SANS InfoSec Reading Room - Information Assurance
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact
webmaster@sans.org.
Featuring 4 papers as of Feb 10, 2010
The Many Issues of a Human Review Downgrader
- By: Jon Johnson (posted on May 5, 2005)
-
The government and military have always dealt with this problem. They have created information domains, which are various labels denoting the level of sensitivity of data such as top secret (TS) and unclassified [1].
Security Issues When Data Traverses Information Domains: Do Guards Effectively Address the Problem?
- By: Charles Maney (posted on July 25, 2004)
-
The sharing of information has become an integral part of our society. Because of this, it has become increasingly important to protect that information as well as the resources that facilitate the information exchange.
Mixing Technology and Business: The Roles and Responsibilities of the Chief Information Security Officer
- By: Matthew Cho (posted on October 31, 2003)
-
This research paper describes the roles and responsibilities of the Chief Information Security Officer and the importance of these roles and responsibilities to public and private organizations worldwide. In addition, this paper explains the return on investment and the importance and how it relates to the Chief Information Security Officer.
Building an Information Assurance Framework for a Small Defense Agency
- By: Janet Haase (posted on October 31, 2003)
-
This paper attempts to glean best practices from many sources to define the steps we must to take to implement and manage an Information Assurance Framework.
SANS Training should be attended by all IT staff as they have a wealth of knowledge to give.
-Leigh Lopez, CSVN