Structure and infrastructure
Structure and infrastructure

Interdisciplinary study has always been a focus in information assurance (IA) curriculum. Combining computer science with criminal justice, psychology, programming, policy and security is the sign of a solid IA program.

This semester I have been looking at information security aspects of building information modeling (BIM). BIM is a way of designing buildings with a specific slant to addressing the needs of the architects, owners, construction contractor, subcontractors, engineers, surveyors and others involved in the design and construction process. The CAD software used to manage the total building model and process can aid in the construction of homes, large office buildings, and a host of other structures. Great idea? Absolutely.

When looking at this integrated project concept, my first concerns are as follows: With all of this information and all of these players involved, who is securing the system and the data? Is there someone who is going to be guiding the process from an information assurance standpoint?

The dilemma for BIM and information security is the multitude of people who are using, changing and transmitting the data. There are also implications in the BIM model for physical security. These include homeland security implications, as BIM software can be used for military or government buildings that may need additional structural requirements.

When we teach IA professionals in our programs, they should be made aware of this important opportunity for information security in a large and multi-faceted environment. BIM has the potential to have a big impact on IA and we should make our students aware of data, as well as the stakeholder roles. After all, information security is a people issue.

As standards for the BIM concept and implementation are solidified and the major players come together to implement structural models, the massive amounts of data involved needs to be protected.

Other IA issues of BIM are sure to emerge and I certainly look forward to further investigating the information security aspects of this fast-growing building development method.