Security Architecture
Encyclopedia
Security provided by IT Systems can be defined as the IT system’s ability to be able to protect confidentiality and integrity of processed data
Data
The term data refers to qualitative or quantitative attributes of a variable or set of variables. Data are typically the results of measurements and can be the basis of graphs, images, or observations of a set of variables. Data are often viewed as the lowest level of abstraction from which...

, as well as to be able to provide availability of the system and data.

“IT Architecture” may be defined as a set of design artifacts, that are relevant for describing an object such that it can be produced to requirements (quality) as well as maintained over the period of its useful life (change). The design artifact describe the structure of components, their inter-relationships, and the principles and guidelines governing their design and evolution over time.

Consequently the definition of “IT Security Architecture” may be considered as:

The design artifacts that describe how the security controls (= security countermeasures) are positioned and how they relate to the overall IT Architecture. These controls serve the purpose to maintain the system’s quality attributes, among them confidentiality, integrity and availability.

Security qualities are often considered as Non-functional requirements when systems are designed. In other words they are not required for the system to meet its functional goals such as processing financial transactions, but are needed for a given level of assurance that the system will perform to meet the functional requirements that have been defined.

In recent years there has been a trend towards a hierarchy of control objectives, controls and specific technical implementations of controls, which are implemented within a given security architecture in order to meet the security requirements.

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK