SlideShare ist ein Scribd-Unternehmen logo

iCode Security Architecture Framework

Mohamed Ridha CHEBBI, CISSP
Mohamed Ridha CHEBBI, CISSP

Information Security Architecture Framework by iCode

1 von 12
Downloaden Sie, um offline zu lesen
Security Verified Security Architecture Framework Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved
Agenda Security Verified Introduction Approach to Develop Security Architecture Information Security Concepts Security Architecture Levels & Viewpoints Technical Viewpoint Information Viewpoint Business Viewpoint Security Architecture Framework iCode Professional Services © 2012 iCode information security All rights reserved
Introduction Security Verified There are a Number of Approaches to Develop a Security Architecture Like : 1. As a DOMAIN in the TECHNICAL ARCHITECTURE 2. As TOTALLY SEPARATE Security Architecture ViewPoint Security is Pervasive across all of Architecture impacting : - Business - Information - and Technology © 2012 iCode information security All rights reserved
Approach to Develop Security Architecture Security Verified Architecture Information Security : . Data Security Architecture Requirements Solutions & Business . Data Classification Security . Application Security Architecture Standard Architecture Security : Technology . Business Security Requirements . Security Organization Security : . Security Policy . Technology Framework Security . Process Security Requirements . Security Principles . Security Patterns . Security Services . Security Bricks © 2012 iCode information security All rights reserved
Information Security Concepts Security Verified Digital Signatures Encryption Authentication Verifies identities Confidentiality Integrity only authorized Data has not been disclosure changed Isolation Information Data Validation System Data Hashing Core Concept Resilient Designs Availability Data has not been Related Concept changed Utility Service Level Technique Usefulness Agreements of data © 2012 iCode information security All rights reserved
iCode Security Architecture Framework Security Verified Vision Security Services Framework Design Principles Requirement Templates Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
Technical Viewpoint Security Verified Vision Security Services Framework .Trust Levels .Conceptual Technology Models Design Principles .Logical Technology Models .Trust Models Requirement Templates . Technical Reference Models .Security Infrastructure Architecture .Security Services Architecture .Application Security Architecture Technical Viewpoint © 2012 iCode information security All rights reserved
Information Viewpoint Security Verified Vision Security Services Framework . Policy Framework . Information Classification Framework Design Principles . Security Information Flow Models . SLA Model Requirement Templates . Security Information Architecture . Information Classification Register . SLA’s Information Viewpoint © 2012 iCode information security All rights reserved
Business Viewpoint Security Verified Vision Security Services Framework .Process Models .Roles & Responsibi- lities Models Design Principles .Organization Models Requirement Templates .Organizational Architecture Business Viewpoint © 2012 iCode information security All rights reserved
Global Security Architecture Framework Security Verified Vision Security Services Framework .Process . Policy .Trust Levels Models Framework .Roles & . Information .Conceptual Responsibi- Classification Technology lities Models Framework Models Design Principles . Security Information .Logical Technology .Organization Flow Models Models Models . SLA Model .Trust Models Requirement Templates .Organizational . Security Information Architecture . Technical Reference Models .Security Infrastructure Architecture . Information Classification Register Architecture . SLA’s .Security Services Architecture .Application Security Architecture Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
iCode Professional Services for Tunisiana Security Verified © 2012 iCode information security All rights reserved
Security Verified Thanks Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved

Empfohlen

Security models for security architecture
Security models for security architectureSecurity models for security architecture
Security models for security architectureVladimir Jirasek
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
 
2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework 2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework Raleigh ISSA
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditBob Rhubart
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1pk4
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0Maganathin Veeraragaloo
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?rbrockway
 

Empfohlen

Security models for security architecture
Security models for security architectureSecurity models for security architecture
Security models for security architectureVladimir Jirasek
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
 
2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework 2010-02 Building Security Architecture Framework
2010-02 Building Security Architecture Framework Raleigh ISSA
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditBob Rhubart
 
Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1pk4
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0Maganathin Veeraragaloo
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?rbrockway
 
Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Apoorva Ajmani
 
Information Risk Security model and metrics
Information Risk Security model and metricsInformation Risk Security model and metrics
Information Risk Security model and metricsVladimir Jirasek
 
113505 6969-ijecs-ijens
113505 6969-ijecs-ijens113505 6969-ijecs-ijens
113505 6969-ijecs-ijensgeekmodeboy
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationSeccuris Inc.
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...DFLABS SRL
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information SecurityJohn Macasio
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...DFLABS SRL
 
Outlook emerging security_technology_trends
Outlook emerging security_technology_trendsOutlook emerging security_technology_trends
Outlook emerging security_technology_trendswardell henley
 
Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Oscar Ferreira
 
Sw keynote
Sw keynoteSw keynote
Sw keynotegueste69f645
 
Know more about exin unique information security program
Know more about exin unique information security programKnow more about exin unique information security program
Know more about exin unique information security programElke Couto Morgado
 
Pdf7
Pdf7Pdf7
Pdf7Editor IJARCET
 
IT Security & Governance Template
IT Security & Governance TemplateIT Security & Governance Template
IT Security & Governance TemplateFlevy.com Best Practices
 
Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the EnterpriseADGP, Public Grivences, Bangalore
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Security architecture analyses brief 21 april 2015
Security architecture analyses brief 21 april 2015Security architecture analyses brief 21 april 2015
Security architecture analyses brief 21 april 2015Bill Ross
 
IANS-2008
IANS-2008IANS-2008
IANS-2008Bob Radvanovsky
 
" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "Bill Ross
 
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaInformation Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaNew Horizons Bulgaria
 
Power point ratih 9e ee
Power point ratih 9e eePower point ratih 9e ee
Power point ratih 9e eeratihiragardaniia
 

Weitere ähnliche Inhalte

Was ist angesagt?

Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Apoorva Ajmani
 
Information Risk Security model and metrics
Information Risk Security model and metricsInformation Risk Security model and metrics
Information Risk Security model and metricsVladimir Jirasek
 
113505 6969-ijecs-ijens
113505 6969-ijecs-ijens113505 6969-ijecs-ijens
113505 6969-ijecs-ijensgeekmodeboy
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationSeccuris Inc.
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...DFLABS SRL
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information SecurityJohn Macasio
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...DFLABS SRL
 
Outlook emerging security_technology_trends
Outlook emerging security_technology_trendsOutlook emerging security_technology_trends
Outlook emerging security_technology_trendswardell henley
 
Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Oscar Ferreira
 
Know more about exin unique information security program
Know more about exin unique information security programKnow more about exin unique information security program
Know more about exin unique information security programElke Couto Morgado
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Security architecture analyses brief 21 april 2015
Security architecture analyses brief 21 april 2015Security architecture analyses brief 21 april 2015
Security architecture analyses brief 21 april 2015Bill Ross
 
" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "Bill Ross
 

Was ist angesagt? (20)

Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206
 
Information Risk Security model and metrics
Information Risk Security model and metricsInformation Risk Security model and metrics
Information Risk Security model and metrics
 
113505 6969-ijecs-ijens
113505 6969-ijecs-ijens113505 6969-ijecs-ijens
113505 6969-ijecs-ijens
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your Organziation
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig information
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information Security
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
 
Outlook emerging security_technology_trends
Outlook emerging security_technology_trendsOutlook emerging security_technology_trends
Outlook emerging security_technology_trends
 
Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
 
Know more about exin unique information security program
Know more about exin unique information security programKnow more about exin unique information security program
Know more about exin unique information security program
 
Pdf7
Pdf7Pdf7
Pdf7
 
IT Security & Governance Template
IT Security & Governance TemplateIT Security & Governance Template
IT Security & Governance Template
 
Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the Enterprise
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
 
Security architecture analyses brief 21 april 2015
Security architecture analyses brief 21 april 2015Security architecture analyses brief 21 april 2015
Security architecture analyses brief 21 april 2015
 
IANS-2008
IANS-2008IANS-2008
IANS-2008
 
" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "
 

Andere mochten auch

Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaInformation Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaNew Horizons Bulgaria
 
Dasar keselamatan ict_ukas
Dasar keselamatan ict_ukasDasar keselamatan ict_ukas
Dasar keselamatan ict_ukasSyaliza Razak
 
SmartUnity Building Automation System
SmartUnity Building Automation SystemSmartUnity Building Automation System
SmartUnity Building Automation SystemVitaly Fedorov
 
Building Automation: The scope for energy and CO2 savings
Building Automation: The scope for energy and CO2 savingsBuilding Automation: The scope for energy and CO2 savings
Building Automation: The scope for energy and CO2 savingsLeonardo ENERGY
 
Isu dan cabaran dunia
Isu dan cabaran duniaIsu dan cabaran dunia
Isu dan cabaran duniaAidil Syazwan
 
Internet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptationInternet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptationJosef Noll
 
20170201 RILHEVA RENEWABLES IoT PLATFORM
20170201 RILHEVA RENEWABLES IoT PLATFORM20170201 RILHEVA RENEWABLES IoT PLATFORM
20170201 RILHEVA RENEWABLES IoT PLATFORMMassimiliano Cravedi
 
iot building automation
iot building automationiot building automation
iot building automationOur Point
 
Business Values for IoT Solutions
Business Values for IoT SolutionsBusiness Values for IoT Solutions
Business Values for IoT SolutionsIBM Analytics
 
