Description
Security Architecture – How & Why (2022)
| Security Architecture, or Enterprise Information security architecture, as it was originally coined by Gartner back in 2006, has been applied to many things and different areas, making a concrete definition of security architecture a difficult proposition. But having an architecture for the cyber security needs of an organization is important for many reasons, not least because having an architecture makes working with cyber security a much easier job, since we can now build on a, hopefully, solid foundation. Developing a security architecture is a daunting job for almost anyone, and in a company that has not had a cyber security program implemented before, the job becomes even harder. The benefits of having a concrete cyber security architecture in place cannot be overstated! The challenge here is that a security architecture is not something that can stand alone, it absolutely must be aligned with the business in which it is being implemented.
This book emphasizes the importance, and the benefits, of having a security architecture in place. The book will be aligned with most of the sub-frameworks in the general framework called SABSA, or Sherwood Applied Business Security Architecture. SABSA is comprised of several individual frameworks and there are several certifications that you can take in SABSA. Aside from getting a validation of your skills, SABSA as a framework focuses on aligning the Security Architecture with the business and its strategy. Each of the chapters in this book will be aligned with one or more of the components in SABSA, the components will be described along with the introduction to each of the chapters. |
Table of contents :
Cover
Half Title
Serie Page
Title Page
Copyright Page
Table of Contents
Preface
List of Figures
List of Tables
1: Why Security?
1.1: Business Prevention
1.2: Measuring and Prioritizing Business Risk
1.3: Security as a Business Enabler
1.4: Empowering the Customers
1.5: Protecting Relationships
1.6: To Summarize
2: Why Architecture
2.1: Origins of Architecture
2.2: Managing Complexity
2.3: Information Systems Architecture
2.4: Architectures
2.4.1: Business Architecture
2.4.2: Information Architecture
2.4.3: Applications Architecture
2.4.4: Infrastructure Architecture
2.4.5: Risk Management Architecture
2.4.6: Governance Architecture
2.5: Enterprise Security Architecture
2.6: Being a Successful Security Architect
2.7: Security Architecture Needs a Holistic Approach
2.8: What Does Architecture Mean?
3: Security Architecture Model
3.1: The SABSAr Model
3.2: The Business View
3.3: The Architect’s View
3.4: The Designer’s View
3.5: The Builder’s View
3.6: The Tradesman’s View
3.7: The Facilities Manager’s View
3.8: The Inspector’s View
3.9: The Security Architecture Model
4: Contextual Security Architecture
4.1: Business Needs for Information Security
4.2: Security as a Business Enabler
4.2.1: On-Demand Entertainment
4.2.2: Value-Added Information Services
4.2.3: Remote Process Control
4.2.4: Supply Chain Management
4.2.5: Research and Information Gathering
4.3: Digital Business
4.3.1: Online Banking
4.3.2: B2B
4.3.3: Online Government
4.4: Continuity and Stability
4.4.1: Revenue Generation
4.4.2: Customer Service
4.4.3: Reputation
4.4.4: Management Control
4.4.5: Operating Licenses
4.4.6: Employee Confidence
4.4.7: Shareholder Confidence
4.4.8: Other Stakeholders
4.5: Safety-Critical Dependencies
4.5.1: Remote Communications to Safety-Critical Systems
4.5.2: Systems Assurance
4.6: Business Goals, Success Factors and Operational Risks
4.6.1: Brand Protection
4.6.2: Fraud Prevention
4.6.3: Loss Prevention
4.6.4: Business Continuity
4.6.5: Legal Obligations
4.7: Operational Risk Assessment
4.7.1: Risk/Threat Assessment
4.7.2: Threat Domains
4.7.3: Threat Categories
4.7.4: Risk Prioritization
4.8: SABSA R Risk Assessment Method
4.8.1: SABSA Risk Assessment Method: Step 1
4.8.2: SABSA Risk Assessment Method: Step 2
