ATARC Document Library

Government Documents

Mobile Computing Decision Framework

Released by the CIO Council on May 23, 2013 as a part of the Digital Government Strategy, The Mobile Computing Decision Framework (MCDF) provides a holistic decision-making process that assists organizations in determining which mobile solution, if any, will support their organizational missions.

In August of 2017, the ATARC Mobile Working Group began collaborating on a refresh of the Mobile Computing Decision Framework, which will be published later in 2017. For more information on this project, please contact Tim Harvey at tharvey@atarc.org.

DHS Study on Mobile Device Security

Released in May 2017, the DHS Study on Mobile Device Security found that the threats to the Federal government’s use of mobile devices — smartphones and tablet computers running mobile operating systems — exist across all elements of the mobile ecosystem. DHS led the study in coordination with the National Institute of Standards and Technology and its National Cybersecurity Center of Excellence and submitted the report to Congress with a series of recommendations to enhance Federal government mobile device security.

Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

Released in May 2017, this Presidential Executive Order holds heads of executive departments and agencies (agency heads) accountable for managing cybersecurity risk to their enterprises and manages cybersecurity risk at an executive branch enterprise.

Mobile Services Category Team (MSCT) Mobile Services Roadmap

Released on November 21, 2016 by the Mobile Services Category Team (MSCT), the Mobile Services Roadmap defines the next generation strategy of government-wide mobile acquisition and includes a discussion on using a category management strategy to increase efficiency in mobile acquisition and management as outlined in OMB Category Management Policy 16-3:

MITRE ATT&CK: Adversarial Tactics, Techniques & Common Knowledge

Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a model and framework for describing the actions an adversary may take while operating within an enterprise network.

DHS Mobile Application Playbook

Released in April 2016, the DHS Mobile Application Playbook (MAP) is a critical tool to utilize during the entire lifecycle of a mobile application. The Playbook informs readers of the process for developing and managing applications that run on smartphones and other mobile devices from the initial concept to design, development, testing, deployment, and ongoing maintenance and operations. The MAP also addresses the challenges of mobile application development and deployment within the Federal Government, and provides solutions and processes that benefit CIOs, Business Owners, and Developers.

ATARC Next Generation Federal Mobile Strategy

ATARC believes a Next Generation Federal Mobility Strategy is a necessary requirement in the ever-changing mobile landscape and that a collaborative effort between government and private industry will provide the proper perspective as Federal government leverages mobile technology to improve its efficiency and operations, and better engage and serve the citizens of the United States of America.

ATARC Federal Big Data Strategy

ATARC believes a successful Federal Big Data Strategy requires an overall vision of data and analytics in the Federal government, as well as a definition of the big data ecosystem and its key topic areas. Using feedback from government and industry, ATARC has started the process of identifying potential topic areas within the big data ecosystem.

Digital Government Strategy

Released as a Presidential Memorandum in 2012, the Digital Government Strategy aims to build a 21st century government that works better for the American people. The DGS sets out to accomplish three things:

  • Enable the American people and an increasingly mobile workforce to access high-quality digital government information and services anywhere, anytime, on any device.
  • Ensure that as the government adjusts to this new digital world, we seize the opportunity to procure and manage devices, applications, and data in smart, secure and affordable ways.
  • Unlock the power of government data to spur innovation across our Nation and improve the quality of services for the American people.

Download Digital Government Strategy (.pdf)

NIST Technical Documents

NISTIR 8144 (Draft) | September 12, 2016
Assessing Threats to Mobile Devices & Infrastructure: Mobile Threat Catalogue (Download .pdf)

NISTIR 8080 | July 2016
Usability and Security Considerations for Public Safety Mobile Authentication (Download .pdf)

SP 800-114 Revision 1 | July 2016
User’s Guide to Telework and Bring Your Own Device (BYOD) Security (Download .pdf)

SP 800-46 Revision 2 | July 2016
Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security (Download .pdf)

NISTIR 8136 (Draft) | June 1, 2016
Mobile Application Vetting Services for Public Safety: an Informal Survey (Download .pdf)

SP 1800-4 (Draft) | November 2, 2015
Mobile Device Security: Cloud and Hybrid Builds (NCCoE project page)

SP 1800-1 (Draft) | July 28, 2015
Securing Electronic Health Records on Mobile Devices (NCCoE project page)

MITRE-ATARC White Papers

The following White Papers were produced by the MITRE Corporation in conjunction with the Advanced Technology Academic Research Center via collaboration and brainstorming sessions conducted as a part of the ATARC Federal IT Summit Series.

