NIH Enterprise Architecture Home

Confidentiality Brick

Description

The primary method of protecting confidentiality of information is via encryption. In addition to sensitive business data, there is also data about the network and systems themselves that need to be encrypted in order to prevent attacks.
Brick Information

Tactical

(0-2 years)

Strategic

(2-5 years)
  • Baseline

 

 

Retirement

(To be eliminated)

Containment

(No new development)
  • 40 bit
  • LZS compression (retired as an encryption mechanism only)
  • 56 bit
  • WEP

Baseline

(Today)

Emerging

(To track)
  • Algorithms 
  • 3DES
  • MD5

     

  • Key Size
  • 168 bit
  • 128bit
  • 40bit
  • 56 bit  

     

  • Database Encryption
  • Message encryption
    • PGP
    • Microsoft
  • Transport Encryption
    • IPSEC
    • WEP
    • SSL
    • SSH
    • Blackberry Transport Encryption
  • LZS compression
  • Data Link Encryption
  • File encryption PGP
  • AES 
  • 802.11l 
  • S-HTTP
  • S/MIME

Comments

  • Tactical and strategic products were selected to leverage NIH's investment in products that are a proven fit for NIH's known future needs. Leveraging baseline products in the future will minimize the operations, maintenance, support and training costs of new products.
  • Some baseline products have been designated retirement and containment. These products are either not as widely or successfully deployed at NIH, or they do not provide as much functionality, value, or Total Cost of Ownership as the selected tactical and strategic products

Relevant Standards

Relevant Policies

Time Table

This architecture definition approved on: July 18, 2003

The next review is scheduled in: TBD