View DNDAF:SecV-2 Data Element Security Matrix Subview

dnd.gif

Title

SecV-2 Data Element Security Matrix Subview

Version & Date

1.7 See DNDAF Release History

* =  changed at 1.7
+ =  new at 1.7

Introduction *

The SecV-2 subview is part of the DNDAF Security View. There are in 36 subviews defined in the DNDAF.

From DND/CF Architecture Framework (DNDAF)  Volume 2: DND/CF Views and Sub-Views:

The Security View-2 (SecV-2): Data Element Security Matrix is a listing of all significant Data Elements used by the System Data Exchanges (SV6) in the architecture project, along with its security parameters. The security risk implications of the content of the Data Elements must be known, before the access to these Data Elements can be controlled.

A Data Element is a basic unit of information built on standard structures having a unique meaning and distinct units or values. To provide proper information assurance, the security level of any report or automated output must be at least as high as the classification of any Data Element on the report. To facilitate the analysis of the security vulnerabilities of the Data Element in focus, an inventory of assessed Data Elements and their security parameters are required.

Each System Data Exchange requires the documentation of its security parameters.

It is assumed that the security classification of a SV6 is based on the fact that it contains one or more Data Elements of that security level, but no current view links the SV6 to the Data Element, thus the SV6’s security classification cannot be verified or validated. In the worst case a SV6 may have a security classification that is less than that of a Data Element in which it is contained. The SecV-2 requires that the classified Data Elements in a specific SV6 be listed.

Purpose *

From DND/CF Architecture Framework (DNDAF)  Volume 2: DND/CF Views and Sub-Views:

The SecV-2 is used to document the security classification of the data elements used in a given architecture design.Upon completion, this sub-view will provide the security information of the Data Elements to the architect and designer to be able to correctly assess the security impacts.

Description

The Data Element Security Matrix is a listing of all Data Elements and their associated security classification, and security classification parameters.

Definition

The Data Element Security Matrix is a listing of all Data Elements and their associated security classification, and security classification parameters.

Detailed Description *

From DND/CF Architecture Framework (DNDAF)  Volume 2: DND/CF Views and Sub-Views:

This sub-view builds on the work done in the SV-6 where the security level of a System Data Exchange is documented.

Within the scope of the architecture project, specifically within the System Data Exchanges, the Subject Matter Expert (SME) identifies and assesses all of the Data Elements that need to be classified and document its security classification. Once this is accomplished, the SME may re-validates the original security assessment of the |Operational Information Exchange OV-3 and its related SV-6’s, if some of the data element assessment of the SV-6 are found to be of a security level greater than the original assessment of the OV-3 and of its SV-6’s.

SecV-2 helps the analyst to update the security data attributes of the data element in focus, by linking it with a caveated security classification reference information already in place.

Subview DADM Elements

From DND/CF Architecture Framework (DNDAF)  Volume 2: DND/CF Views and Sub-Views:

The DADM entities and attributes provided below are the elements that this sub-view is responsible for creating:

Note that the SecV-2, SecV-3 and CV-2 are defined as being responsible for the creation of the Data Attribute entity.

Presentation

  • Tabular

Examples

See:

  • p176 Figure 3.36.1 in DND/CF Architecture Framework (DNDAF)  Volume 2: DND/CF Views and Sub-Views

Prerequisites

Version 1.7 no longer defines pre-requisites for any subview.

From 1.6:

The SV-6 is the prerequisite for this sub-view.

See DNDAF Subview Dependencies

Configuration History

1.7 new subview identifier
1.6 was SecV-1 Data Element Security Matrix Subview

Comments

 

Other Frameworks

There is no equivalent architecture in DODAF, MODAF, NAF or TRAK.

References


Category:Framework -> Specification
Category:Framework -> Subiew

Categories:

 

© 2010 Eclectica Systems Ltd.