Prologue

I started writing this book in 1993 during a time when the industry was evolving from COMSEC to COMPUSEC to INFORMATION SECURITY (and AIS), and finally to INFORMATION ASSURANCE. The DoD and IC communities published so many foundation documents, such as the Rainbow Series and the IATF Framework, that anyone who wanted to describe the various disciplines would simple be reguritation what was already said. In my case, technology was moving so fast that I never felt comfortable in finalizing the book to the point that I could move forward with publishing it. Now I've given up and just decided that you can use it however you want.

There are some useful items that could come in handy herein. The chapter on System Security Engineering Management describes acquisition information not readily available elsewhere. Likewise, the chapter on Mission Oriented Risk Analysis (MORA) for selecting research areas is more detailed than other references available to the general public.

Table of Contents

Chapter 1...........................................................Basic Communications Theory
Chapter 2...........................................................Security Boundaries
Chapter 3...........................................................TEMPEST Secure Classified Local Area Networks
Chapter 4...........................................................SSEM in the Secure LAN/WAN Environment
Chapter 5...........................................................Information Security Program Development
Chapter 6...........................................................Configuration Management for Classified Equipment
Chapter 7...........................................................Life Cycle Management
Chapter 8...........................................................Risk Management
Chapter 9...........................................................Mission Oriented Risk Analysis

Appendix A..........................................................Digital Encryption Standard
Appendix B..........................................................Cryptographic Algorithms
Appendix C..........................................................Operational Security