Critical information assurance challenges for modern large-scale infrastructures

Abstract

Today's information assurance (IA) is no longer about keeping people out. It's about letting people in - the right people, securely, to the right place. In modern military and commercial systems, partners, suppliers, and customers are all constantly accessing the infrastructure through the network. Once there, each needs to be taken directly to the appropriate data and resources. Secure and efficient access control in this context lays the foundation of next-generation business paradigm shift. Such new paradigms create new revenues and increase operation efficiency. Those who fail to make the transition are bound to face daunting challenges in competition. IA is a business enabler. It is vital piece that allows the paradigm shift to take place. This is the new but realistic way to look at security. This paper examines a broad range of critical issues in today's closely knitted environment and discusses potential architectural and technological directions from the perspective of large and distributed infrastructures. To fully illustrate the significant issues, this paper also uses a major cyber crime case that went through the US Federal Court in 2001 for analysis purpose. © Springer-Verlag Berlin Heidelberg 2005.