Why and-how-to-choose-an-iot-platforms-201701
Why and-how-to-choose-an-iot-platforms-201701Why and-how-to-choose-an-iot-platforms-201701
Why and-how-to-choose-an-iot-platforms-201701Omar Nawaz
 
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...McKenney's Inc
 
InduSoft Building Automation and Energy Management Webinar
InduSoft Building Automation and Energy Management WebinarInduSoft Building Automation and Energy Management Webinar
InduSoft Building Automation and Energy Management WebinarAVEVA
 
Bpp 602 security and safety addministration
Bpp 602 security and safety addministrationBpp 602 security and safety addministration
Bpp 602 security and safety addministrationKamizatul Liyana
 
20170101 RILHEVA HVAC IOT PLATFORM
20170101 RILHEVA HVAC IOT PLATFORM20170101 RILHEVA HVAC IOT PLATFORM
20170101 RILHEVA HVAC IOT PLATFORMMassimiliano Cravedi
 

Andere mochten auch (18)

Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaInformation Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons Bulgaria
 
Power point ratih 9e ee
Power point ratih 9e eePower point ratih 9e ee
Power point ratih 9e ee
 
Dasar keselamatan ict_ukas
Dasar keselamatan ict_ukasDasar keselamatan ict_ukas
Dasar keselamatan ict_ukas
 
SmartUnity Building Automation System
SmartUnity Building Automation SystemSmartUnity Building Automation System
SmartUnity Building Automation System
 
Building Automation: The scope for energy and CO2 savings
Building Automation: The scope for energy and CO2 savingsBuilding Automation: The scope for energy and CO2 savings
Building Automation: The scope for energy and CO2 savings
 
Isu dan cabaran dunia
Isu dan cabaran duniaIsu dan cabaran dunia
Isu dan cabaran dunia
 
Internet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptationInternet of Things in Scandinavia - society and ecosystem for early adaptation
Internet of Things in Scandinavia - society and ecosystem for early adaptation
 
20170201 RILHEVA RENEWABLES IoT PLATFORM
20170201 RILHEVA RENEWABLES IoT PLATFORM20170201 RILHEVA RENEWABLES IoT PLATFORM
20170201 RILHEVA RENEWABLES IoT PLATFORM
 
iot building automation
iot building automationiot building automation
iot building automation
 
Strategic Management Unit I&II
Strategic Management Unit I&IIStrategic Management Unit I&II
Strategic Management Unit I&II
 
Business Values for IoT Solutions
Business Values for IoT SolutionsBusiness Values for IoT Solutions
Business Values for IoT Solutions
 
Iot data analytics
Iot data analyticsIot data analytics
Iot data analytics
 
Why and-how-to-choose-an-iot-platforms-201701
Why and-how-to-choose-an-iot-platforms-201701Why and-how-to-choose-an-iot-platforms-201701
Why and-how-to-choose-an-iot-platforms-201701
 
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...
 
InduSoft Building Automation and Energy Management Webinar
InduSoft Building Automation and Energy Management WebinarInduSoft Building Automation and Energy Management Webinar
InduSoft Building Automation and Energy Management Webinar
 
Bpp 602 security and safety addministration
Bpp 602 security and safety addministrationBpp 602 security and safety addministration
Bpp 602 security and safety addministration
 
20170101 RILHEVA HVAC IOT PLATFORM
20170101 RILHEVA HVAC IOT PLATFORM20170101 RILHEVA HVAC IOT PLATFORM
20170101 RILHEVA HVAC IOT PLATFORM
 
2014 pt3 21_sejarah
2014 pt3 21_sejarah2014 pt3 21_sejarah
2014 pt3 21_sejarah
 

Ähnlich wie iCode Security Architecture Framework

2012 10 cloud security architecture
2012 10 cloud security architecture2012 10 cloud security architecture
2012 10 cloud security architectureVladimir Jirasek
 
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft Private Cloud
 
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, GiuxIBMSSA
 
IDBI Intech - Information security consulting
IDBI Intech - Information security consultingIDBI Intech - Information security consulting
IDBI Intech - Information security consultingIDBI Intech
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011IBM Sverige
 
Hacktive Security - IT Security Services
Hacktive Security - IT Security ServicesHacktive Security - IT Security Services
Hacktive Security - IT Security ServicesFrancesco Mormile
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesCarlo Pelliccioni, CISSP
 
Software Plus Services Customer Deck[1]
Software Plus Services Customer Deck[1]Software Plus Services Customer Deck[1]
Software Plus Services Customer Deck[1]ISS
 
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...IBM Sverige
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 
E-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real WorldE-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real WorldChris Byrne
 
