Information Assurance Scenario Canonicalization

This is research project proposal that I hope to turn into a masters or doctoral thesis.


Understanding the threat spectrum when designing security policies to govern how businesses should share and use information by means of information and communication technologies (ICT) is a complex process. Every company in the world that uses ICTs as a means to conduct business needs some form of an information assurance program that orients proper handling of shared information from creation to destruction. Information is dependent on data, and both data and information can be used improperly to put any business at risk of damaging its customers or itself.

Internet-based social media platforms, in particular, have made it so easy to share information that their effectiveness in the business environment decreases time and money spent while increasing connectivity to a global audience. But the opportunities and risks of using social media platforms are not holistically clear. The mediums that store, transfer, and communicate the information to us dramatically affect our perceived consequences. All organizations must have a way of thoroughly understanding the risks involved with the evolution, emergence and integration of technologies that have the capability of distributing data and information.


By using a multidisciplinary approach to canonicalize information sharing scenarios for a range of public sector and private sector organizations, a scalable framework can be developed in order to quantify risk and opportunity involved with the use of ICTs, with a focus on Internet-based social media platforms.

Similar work

  • Scenario planning

Mats Lindgren and Hans Bandhold, authors of Scenario Planning: The link between future and strategy, illustrate many process models that can be adapted to better understand the relationships between information. By using these models in various applications, the organization of the causes and effects of data, information, uses, and mediums will be defined clearly and effectively.

  • Philosophy of information

Dr. Luciano Floridi, author of Information – A Very Short Introduction, describes the implications of biological information. In application to information assurance, this conceptual analysis will allow for the development of specific information models that will help illustrate the security implications of humans and technology as information storing and sharing processors.

  • Information assurance

The United States Chief Information Officers Council, in a document entitled Guidelines for Secure Use of Social Media by Federal Departments and Agencies, outlines a model developed by Dr. Mark Drapeau and Dr. Linton Wells that describes the four functions of social software. However the current state of ICT relies heavily on visual and auditory stimulus. An expansion of this social-media model must include an analysis of the other three information receptors: touch, taste, and smell. This expansion must occur to develop scenarios that take into consideration the future trends of virtual reality and a deeper integration into a human-developed infosphere.

Proposed outcomes

  • Goal #1

This phase of the project entails graphical modeling of a wide range of information sharing scenarios utilizing ICTs. The scope of the information sharing scenarios will begin with Internet-based social media platforms and will expand to include various forms of telecommunication services. It is necessary to incorporate a comprehensive selection of scenarios in order to compile a large knowledge base for Goal #2. The knowledge base will be organized systematically according the complete life cycle of information processing concerning data, information, information stakeholders, and information transport mediums.

  • Goal #2

Using the knowledge base established in Goal #1, a critical analysis must take place utilizing Dr. Floridi’s work concerning the philosophy of information. This analysis should include applied concepts such as the information as, for and about reality. A better understanding of the relationships between people, ICTs, and a combination of people and ICTs (dependent on origin and destination) can be quantified in direct relation to our perception of the any given ICTs interface. Further research regarding human perceptions of ICTs can be applied using Dr. Sherry Turkle’s research in psychoanalysis and culture in relation to people’s relationship with technology. This exploration will expand the knowledge base for Goal #3.

  • Goal #3

I presume that following Goal #2, commonalities among ICT interfaces will become evident. This presumed manifestation should allow for the expanse of Dr. Mark Drapeau and Dr. Linton Wells’ four functions of social software model. This expanded model should be able to visually depict a more precise yet comprehensive representation of the utilization of ICTs. This representation will be able to quantify human-centric information control feasibility, impact, and residual risk depending on the source and destination of complete life cycle information dissemination.

  • Project Objective

The final phase of this project will include the development of system development life cycle processes to assist public sector and private sector organizations with establishing more coherent information assurance programs.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s