Security Architecture

Security Architecture

Security provided by IT Systems can be defined as the IT system’s ability to being able to protect confidentiality and integrity of processed data, as well as to be able to provide availability of the system and data.

“IT Architecture” may be defined as a set of design artifacts, that are relevant for describing an object such that it can be produced to requirements (quality) as well as maintained over the period of its useful life (change). The design artifact describe the structure of components, their inter-relationships, and the principles and guidelines governing their design and evolution over time.

Consequently the definition of “IT Security Architecture” may be considered as:

The design artefacts that describe how the security controls (= security countermeasures) are positioned and how they relate to the overall IT Architecture. These controls serve the purpose to maintain the system’s quality attributes, among them confidentiality, integrity and availability.

Security qualities are often considered as "non-functional" requirements when systems are designed. In other words they are not required for the system to meet it's functional goals such as processing financial transactions, but are needed for a given level of assurance that the system will perform to meet the functional requirements that have been defined.

In recent years there has been a trend towards a hierarchy of control objectives, controls and specific technical implementations of controls, which are implemented within a given security architecture in order to meet the security requirements.

No comments: