8500_1_8500_2_dla_reference

8500_1_8500_2_dla_reference - Defense Logistics Agency DoD...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Defense Logistics Agency DoD Directive 8500.1 & DoD Instruction 8500.2 Overview (Draft) May 28, 2003 EI Toolkit Reference Document Submitted: March 2004
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Introduction to DOD Directive 8500.1 (Information Assurance Directive) DoD Directive (DoDD) 8500.1, which became effective Oct. 24, 2002, calls for information assurance requirements to be identified and included in the design, acquisition, installation, operation, upgrade and replacement of all DoD information systems. (Issued by the Assistant Secretary of Defense for Command, Control Communications and Intelligence (ASD/C3I)) Supersedes the following: DoDD 5200.28 (Security Requirements for Automated Information Systems (AISs), March 21, 1988) DoDD 5200.28-M (ADP Security Manual, January 1973) DoDD 5200.28-STD (Department of Defense Trusted Computer System Evaluation Criteria (Orange Book), December 1985) DoD Chief Information Officer (CIO) Memorandum 6-8510 (references (b), (c), (d) and (e)), June 16, 2000
Background image of page 2
Highlights of DoD Directive 8500.1. .. All DoD information systems shall comply with DoD ports and protocols guidance and management processes, as established .” (DoDD 8500.1, para 4.1.5) More details provided on this topic in DoDI 8500.2. All IA or IA-enabled IT hardware, firmware, and software components or products incorporated into DoD information systems must comply with the evaluation and validation requirements of National Security Telecommunications and Information Systems Security Policy Number 11 (NSTISSP #11), National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology Products," January 2000.” (DoDD 8500.1, para 4.17) Going forward, the Business Systems Modernization (BSM) Program will need to review the details of NSTISSP #11 to ensure compliance. In brief, this policy calls for the Common Criteria (CC) certification of Commercial off-the-shelf (COTS) based IA & IA- Enabled products used in DoD information systems. Purchase contracts shall specify that product validation will be maintained for updated versions or modifications by subsequent evaluation or through participation in the National Information Assurance Partnership (NIAP) Assurance Maintenance Program .” (DoDD 8500.1, para 4.17) Going forward, future BSM purchases and contracts will need to be modified to comply with this guidance.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Highlights of DoD Directive 8500.1 Authorized users who are contractors, DoD direct or indirect hire foreign national employees, or foreign representatives as described in DoDD 8500.1, para 4.9., shall always have their affiliation displayed as part of their e-mail addresses .” (DoDD 8500.1, para 4.10) BSM user’s email addresses that meet the above criteria will need to be modified to comply with this guidance.
Background image of page 4
Introduction to DoD Instruction 8500.2 (Information Assurance Implementation Directive) DoDI 8500.2, which became effective Feb. 6, 2003 provides more detailed instructions on how
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/14/2011 for the course COMP 6370 taught by Professor Staff during the Fall '08 term at Auburn University.

Page1 / 33

8500_1_8500_2_dla_reference - Defense Logistics Agency DoD...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online