For each of the assignments in the course, you will be grouped in 2-3 (depending on class size). Each member will have a specific role as follows:
- fact finding/data collection
- analysis/collecting key points
- write/presentation and /document the milestones
In the Module 4 assignment you created a logical architecture using SABSA framework as follows:
- Business Information Model (showing all functions of Information System)
- Security Policy statements (for example, policy statement about data exfiltration)
- Proposed Security Services (for example, SSO, MFA etc.)
- Entity schema and privilege profile (user classification, access type, groups etc.)
- Security domain definitions and associations (trusted domain, DMZ, front-ending web clients etc.)
- Security processing cycle (renew password, update firewall, update OS, – match security policy with security processing cycle)
Assignment Instructions:Now, you will create a Physical architecture (builder’s view) using the SABSA framework. In other words, it is the development of an enterprise security architecture that is business-driven which describes a structured inter-relationship between the technical and procedural solutions to support the long-term needs of the business. If the architecture is to be successful, then it must provide a rational framework within which decisions can be made upon the selection of security solutions. The decision criteria should be derived from a thorough understanding of the business requirements, including the following:
- The need for cost reduction
- Modularity Scalability
- Ease of component re-use
- Interoperability both internally and externally
- Integration with the enterprise IT architecture and its legacy systems
Consider your business scenario as “Enabling Business.” There are usually several business-specific requirements that influence the security strategy. These include requirements where security has an important role in generating the appropriate level of confidence to enable new ways of doing business using the latest advances in information technology, such as:
- Exploiting the global reach of the Internet;
- Using global e-mail;
- Outsourcing the operational management of networks and computer systems;
- Providing remote access to third parties;
- Developing on-line business services;
- Delivery of digital entertainment products (video, music, etc.); Improving customer service through integration of information system;
- Consistent presentation of a user interface;
- Obtaining software upgrades and system support through remote access by vendors.
- Tele-working, ‘mobile computing,’ ‘road warriors’ and the ‘virtual office.’
Deliverables Create the following components for the physical model:
- Business data model (specifying the business data model and the security-related data structures such as tables, messages, pointers, certificates, signatures, etc.).
- Security rules, practices, and procedures (specifying rules that drive logical decision-making within the system – conditions, practices, procedures, and actions).
- Security mechanisms (specifying security mechanisms – encryption/cryptography, access control, digital signatures, virus scanning, etc. and the physical applications, middleware, and servers upon which these mechanisms will be hosted).
- Users, applications, and user interface (specifying the people dependency in the form of the human interface – screen formats and user interactions – and the access control systems).
- Platform and network infrastructure (specifying security technology infrastructure in the form of the host platforms and the networks – physical layout of the hardware, software, and communications lines).
- Control structure execution (specifying the physical time management in terms of the timing and sequencing of processes and sessions – sequences, events, lifetimes, and time intervals).
Submit the assignment in a Word document including a cover/title page, and reference page, and review the rubric to ensure you are meeting all requirements.
Refer back to the slide presentation that was provided at the beginning of this module as well as Table 3: SABSA MATRIX, p.16 of the SABSA White Paper.