Upload File

sacon - security architecture (arnab chattopadhayay)

  • Home
  • Technology
  • SACON - Security Architecture (Arnab Chattopadhayay)
12
SACON SACON International 2017 Arnab Chattopadhyay Capgemini Senior Director India | Bangalore | November 10 – 11 | Hotel Lalit Ashok Enterprise Security Architecture

Upload: priyanka-aash

Post on 21-Jan-2018

1.159 views

Category:

Technology


1 download

Report

TRANSCRIPT

Page 1: SACON - Security Architecture (Arnab Chattopadhayay)

SACON

SACONInternational2017

ArnabChattopadhyayCapgemini

SeniorDirector

India|Bangalore|November10– 11|HotelLalit Ashok

EnterpriseSecurityArchitecture

Page 2: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

•Afieldbornabout30yearsago• Initiallytargetedtoaddresstwoproblems

• Systemcomplexity• Inadequatebusinessalignment

EnterpriseArchitecture

Page 3: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

ABriefHistoryofEnterpriseArchitecture

Zachman’s firstarticle

1987

TAFIMreleased

1994

Clinger-Cohenbillpassed

1996 1998

TAFIMretiredFEAF1.2released

1999 2002

FEAreplacesFEAFTOGAFEE8.0released

2003 2003

FEAmostlycomplete

2011

TOGAF9.1

Page 4: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

Zachman Framework

Page 5: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

• Isthepracticeofapplyingcomprehensiveandrigorousmethodsfordescribingsecurityofcurrentandfuturesystems

• Ref:Wikipedia

• Appliedtopeople,processandtechnologies• Goals

• Providestructure• Enablebusiness-to-securityalignment• EnforceTopdownapproach• Strongtraceability• Abstractcomplexconcepts• Establishcommonlinguaofinformationsecurity

EnterpriseInformationSecurityArchitecture

Page 6: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

• NISTCSF• SherwoodAppliedBusinessSecurityArchitecture(SABSA)

WellKnownEnterpriseSecurityArchitectureFramework

Page 7: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

• MethodologyforBuildingSecurityArchitecture:• Business-driven• Riskandopportunityfocused• Includessecurityservicemanagement

• Comprisedofanumberofintegratedframeworks,models,methodsandprocesses

WhatisSABSA

Page 8: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

• Comprisesofsixlayers• BasedonZachman framework/taxonomy• TheSecurityServiceManagementArchitecturehasbeenplacedverticallyacrosstheotherfivelayers

• Eachhorizontallayerismadeofaseriesofverticalcommunicationinterrogatives• What(Assets)• Why(Motivation)• How(ProcessandTechnology)• Who(People)• Where(Location)• When(Time)

WhatisSABSAContd.

Page 9: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

WhatisSABSAContd.

Page 10: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

MappingwithotherSecurityStandards

ISO 7498-1 ISO 7498-2

LogicalSecurityServices

PhysicalSecurity

Mechanisms

Contextual Architecture

Conceptual Architecture

BusinessDriven

Requirements& Strategy

SABSA Views

Logical Architecture

Physical Architecture

Component Architecture

Operational Architecture ServiceManagement

DetailedCustom

Specification

Page 11: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

SABSASnapshot

Busin

essS

trategy

Goals

Relationship

Market

Regulation

People

Materials

Finance

Production

Logistics

BAP

RiskModel

TrustModel

SecurityStrategy

ProcessDesign

Policy&LegalFramework

TechnicalDesign

LogicalSecurity

Services

Confidentiality

Identification

Registration

Certification

Directories

Authentication

Authorization

AccessControl

AuditTrail

PhysicalSecurity

Mecha

nism

Encryption

Naming

Procedures

Signatures

Databases

Passwords

ACLs

Firewalls

EventLogs

Compo

nents

TrustedBu

sinessO

peratio

ns

Prod

ucts

Tools

Page 12: SACON - Security Architecture (Arnab Chattopadhayay)

SACON 2017

ThankYou


Arnab Mukherjee - aciids.pwr.edu.pl

Hector andres sacon klinger marco teorico final

Arnab kumar de

Sacon 26 - rubriq DEF

Arnab Yang Pemalas

Sacon 22- rubriq 98

Ppointsinga dengan arnab

arnab publication

Arnab dengan kura kura

SHOCK-ABSORBING CONCRETE 2008 Nova Award ...SHOCK-ABSORBINGCONCRETE (SACON®) 2008 Nova Award Nomination SACON® Shock-AbsorbingConcrete: An innovative, foamed concrete for construction

Petani menunggu arnab

Sacon Threat Modeling Overview (Abhishek Datta)

3 Prasad SACON Cistup

Writing Practice – Alif arnab (rabbit)...Writing Practice – Alif arnab (rabbit) Vocabulary: Introduce the word “arnab” for rabbit. Tell student that arnab starts with alif

Arnab Mondal

Arnab Kumar De WorkSamples

Sacon binnen buiten1

ARNAB BEREKOR PENDEK

Arnab paul

Report By: Arnab Dasgupta arnab@dynamiclevels · 2018. 1. 16. · Page 1 Source: Company, Report By: Arnab Dasgupta – [email protected] . Page 2 Source: Company, Company Financials

Report By: Arnab Dasgupta arnab@dynamiclevels

SACON - Beyond corp (Arnab Chattopadhayay)

Sacon - IoT Forum Fresh Thinking (Arvind Tiwary + Bikash Barai)

Report By: Arnab Dasgupta arnab@dynamiclevels€¦ ·  · 2018-01-16Report By: Arnab Dasgupta – ... The Engineering Construction and Contracts Division undertakes Turnkey power

SACON - Connected cars (Aditya Kakrania)

SACON · PDF fileWelcome address by Dr. K. Sankar, ... SACON. SACON NEWS Vol.14 (1) 2 INAUGURATION OF NATIONAL ORNITHOLOGICAL DATABANK (NOD) ... Jubilee Valedictory ceremony. Contact:

SACON - API Security (Suhas Desai)

SACON Orientation

SaCon 12-rubriques def

SACON - Devops-container (Richard Bussiere)

Arnab Dan Kura-kura

Rosa sacon

SACON - Mobile App Security (Srinath Venkataramani)

SEED- Arnab

Report By: Arnab Dasgupta [email protected]/_media/bs/data/market...Report By: Arnab Dasgupta – [email protected] Page 2 Source: Company, Company