Scribd Logo
Upload

Welcome to Scribd!

  • ARC IT - PublicWorkshop 8security

    Uploaded by

    Ange Basile Diawara Tshivumda
    14 views6 pages
    The document discusses security classifications and requirements in the ARC-IT V8 architecture. It notes that the previous security classification scheme based on confidentiality, integrity and availability of information flows and physical objects has been upgraded and revised. Every information flow now includes security classification ratings (C-I-A) which are used to provide device classification requirements. It also explicitly supports security credentials management and references specific communications security standards. The document discusses how security impacts all views of the architecture, including the enterprise, physical, functional and communications levels. It also lists several areas where ITS can provide security services like disaster response, freight security, and traveler security.

    Original Description:

    Original Title

    ARC-IT_PublicWorkshop-8Security

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses security classifications and requirements in the ARC-IT V8 architecture. It notes that the previous security classification scheme based on confidentiality, integrity and availability of information flows and physical objects has been upgraded and revised. Every information flow now includes security classification ratings (C-I-A) which are used to provide device classification requirements. It also explicitly supports security credentials management and references specific communications security standards. The document discusses how security impacts all views of the architecture, including the enterprise, physical, functional and communications levels. It also lists several areas where ITS can provide security services like disaster response, freight security, and traveler security.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views6 pages

    ARC IT - PublicWorkshop 8security

    Uploaded by

    Ange Basile Diawara Tshivumda
    The document discusses security classifications and requirements in the ARC-IT V8 architecture. It notes that the previous security classification scheme based on confidentiality, integrity and availability of information flows and physical objects has been upgraded and revised. Every information flow now includes security classification ratings (C-I-A) which are used to provide device classification requirements. It also explicitly supports security credentials management and references specific communications security standards. The document discusses how security impacts all views of the architecture, including the enterprise, physical, functional and communications levels. It also lists several areas where ITS can provide security services like disaster response, freight security, and traveler security.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    ARC-IT V8 Workshop

    ARC-IT & ITS SECURITY


    Security

     Same basic security classification scheme in previous


    versions continues:
    □ considered confidentiality, integrity, and availability requirements
    for each information flow and physical object
     Upgraded and revised for Version 8.0:
    □ Every information flow triple now includes security classification
    ratings (C-I-A) which are used to provide device classification
    requirements for the physical objects
    □ Explicitly supports security credentials management
    □ References specific communications security standards

    U.S. Department of Transportation


    ITS Joint Program Office 2
    Securing ITS

     ITS as an information system


    □ Trusted
    □ Reliable
    □ Available
     Security impacts all views
    □ Enterprise must consider security-related roles.
    ▪ Institutions will have relationships with security providers
    ▪ Users will expect institutions to care for their security
    □ Physical includes objects and flows dedicated to security
    □ Functional includes functions dedicated to security
    □ Communications profiles all require security protocols

    U.S. Department of Transportation


    ITS Joint Program Office 3
    ITS Security Areas

     ITS as a provider of security


    □ Disaster response
    □ Freight/Commercial Vehicle security
    □ HAZMAT security
    □ ITS Wide Area Alert
    □ Rail security
    □ Transit security
    □ Transportation Infrastructure security
    □ Traveler security
     Largely unchanged, just updated from 7.1

    U.S. Department of Transportation


    ITS Joint Program Office 4
    Take a Tour – Next Pit Stop

     Find the list of physical objects. Select “ITS Roadway


    Equipment”
     In the “Emergency Vehicle Preemption” service
    package, what is the device class suggested for ITS
    Roadway Equipment to provide appropriate security?
     What types of controls apply to devices of this class?
     What is Integrity requirement for the signal pre-emption
    request?
     Where do these High/Moderate/Low ratings come from?
     Where do these requirements (controls) come from?

    U.S. Department of Transportation


    ITS Joint Program Office 5
    What about all this PKI stuff?

     All of the connected vehicle


    security content has been
    integrated into the architecture
     SU08 and SU02 provide the
    necessary security SPs
    □ For most, SU08 will be externally
    provided
    □ For many, SU02 will have to be
    considered
     Much more information under the
    Security menu item

    U.S. Department of Transportation


    ITS Joint Program Office 6

    You might also like