Use of the Zachman Architecture for Security Engineering
نویسنده
چکیده
A system security policy is often perceived as a set of mandatory requirements levied upon the system by an organizational directive or Information System Security Officer (ISSO). To the user, these security requirements may bear little resemblance to his actual working system security policy, which controls data modification and user privileges. In the course of reengineering business processes and information systems, the system modeling activities provide a unique opportunity: This paper presents a methodology for security policy definition using the Zachman information systems architecture as a tool. The system security policy can be extracted from the Zachman framework, providing a technique for reconciling the security policy as defined by directive with the user’s working system security requirements.
منابع مشابه
The Zachman Framework, the Owner’s Perspective & Security
The Zachman Framework is one of the oldest Enterprise Architecture Frameworks. It is a unique approach to provide a logical understanding of ever increasing size and complexities of information systems. This paper aims to introduce the Zachman framework in general. Also this paper aims to provide details about the Owner’s perspective of the Zachman Framework. This paper also address the securit...
متن کاملEnterprise Security Planning using the Zachman Framework – Builder’s Perspective
In recent years enterprise architecture (EA) has acquired recognition as playing a pivotal role in change processes. Purported benefits of having enterprise architecture include improved decision making, improved adaptability to changing demands or market conditions, elimination of inefficient and redundant processes, optimization of the use of organizational assets and effectively achieve curr...
متن کاملTowards a Conceptual Framework for Security Patterns
We introduce security patterns as the most mature domain within cyberpatterns, and outline a conceptual framework to help understand and develop good security patterns. Security patterns help us move from an improvised craft to engineering discipline because they transfer knowledge about proven solutions in an understandable and reusable format to experienced users and novices alike. Although s...
متن کاملAn analysis of the Zachman framework for enterprise architecture from the GERAM perspective
This Article presents the analysis– of the Zachman Framework for enterprise Architecture and its mapping onto the Generalised Enterprise Reference Architecture and Methodology (GERAM) framework / ISO IS15704:2000 requirements. Aspects covered concern the ability of the Zachman Framework to cover the complete scope of the GERAM meta-mode, such as life cycle / life history concepts, modelling fra...
متن کاملProviding an Enterprise Architecture Framework Model for Laboratory Information Management Systems by Service Oriented Approach
Background and Aim: Laboratories are one of the most important scientific and research centers. Laboratory information management systems provide a platform for recording the information and collaborating between researchers. The main purpose of this study was suggesting an organizational architecture model of laboratory information management systems. Materials and Methods: This study was a ...
متن کامل