Security Architecture
In this section and its corresponding subsections you will find my work and materials pertaining to Security Architecture. Much like architecture in other industries such as construction - security architecture sets the stage and lays out the design of your security posture. These planning works and design documents drive directly from the high level strategy of the organization and lay out a blue print for your security operatives to deliver against. Everything starts with your chosen architecture and rolls out from there. Building a proper security architecture is the most critical portion of your security planning phase. Not only will your security architecture prepare your foundational elements, but this living set of documentation will become your roadmap and reference for maintaining consistency throughout the development of your security lifecycle and will serve as a tool for reviewing your historical approach and evolution with regards to your Security strategy.
With that in mind here is a brief overview and look at the SABSA 7 Layer Security Architecture model.
SABSA is a methodology for delivering security infrastructure solutions that support the critical facets of the Enterprise. Further, SABSA is a model for developing a risk-driven information security architecture for the organization. SABSA uses a layered, top down model hierarchy that begins with an examination of the business security posture from the primary business drivers first and foremost. There are 6 layers to the SABSA model and this brief paper will serve to identify and detail in brief those 6 layers and how they are activated in the business. SABSA is widely accepted today as the most mature and comprehensive security architecture and a firm understanding of it’s underpinnings is critical for anyone who is developing enterprise level security standards for an organization.
As stated above, the SABSA model consists of 6 layers – Identified and categorized in the matrix below:
The Business View - Contextual Security Architecture
The Architect’s View - Conceptual Security Architecture
The Designer’s View - Logical Security Architecture
The Builder’s View - Physical Security Architecture
The Tradesman’s View - Component Security Architecture
The Facilities Manager’s View - Operational Security Architecture
In order to bring context to the model, SABSA uses the same 6 questions across each of the 6 layers. Those questions are:
So, how does it work? How do these elements all link together? In practice, 5 of the six layers are stand alone and need to be developed and fleshed out as such, while the sixth layer known as the Operational Security Architecture layer is the one that spans all of the layers and is implemented for day-to-day management and maintenance of the model. In referencing the table above, you’ll see that the operational layer implements the 5 W’s/1 H in the context of day-to-day tactical application. In looking at the other 5 layers of the model, you’ll also notice that the Contextual layer deals with high level strategic elements of the business to include organizational model, relationships, geography, BPM and overall business risk modeling. At the Conceptual layer, you’ll notice that this is the layer at which application elements begin to come into play: Business Attributes Profile, Control Objectives, Security Strategies, Trust frameworks, Security Domain modeling and specific security related deadlines. As we move through the remaining 3 layers of the architecture (Logical, Physical & Component), referencing the table above, you’ll notice that each layer becomes progressively more tactical in its application until finally we reach the day-to-day implements of the model at the Operational level. The Operational level, as stated above, is the level at which the rubber meets the road and all of the layers are subsequently validated through regular operations.
In conclusion, the SABSA Architecture model consists of 6 layers, each of which has a specific role in maintaining security integrity of the organization and when implemented properly will serve as a roadmap and security model to help mitigate risk and assure compliance to a standard that has been predicated by the business and the business need. Each layer of the model plays a very specific role in maintaining integrity for the organization and each of the 36 components above need to be well thought out and vetted against the interests of the Business, then enforced through day-to-day application of the Operational Security Architecture Layer. Any compromise of any of the 36 elements above will represent a significant compromise to the organization.
With that in mind here is a brief overview and look at the SABSA 7 Layer Security Architecture model.
SABSA is a methodology for delivering security infrastructure solutions that support the critical facets of the Enterprise. Further, SABSA is a model for developing a risk-driven information security architecture for the organization. SABSA uses a layered, top down model hierarchy that begins with an examination of the business security posture from the primary business drivers first and foremost. There are 6 layers to the SABSA model and this brief paper will serve to identify and detail in brief those 6 layers and how they are activated in the business. SABSA is widely accepted today as the most mature and comprehensive security architecture and a firm understanding of it’s underpinnings is critical for anyone who is developing enterprise level security standards for an organization.
As stated above, the SABSA model consists of 6 layers – Identified and categorized in the matrix below:
The Business View - Contextual Security Architecture
The Architect’s View - Conceptual Security Architecture
The Designer’s View - Logical Security Architecture
The Builder’s View - Physical Security Architecture
The Tradesman’s View - Component Security Architecture
The Facilities Manager’s View - Operational Security Architecture
In order to bring context to the model, SABSA uses the same 6 questions across each of the 6 layers. Those questions are:
- What are you trying to do at this layer?
- Why are you doing it?
- How are you doing it?
- Who is involved?
- Where are you doing it?
- When are you doing it?
So, how does it work? How do these elements all link together? In practice, 5 of the six layers are stand alone and need to be developed and fleshed out as such, while the sixth layer known as the Operational Security Architecture layer is the one that spans all of the layers and is implemented for day-to-day management and maintenance of the model. In referencing the table above, you’ll see that the operational layer implements the 5 W’s/1 H in the context of day-to-day tactical application. In looking at the other 5 layers of the model, you’ll also notice that the Contextual layer deals with high level strategic elements of the business to include organizational model, relationships, geography, BPM and overall business risk modeling. At the Conceptual layer, you’ll notice that this is the layer at which application elements begin to come into play: Business Attributes Profile, Control Objectives, Security Strategies, Trust frameworks, Security Domain modeling and specific security related deadlines. As we move through the remaining 3 layers of the architecture (Logical, Physical & Component), referencing the table above, you’ll notice that each layer becomes progressively more tactical in its application until finally we reach the day-to-day implements of the model at the Operational level. The Operational level, as stated above, is the level at which the rubber meets the road and all of the layers are subsequently validated through regular operations.
In conclusion, the SABSA Architecture model consists of 6 layers, each of which has a specific role in maintaining security integrity of the organization and when implemented properly will serve as a roadmap and security model to help mitigate risk and assure compliance to a standard that has been predicated by the business and the business need. Each layer of the model plays a very specific role in maintaining integrity for the organization and each of the 36 components above need to be well thought out and vetted against the interests of the Business, then enforced through day-to-day application of the Operational Security Architecture Layer. Any compromise of any of the 36 elements above will represent a significant compromise to the organization.