Architecture to get more security, privacy info

A second, more detailed, document on security and privacy requirements of the federal enterprise architecture will be released by the CIO Council by next April, said Sallie McDonald, the Homeland Security Department's director of strategic partnerships.

The new document, which will supplement the privacy and security overlay released by the CIO Council this fall, will include more detailed security and privacy guidelines, she said. Overlays are policy documents that affect all five of the federal enterprise architecture's data reference models.

The added detail of the second overlay document includes federal privacy, security methodology and a common set of concept definitions, McDonald said, who spoke Nov. 10 at the GCN Enterprise Architecture conference in Washington, D.C.

The document will work with existing rules and regulations, she added.

"It's not our intention to develop anything new and burden people who are already overburdened with anything new," as far as requirements, she said.

An ad hoc subcommittee of the Architecture and Infrastructure Committee, which is part of the CIO Council, is developing the second document, said John Gilligan, AIC co-chairman. Contract support is being supplied by Booz, Allen Hamilton and Mitre, he said. Gilligan also spoke that the conference.

The first overlay document just "basically showed how privacy and security should be addressed" in the five reference models of the federal enterprise architecture, he said.

The second document will detail "how to drill down and to begin to provide tools for the practitioners of security and privacy," he said. A third security and privacy overlay might be developed as well, he added. "We may need one more, but we're going to get a sense from the agencies, they'll give us the feedback," he said.

About the Author

David Perera is a special contributor to Defense Systems.

Featured

  • Defense
    concept image of radio communication (DARPA)

    What to look for in DOD's coming spectrum strategy

    Interoperability, integration and JADC2 are likely to figure into an updated electromagnetic spectrum strategy expected soon from the Department of Defense.

  • FCW Perspectives
    data funnel (anttoniart/Shutterstock.com)

    Real-world data management

    The pandemic has put new demands on data teams, but old obstacles are still hindering agency efforts.

Stay Connected