Information Assurance Using a Defense In-Depth Strategy

Abstract

Information assurance is an essential part of data dissemination and requires availability, integrity, authentication, confidentiality and non-repudiation of information systems. A defense in depth security architecture will protect data in motion, data at rest and data at the edge. This paper discusses those various states of data, their vulnerabilities and a set of solutions that have been developed to aid in the overall protection of assets. The solution provided involves leveraging several technologies including: LevelLock, PuriFile and SINBAD. The combination of these products create a framework that can both proactively and reactively ensure data assets are created, modified and transferred in a consistent manner, based on policy. An organization seeking to fully protect its information resources should seek to implement a multi-strategy defense congruous with the solution provided here.