JEFF HOWELL
  • Home
  • About
  • Cyber Security Fundementals
    • Threats and Vulnerabilities
    • Reference Monitor
    • Links to Additional Resources
  • Cryptography
    • Block Ciphers
    • Hash Functions
    • Message Authentication Codes (MAC's)
    • Kerberos Key Management (Single sign-on)
    • Public Key Infrastructure (PKI)
    • Links to Additional Resources
  • Secure Architecture
    • Architecture Strategy
    • Contextual Security Architecture
    • Conceptual Security Architecture
    • Logical Security Architecture
    • Physical Security Architecture
    • Component Security Architecture
    • Operations
    • Supporting Materials
  • Reference Link Library
    • Industry Websites
    • Government Resources
    • Cyber Security News
    • Certification and Training
    • Books
    • Cyber Security Tools
  • Risk Management
    • Supporting Materials
  • Operational Policy
    • Laws and Regualations
    • Data Classification
    • Policy Implementation and Enforcement
    • Supporting Materials
  • Management and Cyber Security
    • Contingency Planning
    • ROI of Cyber Security
    • Staffing Models
    • Links to Additional Resources
  • Secure Software Design and Development
    • Heartbleed Details
    • Mobile Device Vulnerabilities
    • Links to Additional Resources
  • Network Visualization and Vulnerability Detection
    • Visualizing the Network
    • Protecting the Perimeter
    • Vulnerability Detection
    • Sniffing Wireless Networks
    • Links to Additional Resources
  • Cyber Threat Intelligence
    • Links to Additional Resources
  • Incident Response and Computer Network Forensics
    • Links to Additional Resources

Conceptual Layer

The Role of the Architect

The Conceptual Security Architecture layer also known as the Architects View is the binding agent between the business requirements and the technology used to enable security. This is the "big picture" and contains a profile of the business attributes (See Figure 3 below) and the risk objectives. The architect is responsible for constructing the vision on how the overall design of the system will look and how the elements will interoperate with one another. 
This role is also responsible for establishing the design rules. In this case it will include what needs to be protected, rationale for why it needs to be protected and the overall strategies that will be employed. Interestingly, this is not strictly a static view, it includes time-phasing.  For example, expiration of deadlines of keys, certificates, passwords and sessions are included to provide further guidance at this level versus leaving this to be determined at lower levels in the SABSA model (Sherwood, 2009). This level should be consumable for anyone at any level and easily explainable. ​

Example - Conceptual Security Architecture

Figure 3 - This diagram illustrates an example of leveraging the Conceptual Layer to identify business requirements, drivers and attributes for a real estate agency.
Picture
Jeff Howell  -  San Carlos, CA  -  Privacy Statement - email Jeff
  • Home
  • About
  • Cyber Security Fundementals
    • Threats and Vulnerabilities
    • Reference Monitor
    • Links to Additional Resources
  • Cryptography
    • Block Ciphers
    • Hash Functions
    • Message Authentication Codes (MAC's)
    • Kerberos Key Management (Single sign-on)
    • Public Key Infrastructure (PKI)
    • Links to Additional Resources
  • Secure Architecture
    • Architecture Strategy
    • Contextual Security Architecture
    • Conceptual Security Architecture
    • Logical Security Architecture
    • Physical Security Architecture
    • Component Security Architecture
    • Operations
    • Supporting Materials
  • Reference Link Library
    • Industry Websites
    • Government Resources
    • Cyber Security News
    • Certification and Training
    • Books
    • Cyber Security Tools
  • Risk Management
    • Supporting Materials
  • Operational Policy
    • Laws and Regualations
    • Data Classification
    • Policy Implementation and Enforcement
    • Supporting Materials
  • Management and Cyber Security
    • Contingency Planning
    • ROI of Cyber Security
    • Staffing Models
    • Links to Additional Resources
  • Secure Software Design and Development
    • Heartbleed Details
    • Mobile Device Vulnerabilities
    • Links to Additional Resources
  • Network Visualization and Vulnerability Detection
    • Visualizing the Network
    • Protecting the Perimeter
    • Vulnerability Detection
    • Sniffing Wireless Networks
    • Links to Additional Resources
  • Cyber Threat Intelligence
    • Links to Additional Resources
  • Incident Response and Computer Network Forensics
    • Links to Additional Resources