SABSA A Brief Introduction

Similar documents
Enterprise Security Architecture

An Analysis of The SABSA Framework. Note: Most of this information comes from the SABSA website. TJS. SABSA Overview

Enterprise Architectures (EA) & Security

Security Architecture and Design from a Business/Enterprise Driven Viewpoint

ArchiMate and TOGAF. What is the added value?

1.0 Background and Problem Statement

Enterprise Security Architecture for Cyber Security. M.M.Veeraragaloo 5 th September 2013

Data Integration Using Universal Data Models and Effective Human Dynamics. Presented by Len Silverston, Universal Data Models, LLC

Developing the Corporate Security Architecture. Alex Woda July 22, 2009

Enterprise Security Architecture

RUP Design. Purpose of Analysis & Design. Analysis & Design Workflow. Define Candidate Architecture. Create Initial Architecture Sketch

MITA Information Architecture. May 8, 2006

COPYRIGHTED MATERIAL. Contents. Acknowledgments Introduction

Independent Insight for Service Oriented Practice. An SOA Roadmap. John C. Butler Chief Architect. A CBDI Partner Company.

Federal Enterprise Architecture and Service-Oriented Architecture

Developing an Architectural Framework towards achieving Cyber Resiliency. Presented by Deepak Singh

Approach to Information Security Architecture. Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera

Background: Business Value of Enterprise Architecture TOGAF Architectures and the Business Services Architecture

Chap 1. Introduction to Software Architecture

Managing the Services Lifecycle SOA & BPM

Re-Design an Operational Database Author: Sovan Sinha (Business Intelligence Architect) May 4 th, 2009

Enterprise Architecture Assessment Guide

Master Data Management Architecture

Oracle BI 10g: Analytics Overview

Business-Driven Software Engineering Lecture 3 Foundations of Processes

Practitioner Certificate in Information Assurance Architecture (PCiIAA)

Model Driven Business Architecture. Pete Rivett CTO, Adaptive

High-level Workshop on Modernization of Official Statistics. Common Statistical Production Architecture

Building Reference Security Architecture

Open Group SOA Governance. San Diego 2009

Architecture Definitions

POLAR IT SERVICES. Business Intelligence Project Methodology

Medicaid Information Technology Architecture (MITA) Overview Compiled from MITA Framework 2.0 documents issued by CMS - March 2006

Copyright 2013 wolfssl Inc. All rights reserved. 2

Repository-Centric Enterprise Architecture

Defining a Secure Mobile Framework Architecture at DHA

Der Mythos vom Re-Use

Objects and Object Relations Around Business Modelling and Business Architecture. Professor Mark von Rosing

Software Life-Cycle Management

Exadata in the Retail Sector

Cisco and VMware Virtualization Planning and Design Service

Applying 4+1 View Architecture with UML 2. White Paper

CAREER TRACKS PHASE 1 UCSD Information Technology Family Function and Job Function Summary

The ITIL v.3. Foundation Examination

Using SOA to Enhance Notifications. Rajas Kirtane 8/11/2014

Solutions. An introduction to the science & art of system architecture engineering

Automating the process of building. with BPM Systems

Guy Tozer, Doriq Associates DG Conference Europe 2009

Standard of the Camera & Imaging Products Association. White Paper. of CIPA DC Picture Transfer Protocol over TCP/IP networks

System Architecture Review Glossary

The Role of the Software Architect

Queensland recordkeeping metadata standard and guideline

Security Architecture Principles A Brief Introduction. Mark Battersby , Oslo

Customer Bank Account Management System Technical Specification Document

Technical Layer (Technical Interoperability) Information Layer (Information Interoperability. Business Layer (Business Process Interoperability)

Modellistica Medica. Maria Grazia Pia, INFN Genova. Scuola di Specializzazione in Fisica Sanitaria Genova Anno Accademico

What an Architect Needs to Know

Visual Paradigm product adoption roadmap

Conceptual Model for Enterprise Governance. Walter L Wilson

Service Oriented Architecture Based Integration. Mike Rosen CTO, AZORA Technologies, Inc.

SOA + BPM = Agile Integrated Tax Systems. Hemant Sharma CTO, State and Local Government

ITIL V3 differences from V2

Concept of Operations for Line of Business Initiatives

Exposing Data as a Service in the Army Enterprise

ITIL Service Lifecycles and the Project Manager

Business Security Architecture: Weaving Information Security into Your Organization's Enterprise Architecture through SABSA

The Role of Cisco SONA in Enterprise Architecture Frameworks and Strategies

CAPABILITY MATURITY MODEL & ASSESSMENT

Integration of Information Assurance (IA) into DoDAF Architectures. Annual Computer Security Applications Conference (ACSAC 04) 8 December 2004

Business Capability Model A Starting Point for Enterprise Architecture

Evolv Technology & Support Delivers Platform Updates & Customer Support Insights

A Simple Enterprise Security Architecture (SESA): Towards a Pedagogic Architecture for Teaching Cyber Security

G-Cloud III Services Service Definition Accenture Cloud Security Services

WHITE PAPER DATA GOVERNANCE ENTERPRISE MODEL MANAGEMENT

LDAP Authentication Configuration Appendix

Guiding SOA Evolution through Governance From SOA 101 to Virtualization to Cloud Computing

Cloud Data Management Interface (CDMI) The Cloud Storage Standard. Mark Carlson, SNIA TC and Oracle Chair, SNIA Cloud Storage TWG

OPERATIONAL DATA STORE

Charles Betz Enterprise Architect & Author

The role of IT in business-led Data Governance. by First San Francisco Partners

IT 3202 Internet Working (New)

Job Description. Job Title Branch Business Group Reporting to Location. Purpose. Key Tasks

Increasing Development Knowledge with EPFC

Competency Approach to Human Resource Management

MASTER OF SOFTWARE ENGINEERING DEGREE TRACKS 1. WEB DEVELOPMENT/JAVA:

Data Governance and CA ERwin Active Model Templates

Enabling Data Quality

SOA CERTIFIED CONSULTANT

Enterprise Architecture 101. (Includes numerous samples/ templates produced using TOGAF methodology) Shail Sood

The Tropos and MaSE Agent-Oriented Software Engineering Methodologies. Msury Mahunnah, Tallinn University of Technology

Enterprise Security Architecture Concepts and Practice

ELCA Forum 2014 An architecture for building successful Omni-channel IT systems

Transcription:

SABSA A Brief Introduction Mark Battersby 2013-05-15

Agenda SABSA Overview SABSA Security Architecture SABSA Security Architecture Matrix Operational Security Architecture Matrix SABSA Business Attributes SABSA Strategy and Concept/Design Process SABSA Architecture Development Process SABSA Lifecycle 2011 Capgemini. All rights reserved. 2

SABSA Overview The SABSA (Sherwood Applied Business Security Architecture) framework has evolved as a "best practice" method for delivering cohesive information security solutions to enterprises SABSA is a six-layer model covering all four parts of the IT lifecycle: Strategy, Design, Implementation and Management & Operations SABSA ensures the security needs of your enterprise are met completely and that security services are designed, delivered, and supported as an integral part of your IT Management infrastructure SABSA is essentially a model and methodology for developing risk-driven enterprise information security 2011 Capgemini. All rights reserved. 3

SABSA Security Architecture Contextual Security Architecture: Business View: Business Risk Model Business Process Model Conceptual Security Architecture: Architects View: Control Objectives Security Strategies & Architecture Logical Security Architecture: Designers View: Security Policies Security Services Physical Security Architecture Builder s view: Security Rules, Practices, Procedures Security Mechanisms Component Security Architecture Tradesman s view: Security Standards Security Products & Tools Operational Security Architecture: Facility Manager s View: Operational Risk Mgmt Security Service Mgmt 2011 Capgemini. All rights reserved.

Enterprise Security Architecture Matrix Assets (What) Motivation (Why) Process (How) People (Who) Location (Where) Time (When) Contextual The Business Business Risk Model Business Process Model Business Organization and Relationships Business Geography Business Time Dependencies Conceptual Business Attributes Profile Control Objectives Security Strategies and Architectural Layering Security Entity Model and Trust Framework Security Domain Model Security-Related Lifetimes and Deadlines Logical Business Information Model Security Policies Security Services Entity Schema and Privilege Profiles Security Domain Definitions and Associations Security Processing Cycle Physical Business Data Model Security Rules, Practices and Procedurees Security Mechanisms Users, Applications and the User Interface Platform and Network Infrastructure Control Structure Execution Component Detailed Data Structures Security Standards Security Products and Tools Identities, Functions, Actions and ACLs Processes, Nodes, Addresses and Protocols Security Step Timing and Sequencing Operational Assurance of Operational Continuity Operational Risk Management Security Service Management and Support Application and User Management and Support Security of Sites, Networks and Platforms Security Operations Schedule An IA Architecture is a consistent set of principles, policies and standards that sets the direction and vision for the development and operation of the organisation s communication and information services so that they are aligned with and support the business needs of the organisation in an Assured way 2011 Capgemini. All rights reserved. 5

SABSA Operational Security Architecture Matrix 2011 Capgemini. All rights reserved. 6

SABSA Business Attributes 2011 Capgemini. All rights reserved. 7

SABSA Business Attributes 2011 Capgemini. All rights reserved. 8

SABSA Strategy and Concept/Design Process 2011 Capgemini. All rights reserved. 9

SABSA Architecture Development Process 2011 Capgemini. All rights reserved. 10

SABSA Lifecycle Strategy & Concept Contextual Conceptual Manage & Measure Design Logical, Physical, Component, Operational Attributes defined and measured Implement Copyright SABSA Limited. Printed with permission From: www.sabsa.com 2011 Capgemini. All rights reserved.

Questions? 2011 Capgemini. All rights reserved. 12

More Information Please contact: Mark Battersby email: mark.battersby@capgemini.com 2011 Capgemini. All rights reserved. 13

www.se.capgemini.com The information contained in this presentation is proprietary. 2011 Capgemini. All rights reserved

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information