MOBILE

MITRE-ATARC Mobile Collaboration Symposium, March 28, 2017
Key topics: Continuous Integration, Delivery & Deployment; Mobile Application Development; Mobile Application Security; NIAP Protection Profiles; Mobile Technology; Root of Trust; Tactical Mobility; Mobile Health Technology

MITRE-ATARC Mobile Collaboration Symposium, October 4, 2016
Key topics: Identity and Access Management; Mobile Deployment; Mobile Health; Mobile Innovation; Mobile Technology

MITRE-ATARC Mobile Collaboration Symposium, April 6, 2016
Key topics: Mobile DevOps; Continuous Mobile Integration; Mobile App Vetting; Secure Components of Mobility; Legacy Government Applications; Citizen Engagement; Mobile Technology in Healthcare

MITRE-ATARC Mobile Collaboration Symposium, August 12, 2015
Key topics: Access Control Systems; Legacy Mobile Applications; Mobility Pilots; Personal Identity Verification

MITRE-ATARC Mobile Collaboration Symposium, February 18, 2015
Key topics: Access Management; Bring Your Own Device (BYOD); Commercial Solutions for Classified Use (CSfC); Derived Credentials; Identity Management

MITRE-ATARC Mobile Collaboration Symposium, August 19, 2014
Key topics: Acquisition Best Practices; Contextually-Aware Devices; Internet of Things (IoT); Legal Best Practices; Mobile Application Development (MAD); Mobile Device Management (MDM); Mobile Integration; Wearables

MITRE-ATARC Mobile Collaboration Symposium, March 5, 2014
Key topics: Cyber Intelligence; Mobile Application Protection Mechanisms; Mobile Application Attack Patterns; Mobile Application Threats; Mobile Application Vetting

MITRE-ATARC Mobile Collaboration Symposium, July 8, 2013
Key topics: Acquisition Challenges; Contextually Aware Mobile Applications; Mobile Cyber Strategy; Identity, Credentialing & Access Management (ICAM)

CLOUD

MITRE-ATARC Cloud Collaboration Symposium, August 3, 2017
Key topics: Cloud in Healthcare; DevOps; Government Cloud Usage; Innovation Challenges; Migration; Standards; True Cost of Cloud;

MITRE-ATARC Cloud Collaboration Symposium, February 16, 2017
Key topics: Cloud & Data Center Migration; Cloud in Healthcare; Cloud Roadmap; Disconnected and Tactical Environments; Securing Data in the Cloud; Service Level Agreements

MITRE-ATARC Cloud Collaboration Symposium, July 26, 2016
Key topics: APIs; Cloud Category Management; Cloud in Healthcare; Cost Savings; DevOps; Mobile & IoT Devices; Secure Cloud Access; Workload Management

MITRE-ATARC Cloud Collaboration Symposium, January 13, 2016
Key topics: Cloud Adoption; Cloud Architecture; Cloud Migration; Cloud O&M; Future Clouds; Security and Privacy Management

MITRE-ATARC Cloud Collaboration Symposium, July 23, 2015
Key topics: Acquisition; Automation; Contracting; Data Interchange in Federated Cloud; DevOps; Integration Services; Migration Aids

MITRE-ATARC Cloud Collaboration Symposium, January 15, 2015
Key topics: Acquisition; Emerging Technologies; Government Cloud; Hybrid Cloud; Private Cloud; Public Cloud; Tiered Architectures

MITRE-ATARC Cloud Collaboration Symposium, July 8, 2014
Key topics: Austere Environments; Impact on Enterprise; Mobile Worker; Security as a Service (SaaS)

BIG DATA

MITRE-ATARC Big Data Collaboration Symposium, December 13, 2016
Key topics: Autonomous Systems; Big Data as a Catalyst; Cyber Security; Mission Success; Health Data

MITRE-ATARC Big Data Collaboration Symposium, June 30, 2016
Key topics: Health Analytics; Health Data; Innovation; Internet of Things (IoT); Prescriptive Analytics; Privacy

MITRE-ATARC Big Data Collaboration Symposium, December 8, 2015
Key topics: Data Science; Governance; Integration; Management; Systems Architecture

MITRE-ATARC Big Data Collaboration Symposium, June 18, 2015
Key topics: Analytics; Cyber Defense; Internet of Things (IoT); Predictive Analysis

MITRE-ATARC Big Data Collaboration Symposium, June 19, 2014
Key topics: Analytics; Applications; Healthcare; Privacy Protection

DEVOPS

MITRE-ATARC DevOps Collaboration Symposium, August 18, 2016
Key topics: Agile, DevOps, Culture Change, Expectations; Reality; SecDevOps

INTERNET OF THINGS

MITRE-ATARC Internet of Things Collaboration Symposium, November 10, 2015
Key topics: Architecture; Changing Dynamics; Data Analytics; Policy Making, Risk Management, Security

ATARC Technical Reports

The following reports were produced by the Advanced Technology Academic Research Center during events that featured government, academia and private industry thought leaders collaborating on topics of interest to the Federal IT community.

FEDERAL CYBERSECURITY

Government agencies face numerous technical, cultural, and resource challenges in protecting sensitive information on federal and military networks. But some specific approaches and best practices offer promise, particularly as they concern change management and culture, skills shortfalls, and transitioning from reactive to proactive cybersecurity postures.

Report: March 9, 2017 Federal Executive Briefing (.pdf)

FUTURE OF FEDERAL NETWORKS

Daunting challenges confront federal agencies as they chart their journeys to more modern capabilities that will deliver the needed flexibility, agility, security and performance for current and future workloads. Finding success will require that agencies recognize the need to adopt new mindsets and approaches in how they view technology.

Report: March 16, 2017 Federal Executive Briefing (.pdf)

BIG DATA

Report: Harnessing Big Data within the Federal Government (.pdf)

CLOUD

Report: Enabling Federal Cloud Adoption (.pdf)

INTERNET OF THINGS

Report: Government and The Internet of Things (.pdf)