Using DoDAF as A Penetration Testing Tool

Author:
C. W. Perr, Christopher Harrison, Daniel Compton, J. A. Hamilton, Jr., Ph.D.
File Size:
125.54 kB
Date:
01 July 2011
Downloads:
2268 x

The penetration testing process, or the evaluation of a system for potential vulnerabilities, is a crucial factor in ensuring system security and stability. At its core, this process involves the art of analyzing and subsequently decomposing an inherently complex system into its constituent interoperable subsystems. It seems intuitive that, for the purposes of standardizing and expediting this process, one might employ the use of the very tools used in the construction of a target system in its decomposition. To that end, our team has chosen to use a sufficiently robust architectural modeling framework – the Department of Defense Architecture Format (DoDAF) – to aid in the decomposition of a sufficiently complex, black-box system in the context of the penetration testing process.

Using DoDAF as A Penetration Testing Tool