Improving Common Security Risk Analysis (Amelioration d'un processus commun d'analyse de risques securite)

Improving Common Security Risk Analysis (Amelioration d'un processus commun d'analyse de risques securite)

Active / Technical Report | Accession Number: ADA492499 |

Abstract:

This report is the final report resulting from the four meetings of the working group called Improving Common Security Risk Analysis IST-049 - RTG-021. The report describes the different methods used by various NATO countries. As a first conclusion, the report shows that these methodologies, even if based on similar principles, differ in their knowledge bases or type of results. This makes the risk assessments difficult or impossible to compare when different methods have been used. In a second part, the report identifies the main steps which are considered as mandatory for a method to be used by NATO. Then the report identifies recommendations which should be taken into account by the existing methods and tools in order to solve the interoperability problem identified in the first part of the document but also to be able to take into account the new NATO concepts such as NNEC. The final chapter of the report identifies the follow on activities to be conducted within RTOIST or within other NATO entities.

Author(s):

No Author(s) Identified

Author Organization(s):

NATO RESEARCH AND TECHNOLOGY ORGANIZATION NEUILLY-SUR-SEINE (FRANCE)

Descriptive Note:

Final rept.

Supplementary Note:

Final Report of Task Group IST-049. ISBN: 978-92-837-0045-6.

Pagination:

0100

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release, Nato

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited. Nato.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

RTO-TR-IST-049, AC/323(IST-049)TP/193

Monitor Series:

NATO/RTO

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_5.3_Planning; JCA_5.3.2_Apply Situational Understanding; JCA_2.1_Planning and Direction; JCA_5.3.3_Develop Strategy; JCA_5.3.4_Develop Courses of Action; JCA_5.3.5_Analyze Courses of Action; JCA_5.2_Understand; JCA_5.4_Decide; JCA_2.1.4_Evaluation; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_4.2_Supply; JCA_4.2.1_Manage Supplies and Equipment; JCA_4.7.2_Installation Services; JCA_4.7_Base and Installations Support; JCA_5.4.1_Manage Risk; JCA_5.6.3_Assess Achievement of Objectives; JCA_5.6_Monitor; JCA_2.1.1_Define and Prioritize Requirements; JCA_5.4.3_Establish Rule Sets; JCA_1.2.6_Concepts

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

*SECURE COMMUNICATIONS, *COMMUNICATIONS NETWORKS, *COMPUTER NETWORKS, *RISK ANALYSIS, THREAT EVALUATION, SYSTEMS ANALYSIS, MONITORS, SURVEILLANCE, VULNERABILITY, DATA PROCESSING SECURITY, INFORMATION SYSTEMS, SOFTWARE ENGINEERING, STANDARDS

Field(s)/Group(s):

Computer Systems Management and Standards, Radio Communications

Keyword(s):

NETWORK SECURITY, FOREIGN REPORTS, NATO FURNISHED

Report Date:

2008 Sep 01

Creation Date:

2009 Feb 04