4.8.3: SABSA Risk Assessment Method: Step 3
4.8.4: SABSA Risk Assessment Method: Step 4
4.8.5: SABSA Risk Assessment Method: Step 5
4.9: Business Processes and their Security
4.9.1: Business Interactions
4.9.2: Business Communications
4.9.3: Business Transactions
4.10: Organization and Relationships Impacting Business Security Needs
4.11: Location Dependence
4.11.1: The Global Village Marketplace
4.11.2: Remote Working
4.12: Time Dependency
4.12.1: Time-Related Business Drivers
4.12.2: Time-Based Security
4.13: To Summarize: Contextual Security Architecture
5: Conceptual Security Architecture
5.1: Conceptual Thinking
5.2: Business Attributes Profile
5.3: Control Objectives
5.4: Security Strategies and Architectural Layering
5.4.1: Multi-Layered Security
5.4.2: Multi-Tiered Incident Handling
5.4.3: Security Infrastructure Layered Architecture
5.4.4 The Common Security Services API Architecture
5.4.5: Application Security Services Architecture
5.4.6: Placing of Security Services in the Architecture Layers
5.4.7: Security Services in the Applications Layer
5.4.8: Security Services in the Middleware Layer
5.4.8.1: Explicit Security Services
5.4.8.2: Implicit Security Services
5.4.9: Data Management Security Services
5.4.10: Security Services in the Network Layer
5.4.11: Security Services for the Information Processing Layer
5.4.12: Authentication, Authorization and Audit Strategy
5.4.13: Security Service Management Strategy
5.4.14: System Assurance Strategy
5.4.15: Directory Services Strategy
5.4.16: Directory Services Strategy: Management
5.4.17: Directory Services Strategy: Objects
5.5: Security Entity Model and Trust Framework
5.5.1: Security Entities
5.5.2: Security Entity Naming
5.5.3: Security Entity Relationships
5.5.4: Understanding and Modelling Trust
5.5.5: Protecting Trust Relationships – Trust Brokers and PKI
5.5.6: Trust Broker Models that Work
5.5.7: Extended Trust Models for PKI
5.5.8: Levels of Trust
5.6: Security Domain Model
5.6.1: Security Domains
5.6.2: Inter-Domain Relationships
5.6.3: Trust in Domains
5.6.4: Secure Interaction Between Domains
5.6.5: Security Associations
5.6.6: Logical Domains
5.6.7: Physical Domains
5.6.8: Multi-Domain Environments
5.6.9: Applying the Security Domain Concept
5.7: VPN Concept
5.7.1: Firewall Concept
5.8: Security Lifetimes and Deadlines
5.8.1: Registration Lifetimes
5.8.2: Certification Lifetimes
5.8.3: Cryptographic Key Lifetimes
5.8.4: Policy Lifetimes
5.8.5: Rule Lifetimes
5.8.6: Password Lifetimes
5.8.7: Stored Data Lifetimes
5.8.8: Data Secrecy Lifetimes
5.8.9: User Session Lifetimes
5.8.10: System Session Lifetimes
5.8.11: Response Time-Out
5.8.12: Context-Based Access Control
5.9: To Summarize: Conceptual Security Architecture
6: Logical Security Architecture
6.1: Business Information Model
6.1.1: Information Architecture
6.1.2: Static and Dynamic Information
6.2: Security Policies
6.2.1: Security Policy: A Theoretical View
6.2.2: Security Policy Architecture
6.3: Security Services
6.3.1: Common Security Services and Their Descriptions
6.4: Security Service Integration
6.4.1: Unique Naming
6.4.2: Registration
6.4.3: Public Key Certification
6.4.4: Credentials Certification
6.4.5: Directory Service
6.4.6: Directory Service Information Model
6.4.7: Directory Service Naming Model
6.4.8: Directory Service Security Model
6.4.9: Authorization Services
6.4.10: Entity Authentication
6.4.11: User Authentication
6.4.12: Communications Security Services
6.4.13: Message Origin Authentication
6.4.14: Message Integrity Protection
6.4.15: Message Replay Protection
6.4.16: Non-Repudiation
6.4.17: Traffic Confidentiality
6.5: Application and System Security Services
6.5.1: Authorization
6.5.2: Access Control
6.5.3: Audit Trails
6.5.4: Stored Data Integrity Protection
6.5.5: Stored Data Confidentiality
6.5.6: System Configuration Protection
6.5.7: Data Replication and Backup
6.5.8: Trusted Time
6.6: Security Management Services
6.6.1: Security Measurement and Metrics
6.6.2: Intrusion Detection
