NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Systems security assurance as (micro) publishing: Declarative markup for systems description and assessment

Published

Author(s)

Wendell A. Piez

Abstract

Markup technologies are very general purpose, as reflects their generality of conception. They become interesting as well as useful as they are applied to accomplish goals in the real world. Since principles of generic declarative markup were first applied to accomplishing publishing-related goals in information management, design and application, 25 or 40 years ago, they have repeatedly demonstrated both their generality – they really do work – and their demand for applicability. Get one thing wrong, or leave it out, and the effort sits on a shelf. Design and deploy it carefully and sensitively, and even an inexpensive initiative can pay dividends for years. These systems become sustainable in the context of the sustainable operations of which they are a part. Decades of experience have shown us how to use declarative markup to sustain publishing operations. Now we have to deal with similar problems of information description, management, reuse across contexts, referencing, tracing, and authentication, only at even larger scales than before, both in size and complexity. This paper proposes some lessons and insights we can bring from our experience with publishing technologies, and suggests how they might be applicable in the growing domain of systems security assurance.
Proceedings Title
Proceedings of Balisage: The Markup Conference 2020
Volume
25
Conference Dates
July 27-31, 2020
Conference Location
Rockville, MD
Conference Title
Balisage: The Markup Conference 2020
Pub Type
Conferences

Download Paper

https://doi.org/10.4242/BalisageVol25.Piez01
Local Download

Keywords

security assessment, Risk Management Framework (RMF), XML, declarative markup
Risk management and Information technology

Citation

Piez, W. (2020), Systems security assurance as (micro) publishing: Declarative markup for systems description and assessment, Proceedings of Balisage: The Markup Conference 2020, Rockville, MD, [online], https://doi.org/10.4242/BalisageVol25.Piez01 (Accessed October 14, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created July 27, 2020, Updated March 1, 2021
Was this page helpful?