Enterprise Architecture an Enabler of Secure EGovernment - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

Enterprise Architecture an Enabler of Secure EGovernment

Description:

Cyber Security. Web Enablement. Enterprise Architecture. 4/2/03. 6. DJM- FAA's Job ... CIO's Cyber Security Mission. Detect. 4/2/03. 13. DJM- FAA's 5 Layers. of ... – PowerPoint PPT presentation

Number of Views:45
Avg rating:3.0/5.0
Slides: 24
Provided by: faa57
Category:

less

Transcript and Presenter's Notes

Title: Enterprise Architecture an Enabler of Secure EGovernment


1
Enterprise Architecturean Enabler ofSecure
E-Government
Federal Aviation Administration
  • SecurE-Biz Summit
  • April 1-2, 2003

Dan Mehan, Ph.D. Assistant Administrator for
Information Services and Chief Information Officer
2
FAAs Enterprise Architecture Liftoff
Enterprise Architecture
Multiple Layered Protection
Forces of Change
Information Technology Landscape
3
Presidents Management Agenda
  • 1st Priority Make Government citizen-centered
  • 5 Key Components
  • 1. Strategic Management of
  • Human Capital
  • 2. Improved Financial Performance
  • 3. Expanded Competitive Sourcing
  • 4. Electronic Government
  • 5. Budget and Performance
  • Integration

4
E-Government Drivers
Technological Advances
Customer Demand
Progress
Statutory Mandates
Cost and Time Pressures
5
E-Government Key Components
6
FAAs Job
  • Manage 35,000 commercial flights to move
    2,000,000 passengers safely each day
  • Support more than 35,000 general aviation flights
    on a daily basis
  • Regulate and certify the people and aircraft that
    use our airspace
  • 500 FAA Managed Air Traffic Control Towers
  • 180 Terminal Radar Control Centers
  • 20 Enroute Centers
  • 60 Flight Service Stations
  • 40,000 Radars, NAVAIDs, Radios, etc.

7
FAAs Enterprise Architecture Liftoff
Enterprise Architecture
Multiple Layered Protection
Forces of Change
Information Technology Landscape
8
Forces of Change
Information Age Technology COTS/TCP-IP
Ubiquitous Availability of Information
Increased Activity From Organized Groups And
Nation States
9
Security and the Evolving Threats
Internet Worms
High
Packet Forging/ Spoofing
Stealth Diagnostics
Sophistication of Hacker Tools
Sniffers
Sweepers
Hijacking Sessions
Back Doors
Disabling Audits
Exploiting Known Vulnerabilities
Password Cracking
Hacker Technical Knowledge Required
Self Replicating Code
Password Guessing
Low
1990
1980
2000
10
Incidents Reported
Source CERT/CC
11
FAAs Enterprise Architecture Liftoff
Enterprise Architecture
Multiple Layered Protection
Forces of Change
Information Technology Landscape
12
CIOs Cyber Security Mission
Protect the FAAs information infrastructure and
help the aviation industry reduce security risks
through leadership in innovative information
assurance initiatives
  • Respond
  • Plan
  • Protect
  • Detect

13
FAAs 5 Layers of System Protection
14
Securing Individual Systems National Information
Assurance Certification and Accreditation Program
(NIACAP)
Negotiation Certification Reqmts Review
Phase 1
Nationally Recognized Process Security
Requirements Review During Milestone Zero Cradle
to Grave Program
Initial Certification Analysis
Phase 2
Phase 3
Phase 4
System Operation
15
Boundary Protection
Intrusion Detection System Firewall Hardened
Router Antiviral Access Control List
Antiviral Access Control List
E-Mail Servers NEXGEN (12)
INTERNET
FAA Internet Access Points (8)
Agency Data Telecommunications Network w/ IDS,
Hardened Routers
16
COMPUTER SECURITY INCIDENT RESPONSE CENTER (CSIRC)
Recover
Respond
Protect
Detect
Protect the information infrastructure Detect
anomalous traffic Respond to any intrusion that
threatens to impede operations Recover and
restore affected systems in a timely fashion
17
How to Invest Scarce Resources
Boundary Protection
System Certification
Vulnerability Scanning
Anti-viral
VPNs Firewalls
Transport/Application Layer
Insider/Outsider Threat
Intrusion Detection
18
FAAs Enterprise Architecture Liftoff
Enterprise Architecture
Multiple Layered Protection
Forces of Change
Information Technology Landscape
19
Enterprise Architecture Framework
20
Enterprise Architecture
Capital Planning
  • Establishes Agency-wide roadmap to achieve an
    efficient IT environment
  • Three Segments
  • NAS Operations
  • Mission Support
  • Administrative
  • Acquisition Management System
  • Joint Resources Council
  • Portfolio Management
  • Exhibit 300s

21
FAA Database Evolution
22
Enterprise Architecture Key to Secure E-Business
23
Major Themes
System Optimization
Process Improvement
Risk Management
Web Enablement
Enterprise Architecture
Multi-Layered Defense
  • E-Government will define the way we communicate
    among ourselves and with others
  • Technology is enabling us to enhance the way we
    manage and share information
  • Securing the critical cyber infrastructure is a
    must for E-Government to flourish
  • Enterprise Architecture will be a key driver and
    enabler to optimize FAA investment
Write a Comment
User Comments (0)
About PowerShow.com