Isc2conferancepremay15final
Isc2conferancepremay15finalIsc2conferancepremay15final
Isc2conferancepremay15finalMahmoud Moustafa
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
Future Focus Infotech
Future Focus InfotechFuture Focus Infotech
Future Focus InfotechLyf Ffi
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 

Ähnlich wie iCode Security Architecture Framework (20)

2012 10 cloud security architecture
2012 10 cloud security architecture2012 10 cloud security architecture
2012 10 cloud security architecture
 
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
 
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
 
IDBI Intech - Information security consulting
IDBI Intech - Information security consultingIDBI Intech - Information security consulting
IDBI Intech - Information security consulting
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
 
VSD Infotech
VSD InfotechVSD Infotech
VSD Infotech
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
 
Hacktive Security - IT Security Services
Hacktive Security - IT Security ServicesHacktive Security - IT Security Services
Hacktive Security - IT Security Services
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking Services
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Software Plus Services Customer Deck[1]
Software Plus Services Customer Deck[1]Software Plus Services Customer Deck[1]
Software Plus Services Customer Deck[1]
 
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 
E-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real WorldE-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real World
 
Isc2conferancepremay15final
Isc2conferancepremay15finalIsc2conferancepremay15final
Isc2conferancepremay15final
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
 
Future Focus Infotech
Future Focus InfotechFuture Focus Infotech
Future Focus Infotech
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
FFI PPT
FFI PPT FFI PPT
FFI PPT
 

iCode Security Architecture Framework

  • 1. Security Verified Security Architecture Framework Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved
  • 2. Agenda Security Verified Introduction Approach to Develop Security Architecture Information Security Concepts Security Architecture Levels & Viewpoints Technical Viewpoint Information Viewpoint Business Viewpoint Security Architecture Framework iCode Professional Services © 2012 iCode information security All rights reserved
  • 3. Introduction Security Verified There are a Number of Approaches to Develop a Security Architecture Like : 1. As a DOMAIN in the TECHNICAL ARCHITECTURE 2. As TOTALLY SEPARATE Security Architecture ViewPoint Security is Pervasive across all of Architecture impacting : - Business - Information - and Technology © 2012 iCode information security All rights reserved
  • 4. Approach to Develop Security Architecture Security Verified Architecture Information Security : . Data Security Architecture Requirements Solutions & Business . Data Classification Security . Application Security Architecture Standard Architecture Security : Technology . Business Security Requirements . Security Organization Security : . Security Policy . Technology Framework Security . Process Security Requirements . Security Principles . Security Patterns . Security Services . Security Bricks © 2012 iCode information security All rights reserved
  • 5. Information Security Concepts Security Verified Digital Signatures Encryption Authentication Verifies identities Confidentiality Integrity only authorized Data has not been disclosure changed Isolation Information Data Validation System Data Hashing Core Concept Resilient Designs Availability Data has not been Related Concept changed Utility Service Level Technique Usefulness Agreements of data © 2012 iCode information security All rights reserved
  • 6. iCode Security Architecture Framework Security Verified Vision Security Services Framework Design Principles Requirement Templates Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
  • 7. Technical Viewpoint Security Verified Vision Security Services Framework .Trust Levels .Conceptual Technology Models Design Principles .Logical Technology Models .Trust Models Requirement Templates . Technical Reference Models .Security Infrastructure Architecture .Security Services Architecture .Application Security Architecture Technical Viewpoint © 2012 iCode information security All rights reserved
  • 8. Information Viewpoint Security Verified Vision Security Services Framework . Policy Framework . Information Classification Framework Design Principles . Security Information Flow Models . SLA Model Requirement Templates . Security Information Architecture . Information Classification Register . SLA’s Information Viewpoint © 2012 iCode information security All rights reserved
  • 9. Business Viewpoint Security Verified Vision Security Services Framework .Process Models .Roles & Responsibi- lities Models Design Principles .Organization Models Requirement Templates .Organizational Architecture Business Viewpoint © 2012 iCode information security All rights reserved
  • 10. Global Security Architecture Framework Security Verified Vision Security Services Framework .Process . Policy .Trust Levels Models Framework .Roles & . Information .Conceptual Responsibi- Classification Technology lities Models Framework Models Design Principles . Security Information .Logical Technology .Organization Flow Models Models Models . SLA Model .Trust Models Requirement Templates .Organizational . Security Information Architecture . Technical Reference Models .Security Infrastructure Architecture . Information Classification Register Architecture . SLA’s .Security Services Architecture .Application Security Architecture Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
  • 11. iCode Professional Services for Tunisiana Security Verified © 2012 iCode information security All rights reserved
  • 12. Security Verified Thanks Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved