DCSR-1 Specified Robustness - Basic
Overview
At a minimum, basic-robustness COTS IA and IA-enabled products are used to protect publicly released information from malicious tampering or destruction and ensure its availability. The basic-robustness requirements for products are defined in the Protection Profile Consistency Guidance for Basic Robustness published under the IATF.
| MAC / CONF | Impact | Subject Area |
|---|---|---|
| PUBLIC | High | Security Design and Configuration |
Details
| Threat |
|---|
| Utilizing GOTS or COTS IA and IA-enabled IT products that are designated at a lower robustness then is required will increase network vulnerability by not adequately protecting DoD data and information systems. Â By adhering to robustness requirements, organizations can be confident that they are applying the appropriate level of protection to their network. |
| Guidance |
|---|
| 1. At a minimum, basic-robustness COTS IA and IA-enabled products shall be used to protect publicly released information from malicious tampering or destruction and ensure its availability. 2. The basic-robustness requirements for products are defined in the Protection Profile Consistency Guidance for Basic Robustness published under the IATF. |
References
- DoD CIO Guidance and Policy Memorandum No. 6-8510, DoD GIG IA, 16 June 2000
- CJCSM 6510.01, Defense-in-Depth: Information Assurance (IA) and Computer Network Defense (CND), 10 August 2004
- DoDI 8500.2, Information Assurance Implementation, para. E3.2.4.3, .1, .4, 06 February 2003
- Information Assurance Technical Framework, Appendix E IATF Release 3.1. September 2002