Applying the dod goal security architecture as a methodology for the development of system and enterprise security architectures

Many organizations have a need to conduct security assessments and develop security architectures. It was recognized that a structured approach is needed. The Department of Defense Goal Security Architecture (DGSA) was already developed through considerable effort by knowledgeable security professionals. Our approach was to tailor-the DGSA to fit many enterprise information system security profiles and meet the requirements of multiple organizations. This paper shows how the DGSA was applied across multiple program types, and demonstrate how, if can be used for a wide variety of security tasks.