Security Architectural Mo

Technical Security Architecture

Technical security architecture focuses on the mapping between the control architecture and the protection processes, life cycle issues, and contextual drivers, It typically defines standards for protection settings that can be implemented by technical mechanisms and identifies what is commonly called technical security policy, as opposed to enterprise policy. The interaction between other elements is the prime focus of technical security architecture but it commonly encompasses the elements of context more than any other area. These are the who, what, where, why, when, and how of the protection function. Here are some typical questions that need to be addressed.

  • Time: When can what be done with what?

  • Location: Where can who or what do what?

  • Purpose: Why can who do what with what?

  • Behavior: How does what do what?

  • Identity: Who can do what with what?

  • Method: What can be done with what by whom?

The context of use is intimately tied to protection in all forms, whether it be location limiting access or method limiting behavior, these factors play into the technical measures taken and their ability to operate effectively.

For more details and in-depth coverage of these issues, buy the Governance Guidebook.

This was first published in January 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: