In lieu of an abstract, here is a brief excerpt of the content:

121 Many reports indicate that the United States currently faces a multifaceted, technologically based vulnerability. Our information systems are being exploited on an unprecedented scale by state and non-state actors, resulting in a dangerous combination of known and unknown vulnerabilities, strong adversary capabilities, and weak situational awareness. Many cyber security issues arose due to the lack of systematic management of authoritative data sources (ADS). This chapter presents the concepts and applications of ADS, authoritative data elements, and trusted data sources to enable rapid business processes .Italsodiscussestrustedintelligentdecisionmakinginnetwork-centric business environments. We describe a methodology to standardize the ADS processes by which we manage, use, and secure ADS and apply various applications to provide cyber security. Authoritative Data Sources: Cyber Security Intelligence Perspectives Kuan-Tsae Huang and Hwai-Jan Wu 122 Kuan-Tsae Huang and Hwai-Jan Wu Actionable Intelligence Actionable intelligence is derived from actionable information—information that can be acted on—collected from trusted and authoritative sources. It is something that can lead to an action that can trigger a chain of other actions and reactions. Usually, actionable information is a relatively small piece (or pieces) of non-obvious details that can form an initial basis for hypothesis building. Actionable information is the cornerstone of decision support. The process of deriving actionable intelligence from actionable information is a matter of analyzing and processing that information to arrive at certain decision support hypotheses that can lead to action. Arriving at actionable intelligence could involve using various matrices and methodologies to process a number of bits of information that intelligence agencies might have received from a variety of sources. Multiple data sources containing potentially inaccurate and outdated copies of data can be confusing, and can be time-consuming and expensive to maintain. Developing a registry that identifies the single trusted—or authoritative—data source will save time as well as the costs associated with maintaining and verifying the accuracy of multiple sources. The data on its own may or may not be intelligible until transformed. This need to express data as intelligible information necessitates data abstraction . Data abstraction is accomplished by separating raw data into understandable and cohesive pieces, then transforming those independent pieces of raw data into intelligible information. As the single resource to obtain reliable and trustworthy information, ADS must have associated data abstraction, which is critical to coherent, consistent, and enterprisewide data management. According to the Department of Defense (DoD), an ADS is “a recognized or official data production source with a designated mission statement or source/product to publish reliable and accurate data for subsequent use. An ADS may be the functional combination of multiple or separate data sources” [9]. Cyber Security Threats After the Christmas Day bombing attempt on Flight 253, an analysis discovered that a mix of human and systemic failures with handling ADS [3.15.6.77] Project MUSE (2024-04-25 03:33 GMT) Authoritative Data Sources 123 contributed to this potentially catastrophic breach of security. The underwear bomber, Abdulmutallab, was listed in the Terrorist Identities Datamart Environment (TIDE)ownedbytheNationalCounterterrorismCenter.That database stores information about one million individuals who may be a threat to the United States. By examining the TIDE database, the FBI Terror Screening Unit identifies those who are the real threat and places them in their Terrorism Screening Database, which contains records on 400,000 individuals . The FBI passes these names to the Transportation Security Administration (TSA), which maintains its own no-fly list of about 14,000 people. An ADS, also called a trusted data source, is one where you know that not only can you trust the source, but you can also trust that you are looking at the exact same data others are. Problems arise from how the data is shared or, in the case of the underwear bomber, not shared. The common practice of copying data, sending it to others, and calling it “sharing” is really where this case went wrong: The data you copy is trusted data, but no authority other than you has it. Because it has been copied, the burden is on the recipient to ensure it has not been tampered with and that it is up-to-date. Incorrect management of ADS is another cause of problems. There is no way for the TSA to combine its information about an individual who purchased a ticket in cash and has no luggage with the fact that his father reported him to the U.S. Embassy in Nigeria. The following is a list of...

Share