Security-Enabling

securityBuilding trust requires a SECURITY-enabled environment that allows authenticated users and services to discover, retrieve, and process only authorized information.

CSI excels in:

  • Classification & Need-to-Know Exchange Specifications
    • Subject matter experts in the development of data and metadata encoding specifications (e.g., XML), controlled vocabularies, and implementation policy addressing the exchange of classification and control marking and custom need-to-know control system metadata
    • Senior facilitator of multi-agency, multi-community collaboration and coordination of specifications and their formal acceptance into a joint Enterprise Standards Baseline
    • Tested specification viability within a live mission exercise and pilot activities
  • Encrypted Transport Exchange Specifications
    • Subject matter experts in the development of data and metadata encoding specifications (e.g., XML) and controlled vocabularies addressing the exchange of wrapped data and metadata packages across the enterprise
    • Senior facilitator of multi-agency, multi-community collaboration and coordination of specifications and their formal acceptance into a joint Enterprise Standards Baseline
    • Tested specification viability within a live mission exercise and pilot activities
  • Attribute-based Access Control Strategies
    • Helped translate new information sharing and retrieval policy into implementable concepts based on tagged content, tagged people, and smart access control operations that only deliver appropriate content to authorized users
    • Supported the expansion of smart operations beyond discovery and retrieval to include a broader set of content, both person and non-person entities, and all enterprise operations requiring access to content
    • Facilitated multi-agency, multi-community collaboration on these strategies, formalized implementation details, developed educational materials and presented these concept beyond the core implementation teams
    • Subject matter experts in the development of data and metadata encoding specifications (e.g., XML), controlled vocabularies, and implementation policy addressing the exchange of person and non-person entity attributes
    • Senior facilitator of multi-agency, multi-community collaboration and coordination of specifications and their formal acceptance into a joint Enterprise Standards Baseline
  • Enterprise Audit Architectures & Exchange Specifications
    • Identified enterprise audit technologies in use and facilitated discussions regarding optimal methods for collecting and exchanging specified audit events
    • Subject matter experts in the development of data and metadata encoding specifications (e.g., XML), controlled vocabularies, and implementation policy addressing the exchange of tagged enterprise audit event record exchanges
    • Senior facilitator of multi-agency, multi-community collaboration and coordination of specifications and their formal acceptance into a joint Enterprise Standards Baseline
    • Tested specification viability within a live mission exercise and pilot activities
  • System Certification & Accreditation
    • Assisted in documenting certification and accreditation procedures given in-place organizational structure and resources
    • Wrote system security documentation for developed applications and system components
    • Worked with developers and security team to thoroughly test system components against identified high-risk threat areas
    • Translated test deficiencies for systems developers and supported the resolution of issues until the system was approved for operational deployment

Comments are closed