Date post: | 21-Jan-2018 |
Category: |
Technology |
Upload: | priyanka-aash |
View: | 1,158 times |
Download: | 1 times |
SACON
SACONInternational2017
ArnabChattopadhyayCapgemini
SeniorDirector
India|Bangalore|November10– 11|HotelLalit Ashok
EnterpriseSecurityArchitecture
SACON 2017
•Afieldbornabout30yearsago• Initiallytargetedtoaddresstwoproblems
• Systemcomplexity• Inadequatebusinessalignment
EnterpriseArchitecture
SACON 2017
ABriefHistoryofEnterpriseArchitecture
Zachman’s firstarticle
1987
TAFIMreleased
1994
Clinger-Cohenbillpassed
1996 1998
TAFIMretiredFEAF1.2released
1999 2002
FEAreplacesFEAFTOGAFEE8.0released
2003 2003
FEAmostlycomplete
2011
TOGAF9.1
SACON 2017
• Isthepracticeofapplyingcomprehensiveandrigorousmethodsfordescribingsecurityofcurrentandfuturesystems
• Ref:Wikipedia
• Appliedtopeople,processandtechnologies• Goals
• Providestructure• Enablebusiness-to-securityalignment• EnforceTopdownapproach• Strongtraceability• Abstractcomplexconcepts• Establishcommonlinguaofinformationsecurity
EnterpriseInformationSecurityArchitecture
SACON 2017
• NISTCSF• SherwoodAppliedBusinessSecurityArchitecture(SABSA)
WellKnownEnterpriseSecurityArchitectureFramework
SACON 2017
• MethodologyforBuildingSecurityArchitecture:• Business-driven• Riskandopportunityfocused• Includessecurityservicemanagement
• Comprisedofanumberofintegratedframeworks,models,methodsandprocesses
WhatisSABSA
SACON 2017
• Comprisesofsixlayers• BasedonZachman framework/taxonomy• TheSecurityServiceManagementArchitecturehasbeenplacedverticallyacrosstheotherfivelayers
• Eachhorizontallayerismadeofaseriesofverticalcommunicationinterrogatives• What(Assets)• Why(Motivation)• How(ProcessandTechnology)• Who(People)• Where(Location)• When(Time)
WhatisSABSAContd.
SACON 2017
MappingwithotherSecurityStandards
ISO 7498-1 ISO 7498-2
LogicalSecurityServices
PhysicalSecurity
Mechanisms
Contextual Architecture
Conceptual Architecture
BusinessDriven
Requirements& Strategy
SABSA Views
Logical Architecture
Physical Architecture
Component Architecture
Operational Architecture ServiceManagement
DetailedCustom
Specification
SACON 2017
SABSASnapshot
Busin
essS
trategy
Goals
Relationship
Market
Regulation
People
Materials
Finance
Production
Logistics
BAP
RiskModel
TrustModel
SecurityStrategy
ProcessDesign
Policy&LegalFramework
TechnicalDesign
LogicalSecurity
Services
Confidentiality
Identification
Registration
Certification
Directories
Authentication
Authorization
AccessControl
AuditTrail
PhysicalSecurity
Mecha
nism
Encryption
Naming
Procedures
Signatures
Databases
Passwords
ACLs
Firewalls
EventLogs
Compo
nents
TrustedBu
sinessO
peratio
ns
Prod
ucts
Tools