information Assurance Technology Analysis Center

From Wikipedia, the free encyclopedia

IATAC logo

Information Assurance Technology Analysis Center (IATAC) is a United States Department of Defense (DoD) Government Organization.[1] IATAC is an Information Assurance and Cyber Security (CS) Information Analysis Center (IAC), which is administered by the Defense Technical Information Center (DTIC).[2][3]

IATAC aims to provide knowledge needed to develop network defenses in a timely manner. IATAC has an IA scope including research, acquisition, testing, demonstration, operational implementation or logistics. IATAC provides access to IA/CS, Defensive Information Operations (DIO), and Defensive Information Warfare (DIW) security tools, situational awareness resources, and training.[4] This organization was consolidated into the Cyber Security and Information Systems Information Analysis Center (CSISAC).

IATAC's mission,[5] like the other IACs in the DTIC IAC Program, is: “To provide the Department of Defense (DoD) a central point of access for information on IA and CS (IA/CS), emerging technologies in system vulnerabilities, research and development, models, and analysis to support the development and implementation of effective defense against Information Warfare (IW) attacks."[6]

IATAC's main goal is to synchronize IA/CS across DoD, academia, and industry.

History

[edit]

IATAC was established under the direction of DTIC and the sponsorship of the Assistant Secretary of Defense Research and Engineering (ASD(R&E)),[7] Assistant to Secretary of Defense/Networks and Information Integration,[8] and the Joint Staff.[9]

IATAC serves as a source for IA/CS vulnerability data, information, methodologies, models, and analyses of technologies relating to the survivability, authenticity, and continuity of operation of DoD information systems.

IATAC, along with the other IACs, supports DTIC's Scientific and Technical Information Program (STIP).[10]

Steering Committee

[edit]

IATAC operates under the direction of a Government Steering Committee. The committee is made up of individuals from Government, DoD and the research and development (R&D) community, including representation from the Defense Information Assurance Program (DIAP), National Security Agency (NSA),[11] Naval Postgraduate School (NPS),[12] Office of the Secretary of Defense (OSD), and others. The Steering Committee meets annually and provides input and feedback to IATAC's operations, particularly the collection of information and information dissemination efforts. The Steering Committee also selects which technical reports IATAC will research and produce.[13]

Sponsors

[edit]

IATAC is a U.S. Department of Defense Information Analysis Center (IAC)[14] sponsored by DTIC, and ASD(R&E).[15]

Services

[edit]

Technical Inquiries

[edit]

IATAC provides a 4-hour free Technical Inquiry research service for government employees, military service members, government contractors, and all DTIC-registered users. This research service is designed to answer relevant IA/CS questions.[16]

Subject Matter Expert (SME) Program

[edit]

IATAC coordinates a Subject Matter Expert (SME) Program that facilitates the sharing of information among IA/CS SMEs across government, industry, and academia.[17] Through its network, IATAC’s SMEs are a resource for responding to technical inquiries, authoring articles for the IAnewsletter, and providing input and feedback on IATAC reports.

Scientific and Technical Information (STI) Program

[edit]

IATAC collects IA/DIO related STI to share with the DoD, other federal agencies, their contractors, and the research and engineering (R&E) community. The STI program is governed by DoD Directive 3200.12, DoD STI Program.[18]

Currently, IATAC has thousands of IA/DIO-related documents in their technical repository.[19] This collection is a combination of both classified and unclassified material. All of IATAC's documents are uploaded to DTIC Online Access Control (DOAC),[20] which is an online repository of STI from all of DTIC's IAC's.[21]

IATAC's library facilitates knowledge sharing between diverse groups and organizations, and all STI is readily accessible to the IA/DIO community within the classification and secondary distribution instructions.[22]

All STI collected by IATAC is relevant to IA/CS research, development, engineering, testing, evaluation, production, operation, use, or maintenance. STI is collected in many forms including text-based documents, multimedia, and rich media files. Some topic areas include: Biometrics, Computer Network Attack, Computer Network Defense, Cyber Terrorism, Hacking, Information Warfare, Network-centric Warfare, Malicious Code, Product Evaluations, among others. IATAC collects unclassified submissions from across all of the IA/CS community.

Information Assurance Training

[edit]

IATAC offers IA, DIO, and IW related training courses to government and the DoD. Some of these courses include: Introduction to the Law in Cyberspace, Introduction to Network Operations (NetOps), Applied Global Information Grid (GIG) Operations to NetOps, and NetOps 300 Training Course. Mobile Training Teams conduct all of IATAC's courses; an IA subject matter expert (SME) travels to each organization and conducts training for large groups.[16]

Conference and Event Planning

[edit]

IATAC exhibits at and participates in conferences, symposiums, and technical meetings. These forums provide a setting for discussion to government, industry, and academic organizations.[23]

Products

[edit]

Reports

[edit]

IATAC publishes three types of reports on current IA/CS topics:

State-of-the-art (SOAR) Reports investigate developments in IA issues. Past SOAR topics include: Insider Threat,[24][25] Software Security Assurance,[26] Risk Management for the Off-the-Shelf Information Communications Technology Supply Chain,[27] and Measuring Cyber Security and Information Assurance.[28]

Critical Reviews and Technology Assessments (CR/TA) evaluate and synthesize the latest available information resulting from recent R&D findings. They offer comparative assessments of technologies and/or methodologies based on specific technical characteristics.[29] Topics include Wireless Wide Area Network (WWAN) Security, Network-Centric Warfare, and Biotechnology.

Tools Reports outline a current technology and provide an objective listing of currently available products.[30] Topics for tools reports include Firewalls, Vulnerability Assessment, Intrusion Detection System, and Malware.

IAnewsletter

[edit]

The IAnewsletter is a quarterly publication mailed out in hard copies and is available on the Web. It features articles from the IA/CS community. Past editions have focused on topics such as Cloud Computing[31] and Security Content Automation Protocol (SCAP).[32] The articles published are solicited from such organizations as OSD/Joint Staff, the Combatant Commands, Services, Systems Commands, Government R&D Labs, and Academia.[16]

IA Digest

[edit]

The IA Digest is a weekly news summary for IA professionals across the government, industry, and academia. It is transmitted in an HTML formatted email, as an RSS feed, and is available on the Web. It provides hot links to articles and news summaries across a spectrum of IA and DIO topics.[33]

Cyber Events Calendar

[edit]

The Cyber Events Calendar is a monthly email containing an online calendar of IA/CS events that includes both conferences and relevant training workshops. The Cyber Events Calendar is also available as an RSS feed or as HTML viewable from the IATAC website.[34]

Research Update

[edit]

The IATAC Research Update is a quarterly email publication primarily for the academic community. It provides information on IATAC's R&D efforts from the past quarter.[35]

References

[edit]
  1. ^ "IATAC (Nov-2008)" (PDF). March 2022. Archived from the original (PDF) on July 27, 2014.
  2. ^ "DTIC Home Page". Dtic.mil. Archived from the original on March 16, 2009. Retrieved July 17, 2014.
  3. ^ Article title [bare URL PDF]
  4. ^ "DTIC and IATAC- Resources for the War on Cyber Terrorism". Infosecisland.com. July 30, 2010. Retrieved November 22, 2011.[permanent dead link]
  5. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. Archived from the original on August 30, 2007. Retrieved July 17, 2014.
  6. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. Archived from the original on August 30, 2007. Retrieved November 22, 2011.
  7. ^ http://www.acq.osd.mil/chieftechnologist/index.html%2[permanent dead link]
  8. ^ "cio-nii.defense.gov". cio-nii.defense.gov. January 22, 2013. Archived from the original on May 28, 2011. Retrieved July 17, 2014.
  9. ^ "jcs.mil". jcs.mil. Retrieved July 17, 2014.
  10. ^ Article title [bare URL PDF]
  11. ^ "nsa.gov". nsa.gov. Retrieved July 17, 2014.
  12. ^ "nps.edu". nps.edu. Retrieved July 17, 2014.
  13. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. February 11, 1998. Archived from the original on August 30, 2007. Retrieved November 22, 2011.
  14. ^ "iac.dtic.mil". iac.dtic.mil. Archived from the original on July 25, 2014. Retrieved July 17, 2014.
  15. ^ "IAC : Information Analysis Centers". Iac.dtic.mil. Archived from the original on July 25, 2014. Retrieved November 22, 2011.
  16. ^ a b c "Defensive Cyber Security - IATAC's Critical Role in Information Assurance and Cyber Security". Journal.thedacs.com. Retrieved November 22, 2011.
  17. ^ "State of the IA Art" (PDF). Military-information-technology.com. October 9, 2011. Archived from the original (PDF) on April 21, 2012. Retrieved November 22, 2011.
  18. ^ http://biotech.law.lsu.edu/blaw/dodd/corres/pdf2/d320012p.pdf [bare URL PDF]
  19. ^ http://www.surviac.wpafb.af.mil/iatac/download/Vol7_No4.pdf Archived April 25, 2012, at the Wayback Machine [bare URL PDF]
  20. ^ "DTIC Online Access Controlled". Archived from the original on October 23, 2011. Retrieved October 31, 2011.
  21. ^ "DTIC Online Access Controlled". Dtic.mil. Archived from the original on October 23, 2011. Retrieved November 22, 2011.
  22. ^ Goertzel et al. (2010) IATAC's Critical Role in Cyber Security, SoftwareTech News, Vol. 13 No. 2
  23. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. Archived from the original on December 25, 2003. Retrieved November 22, 2011.
  24. ^ Gabrielson et al. (2008) The Insider Threat to Information Systems, An IATAC State-of-the-Art Report.
  25. ^ "Archived copy" (PDF). Archived from the original (PDF) on October 19, 2011. Retrieved November 14, 2011.{{cite web}}: CS1 maint: archived copy as title (link)
  26. ^ "Archived copy" (PDF). Archived from the original (PDF) on September 14, 2012. Retrieved November 2, 2011.{{cite web}}: CS1 maint: archived copy as title (link)
  27. ^ Goertzel et al. (2010) Security Risk Management for Off-the-Shelf (OTS) Information and Communications Technology (ICT) Supply Chain, An IATAC State-of-the-Art Report.
  28. ^ Article title [bare URL PDF]
  29. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. Archived from the original on September 12, 2007. Retrieved November 22, 2011.
  30. ^ "Report". Iac.dtic.mil. Archived from the original on September 12, 2007. Retrieved July 17, 2014.
  31. ^ https://web.archive.org/web/20111019020917/http://iac.dtic.mil/iatac/download/Vol13_No2.pdf. Archived from the original (PDF) on October 19, 2011. Retrieved November 7, 2011. {{cite web}}: Missing or empty |title= (help)
  32. ^ https://web.archive.org/web/20120425070055/http://iac.dtic.mil/iatac/download/Vol14_No4.pdf. Archived from the original (PDF) on April 25, 2012. Retrieved November 7, 2011. {{cite web}}: Missing or empty |title= (help)
  33. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. Archived from the original on December 20, 2003. Retrieved November 22, 2011.
  34. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. Archived from the original on May 25, 2011. Retrieved November 22, 2011.
  35. ^ "IATAC - Information Assurance Technology Analysis Center". Iac.dtic.mil. Archived from the original on September 27, 2006. Retrieved November 22, 2011.
[edit]