Managing Information Security in Large Defence Procurements: the Royal Air Force Lits Experience
نویسندگان
چکیده
This paper describes the practical experiences of the authors subsequent to the 1993 Symposium and overlays the procurement process that took place for the development of the first tranche of the Royal Air Force’s Logistics Information Technology System from a COMPUSEC perspective. It explains some of the problems encountered by the Security Team during the selection of a Prime Systems Integrator and developer and then describes what actions were taken to minimize the associated security risks. It is believed that many of these management problems and difficulties we have faced and resolved hold equally true for all secure IT system developments. Many of the lessons we have learned are relevant to the management of all secure system procurements where a contractor is used, irrespective of size.
منابع مشابه
Implementing Security Policy in a Large Defense Procurement
At the 1993 ACSAC conference a previous paper was presented describing the security policy developed for a large, integrated defence procurement, the United Kingdom Royal Air Force Logistics Information Technology System (LITS). The current paper describes some of the practical difficulties encountered in implementing that security policy during subsequent stages of the LITS system development....
متن کاملSecurity policy in a complex logistics procurement
The Royal Air Force Logistics Information Technology System (LITS) is a ten year United Kingdom procurement programme to provide the Royal Air Force with a fully integrated IT system covering its Supply and Engineering functions. It will hold and process classified information and thus requires an IT security policy. Although a single integrated system, it will service many distinct locations a...
متن کاملInformation Security in a Complex Defence System Procurement: a Personal Management Experience
This paper is based on the personal experience of the authors, and describes some of the real world management problems that they have encountered during the early development stages of a large and complex logistics IT system for the Royal Air Force. It covers some of the practical and pragmatic solutions that have been devised to ensure value for money and meet the user requirements, whilst en...
متن کاملTracking the Asymmetric Threat - Operational Requirements and Technical Solutions for Security Applications
The asymmetric adversary poses a serious threat to civil and military facilities. Hence, the defence against such adversaries, the so-called anti asymmetric warfare, is of interest in various environments: air respectively maritime traffic, air defence, force protection in out of area missions, harbour protection, coastal surveillance, or the security of naval platforms operating in critical en...
متن کاملUse of simulation technology in Australian Defence Force resuscitation training.
Realistic training of health personnel for the resuscitation of military casualties is problematic. There are few opportunities for personnel to obtain the necessary experience unless working in a busy emergency or trauma environment. Even so, the specific nature of military trauma means that many aspects of casualty management may not be adequately covered in the civilian domain. This paper di...
متن کامل