Use of the Zachman Architecture for Security Engineering

نویسنده

  • Ronda R. Henning
چکیده

A system security policy is often perceived as a set of mandatory requirements levied upon the system by an organizational directive or Information System Security Officer (ISSO). To the user, these security requirements may bear little resemblance to his actual working system security policy, which controls data modification and user privileges. In the course of reengineering business processes and information systems, the system modeling activities provide a unique opportunity: This paper presents a methodology for security policy definition using the Zachman information systems architecture as a tool. The system security policy can be extracted from the Zachman framework, providing a technique for reconciling the security policy as defined by directive with the user’s working system security requirements.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The Zachman Framework, the Owner’s Perspective & Security

The Zachman Framework is one of the oldest Enterprise Architecture Frameworks. It is a unique approach to provide a logical understanding of ever increasing size and complexities of information systems. This paper aims to introduce the Zachman framework in general. Also this paper aims to provide details about the Owner’s perspective of the Zachman Framework. This paper also address the securit...

متن کامل

Enterprise Security Planning using the Zachman Framework – Builder’s Perspective

In recent years enterprise architecture (EA) has acquired recognition as playing a pivotal role in change processes. Purported benefits of having enterprise architecture include improved decision making, improved adaptability to changing demands or market conditions, elimination of inefficient and redundant processes, optimization of the use of organizational assets and effectively achieve curr...

متن کامل

Towards a Conceptual Framework for Security Patterns

We introduce security patterns as the most mature domain within cyberpatterns, and outline a conceptual framework to help understand and develop good security patterns. Security patterns help us move from an improvised craft to engineering discipline because they transfer knowledge about proven solutions in an understandable and reusable format to experienced users and novices alike. Although s...

متن کامل

An analysis of the Zachman framework for enterprise architecture from the GERAM perspective

This Article presents the analysis– of the Zachman Framework for enterprise Architecture and its mapping onto the Generalised Enterprise Reference Architecture and Methodology (GERAM) framework / ISO IS15704:2000 requirements. Aspects covered concern the ability of the Zachman Framework to cover the complete scope of the GERAM meta-mode, such as life cycle / life history concepts, modelling fra...

متن کامل

Providing an Enterprise Architecture Framework Model for Laboratory Information Management Systems by Service Oriented Approach

Background and Aim: Laboratories are one of the most important scientific and research centers. Laboratory information management systems provide a platform for recording the information and collaborating between researchers. The main purpose of this study was suggesting an organizational architecture model of laboratory information management systems.  Materials and Methods: This study was a ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1996