Upload
aamir97
View
270
Download
4
Tags:
Embed Size (px)
Citation preview
DJM-
Enterprise Architecture—Enterprise Architecture—an Enabler ofan Enabler of
Secure E-GovernmentSecure E-Government
SecurE-Biz SummitApril 1-2, 2003
Federal Aviation Administration
Dan Mehan, Ph.D. Assistant Administrator for
Information Services and Chief Information Officer
4/2/03 2DJM-
FAA’s Enterprise Architecture LiftoffFAA’s Enterprise Architecture Liftoff
Enterprise Architecture
Forces of Change
Multiple Layered Protection
Information Technology Landscape
4/2/03 3DJM-
President’s Management AgendaPresident’s Management Agenda
• 1st Priority: Make Government citizen-centered
• 5 Key Components:1. Strategic Management of
Human Capital
2. Improved Financial Performance
3. Expanded Competitive Sourcing
4. Electronic Government
5. Budget and Performance
Integration
4/2/03 4DJM-
E-Government DriversE-Government Drivers
Customer Demand TechnologicalAdvances
Cost and TimePressures
StatutoryMandates
Progress
4/2/03 5DJM-
E-Government Key ComponentsE-Government Key Components
IT Program Management
Capital Planning & Investment ControlCyber Security
Web Enablement
Enterprise Architecture
4/2/03 6DJM-
FAA’s JobFAA’s Job
• ~ 500 FAA Managed Air Traffic Control Towers
• ~ 180 Terminal Radar Control Centers
• 20 Enroute Centers
• ~ 60 Flight Service Stations
• ~ 40,000 Radars, NAVAIDs, Radios, etc.
Manage 35,000 commercial flights to move 2,000,000 passengers safely each daySupport more than 35,000 general aviation flights on a daily basisRegulate and certify the people and aircraft that use our airspace
4/2/03 7DJM-
FAA’s Enterprise Architecture LiftoffFAA’s Enterprise Architecture Liftoff
Enterprise Architecture
Forces of Change
Multiple Layered Protection
Information Technology Landscape
4/2/03 8DJM-
UbiquitousAvailability of Information
EconomicConstraints
Forces of ChangeForces of Change
Information AgeTechnologyCOTS/TCP-IP
Increased ActivityFrom Organized Groups And Nation States
4/2/03 9DJM-
Security and the Evolving ThreatsSecurity and the Evolving Threats
Sophistication of Hacker Tools
Sophistication of Hacker Tools
1990199019801980
Packet Forging/ Spoofing
Packet Forging/ Spoofing
Password GuessingPassword Guessing
Self Replicating CodeSelf Replicating Code
Password CrackingPassword Cracking
Exploiting Known Vulnerabilities
Exploiting Known Vulnerabilities
Disabling AuditsDisabling Audits
Back DoorsBack DoorsHijacking SessionsHijacking Sessions
SweepersSweepersSniffersSniffers
Stealth DiagnosticsStealth Diagnostics
Hacker Technical Knowledge Required
Hacker Technical Knowledge Required
HighHigh
LowLow20002000
Internet WormsInternet Worms
4/2/03 10DJM-
Incidents ReportedIncidents Reported
22000
1100
53000
2400
82000
4100
0
10000
20000
30000
40000
50000
60000
70000
80000
90000
2001 2002 2003
IncidentsVulnerabilities
Source: CERT/CC
4/2/03 11DJM-
FAA’s Enterprise Architecture LiftoffFAA’s Enterprise Architecture Liftoff
Enterprise Architecture
Forces of Change
Multiple Layered Protection
Information Technology Landscape
4/2/03 12DJM-
Protect the FAA’s information infrastructure and help the aviation industry reduce security risks through leadership in innovative information assurance initiatives
Respond Plan
Protect
CIO’s Cyber Security MissionCIO’s Cyber Security Mission
Detect
4/2/03 13DJM-
FAA’s 5 LayersFAA’s 5 Layers of System Protection of System Protection
AuthenticationAccess ControlConfidentiality
Integrity
Availability
Public Key InfrastructureBiometrics
Enterprise Architecture
Analytical Tool Sets
Encryption
Smart Cards
Architecture & EngineeringPersonnel
Security
Physical Security
Cyber Hardening of
System and Network
Elements
Compartmentalization
Redundancy
Certification & Authorization
Education
Incident Response Capability
Scanning for Compliance
Boundary Protection
Policy
Awareness & Execution
4/2/03 14DJM-
Securing Individual SystemsSecuring Individual SystemsNational Information AssuranceNational Information AssuranceCertification and AccreditationCertification and Accreditation
Program (NIACAP)Program (NIACAP)
NegotiationCertification ReqmtsReview
Phase 1
Mission Needs,Risks, Reqmts
Phase 2
Phase 3
Phase 4
Developer
Operator
Certifier
User Rep
Initial Certification Analysis
System Operation
Certify System &Develop Recommendation
Nationally Recognized Process
Security Requirements ReviewDuring Milestone Zero
Cradle to Grave Program
4/2/03 15DJM-
INT
ER
NE
T
FA
A In
tern
et
Ac
ces
s P
oin
ts (
8)
E-M
ail
Se
rver
sN
EX
GE
N (
12
)Agency Data Telecommunications Network
w/ IDS, Hardened RoutersFirewall &Antiviral
Firewall &Antiviral
RegionalOffice
RegionalOffice
Intrusion Detection SystemFirewall
Hardened RouterAntiviral
Access Control List AntiviralAccess Control List
Boundary ProtectionBoundary Protection
4/2/03 16DJM-
COMPUTER SECURITY INCIDENT RESPONSE CENTER (CSIRC)
Protect the information infrastructure
Detect anomalous traffic
Respond to any intrusion that threatens to impede operations
Recover and restore affected systems in a timely fashion
Detect
Protect
Recover
Respond
4/2/03 17DJM-
How to Invest Scarce ResourcesHow to Invest Scarce Resources
BoundaryProtection
Vulnerability Scanning
Insider/Outsider ThreatIntrusion Detection
SystemCertification
Transport/Application LayerVPNs
Firewalls
Anti-viral
4/2/03 18DJM-
FAA’s Enterprise Architecture LiftoffFAA’s Enterprise Architecture Liftoff
Enterprise Architecture
Forces of Change
Multiple Layered Protection
Information Technology Landscape
4/2/03 19DJM-
Enterprise Architecture FrameworkEnterprise Architecture Framework
BusinessArchitecture
ApplicationsArchitecture
TechnologyArchitecture
DataArchitectureN
AS
Ope
ratio
ns
Mis
sion
Sup
port
Adm
inis
trativ
eArchitectural
Segments
Standards
Transitional Processes
CurrentArchitecture
StrategicDirectionStrategicDirection
BusinessDriversDesignDrivers
BusinessDriversDesignDrivers
ArchitectureDrivers
Security
Data
Technology
InvestmentReview
Architectural ModelsMarket
ResearchAsset
Management
TargetArchitecture
4/2/03 20DJM-
• Establishes Agency-wide roadmap to achieve an efficient IT environment
• Three Segments– NAS Operations
– Mission Support
– Administrative
• Acquisition Management System
• Joint Resources Council
• Portfolio Management• Exhibit 300s
Enterprise Architecture
Capital Planning
&
4/2/03 21DJM-
FAA Database EvolutionFAA Database Evolution
FAA DataRegistry(FDR)Data
Standards
FAA MetadataRepository
(MDR)Legacy Metadata
ConsolidatedDatabases
Single Sourcesof Data
Multiple Sources of Data
4/2/03 22DJM-
Enterprise Architecture—Enterprise Architecture—Key to Secure E-BusinessKey to Secure E-Business
Web Enablement
ProcessImprovement
EnterpriseArchitecture
RiskManagement
Multi-LayeredDefense
SystemOptimization
IT Program Management
Capital Planning & Investment
Control
Cyber Security
Web Enablement
Enterprise Architecture
4/2/03 23DJM-
Major ThemesMajor Themes
• E-Government will define the way we communicate among ourselves and with others
• Technology is enabling us to enhance the way we manage and share information
• Securing the critical cyber infrastructure is a must for E-Government to flourish
• Enterprise Architecture will be a key driver and enabler to optimize FAA investment
Web Enablement
ProcessImprovement
EnterpriseArchitecture
RiskManagement
Multi-LayeredDefense
SystemOptimization