6.6.3: Incident Response
6.6.4: User Support
6.6.5: Disaster Recovery
6.7: Entity Schema and Privilege Profiles
6.7.1: Entity Schemas
6.7.2: Role Association
6.7.3: Authorization, Privilege Profiles and Credentials
6.7.4: Certificates and Tickets
6.8: Security Domain Definitions and Associations
6.8.1: Network Domains
6.8.2: Middleware Domains
6.8.3: Application Domains
6.8.4: Security Service Management Domains
6.8.5: Policy Interactions Between Domains
6.9: Security Processing Cycle
6.10: To Summarize: Logical Security Architecture
7: Physical Security Architecture
7.1: Business Data Model
7.1.1: File and Directory Access Control
7.1.2: File Encryption
7.1.3: Database Security
7.1.4: Security Mechanisms in SQL Databases
7.1.5: Distributed Databases
7.2: Security Rules, Practices and Procedures
7.2.1: Security Rules
7.2.2: Security Practices and Procedures
7.3: Security Mechanisms
7.3.1: Mapping Security Mechanisms to Security Services
7.3.2: Cryptographic Mechanisms and Their Uses
7.3.3: Encryption Mechanisms
7.3.4: Data Integrity Mechanisms
7.3.5: Public Key Certificates
7.3.6: Digital Signature Mechanisms
7.3.7: Cryptographic Key Management Mechanisms
7.3.8: Cryptographic Services Physical Architecture
7.3.9: Other Cryptographic Mechanisms
7.4: User and Application Security
7.5: Platform and Network Infrastructure Security
7.5.1: Resilience
7.5.2: Performance and Capacity Planning
7.5.3: Platform Security
7.5.4: Hardware Security
7.6: To Summarize: Physical Security Architecture
8: Component Security Architecture
8.1: Detailed Data Structures
8.1.1: Inter-Operability
8.1.2: ASN.1
8.1.3: Extensible Markup Language (XML)
8.1.4: Relationship between ASN.1 and XML
8.1.5: Standard Security Data Structures
8.2: Security Standards
8.2.1: International Organization for Standards (ISO)
8.2.2: International Electrotechnical Commission (IEC)
8.2.3: Internet Engineering Task Force (IETF)
8.2.4: American National Standards Institute (ANSI)
8.2.5: International Telecommunication Union (ITU)
8.2.6: Institute of Electrical and Electronics Engineers (IEEE)
8.2.7: Information Systems Audit and Control Association (ISACA)
8.2.8: Object Management Group (OMG)
8.2.9: The World Wide Web Consortium (W3C)
8.3: Security Products and Tools
8.4: Identities, Functions, Actions and ACLs
8.4.1: Web Services
8.4.2: XML Schema
8.4.3: Simple Object Access Protocol (SOAP)
8.4.4: Web Services Security and Trust
8.4.5: XML Encryption
8.4.6: XML Signature
8.4.7: SOAP Extensions: Digital Signature
8.4.8: Security Assertion Markup Language (SAML)
8.4.9: XML Benefits
8.4.10: XML Security Architecture Issues
8.5: Processes, Nodes, Addresses and Protocols
8.5.1: Protocol Stack
8.5.2: Hypertext Transfer Protocol (HTTP/S)
8.5.3: TLS
8.5.4: IPsec
8.5.5: DNSSEC
8.6: Security Step-Timing and Sequencing
8.7: To Summarize: Component Security Architecture
9: Security Policy Management
9.1: The Meaning of Security Policy
9.1.1: A Cultural View
9.1.2: Structuring the Content of a Security Policy
9.1.3: Policy Hierarchy and Architecture
9.1.4: Corporate Security Policy
9.1.5: Policy Principles
9.1.6: More About the Least-Privilege Principle
9.1.7: Information Classification
9.1.8: System Classification
9.1.9: CA and RA Security Policies
9.2: Application System Security Policies
9.3: Platform Security Policies
9.4: Network Security Policies
9.5: Other Infrastructure Security Policies
9.6: Security Organization and Responsibilities
9.7: Security Culture Development
9.8: Outsourcing Strategy and Policy Management
9.9: To Summarize
10: Security Architecture – Cisco & Microsoft
10.1: Use Case
10.2: SABSA
10.3: Contextual
10.4: Conceptual
10.5: Logical
10.6: Physical
10.7: Component
10.7.1: Cisco
10.7.2: Azure
10.8: Final Thoughts |
Like this:
Like Loading...
Discover more from Expert Training
Subscribe to get the latest posts sent to your email.
Only logged in customers who have purchased this product may leave a review.
Reviews
There are no reviews yet.