Mohamed Ridha CHEBBI, CISSP, profile picture
Uploaded byMohamed Ridha CHEBBI, CISSP
PPTX, PDF2,904 views

iCode Security Architecture Framework

The document presents iCode's security architecture framework. The framework has three viewpoints: business, information, and technical. It uses a top-down approach with a global security vision and framework that defines security services, design principles, and requirement templates. These are then applied to each of the three viewpoints to develop models addressing things like processes, policies, information flows, and technical security components. The framework is designed to develop comprehensive and aligned security architectures.

Related topics:
security-architecture

Embed presentation

Downloaded 110 times
Security Verified Security Architecture Framework Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved
Agenda Security Verified Introduction Approach to Develop Security Architecture Information Security Concepts Security Architecture Levels & Viewpoints Technical Viewpoint Information Viewpoint Business Viewpoint Security Architecture Framework iCode Professional Services © 2012 iCode information security All rights reserved
Introduction Security Verified There are a Number of Approaches to Develop a Security Architecture Like : 1. As a DOMAIN in the TECHNICAL ARCHITECTURE 2. As TOTALLY SEPARATE Security Architecture ViewPoint Security is Pervasive across all of Architecture impacting : - Business - Information - and Technology © 2012 iCode information security All rights reserved
Approach to Develop Security Architecture Security Verified Architecture Information Security : . Data Security Architecture Requirements Solutions & Business . Data Classification Security . Application Security Architecture Standard Architecture Security : Technology . Business Security Requirements . Security Organization Security : . Security Policy . Technology Framework Security . Process Security Requirements . Security Principles . Security Patterns . Security Services . Security Bricks © 2012 iCode information security All rights reserved
Information Security Concepts Security Verified Digital Signatures Encryption Authentication Verifies identities Confidentiality Integrity only authorized Data has not been disclosure changed Isolation Information Data Validation System Data Hashing Core Concept Resilient Designs Availability Data has not been Related Concept changed Utility Service Level Technique Usefulness Agreements of data © 2012 iCode information security All rights reserved
iCode Security Architecture Framework Security Verified Vision Security Services Framework Design Principles Requirement Templates Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
Technical Viewpoint Security Verified Vision Security Services Framework .Trust Levels .Conceptual Technology Models Design Principles .Logical Technology Models .Trust Models Requirement Templates . Technical Reference Models .Security Infrastructure Architecture .Security Services Architecture .Application Security Architecture Technical Viewpoint © 2012 iCode information security All rights reserved
Information Viewpoint Security Verified Vision Security Services Framework . Policy Framework . Information Classification Framework Design Principles . Security Information Flow Models . SLA Model Requirement Templates . Security Information Architecture . Information Classification Register . SLA’s Information Viewpoint © 2012 iCode information security All rights reserved
Business Viewpoint Security Verified Vision Security Services Framework .Process Models .Roles & Responsibi- lities Models Design Principles .Organization Models Requirement Templates .Organizational Architecture Business Viewpoint © 2012 iCode information security All rights reserved
Global Security Architecture Framework Security Verified Vision Security Services Framework .Process . Policy .Trust Levels Models Framework .Roles & . Information .Conceptual Responsibi- Classification Technology lities Models Framework Models Design Principles . Security Information .Logical Technology .Organization Flow Models Models Models . SLA Model .Trust Models Requirement Templates .Organizational . Security Information Architecture . Technical Reference Models .Security Infrastructure Architecture . Information Classification Register Architecture . SLA’s .Security Services Architecture .Application Security Architecture Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
iCode Professional Services for Tunisiana Security Verified © 2012 iCode information security All rights reserved
Security Verified Thanks Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved

More Related Content

PPTX
OWASP Top 10 2021 Presentation (Jul 2022)
byTzahiArabov
 
PDF
Penetration Testing Guide
byBadawy Abd El-Aziz
 
PPT
Introduction To OWASP
byMarco Morana
 
PPTX
WTF is Penetration Testing v.2
byScott Sutherland
 
PPT
Virtualization security
byn|u - The Open Security Community
 
PPTX
Cloud computing and data security
byMohammed Fazuluddin
 
PDF
Threat Intelligence
byDeepak Kumar (D3)
 
PPTX
Chapter 12
byAli Broumandnia
 
OWASP Top 10 2021 Presentation (Jul 2022)
byTzahiArabov
 
Penetration Testing Guide
byBadawy Abd El-Aziz
 
Introduction To OWASP
byMarco Morana
 
WTF is Penetration Testing v.2
byScott Sutherland
 
Virtualization security
byn|u - The Open Security Community
 
Cloud computing and data security
byMohammed Fazuluddin
 
Threat Intelligence
byDeepak Kumar (D3)
 
Chapter 12
byAli Broumandnia
 

What's hot

PPTX
I hunt sys admins 2.0
byWill Schroeder
 
PPTX
Vulnerabilities in modern web applications
byNiyas Nazar
 
PPT
Web Application Security
byAbdul Wahid
 
PPT
Backup And Recovery
byWynthorpe
 
PDF
The FIVE Phases of Ethical Hacking | How Hackers Gain Control?
byRajashakher Intha
 
PDF
5 Different Phases of Ethical Hacking
byINDIAN INSTITUTE OF ETHICAL HACKING & TECHNOLOGY
 
PDF
Penetration testing & Ethical Hacking
byS.E. CTS CERT-GOV-MD
 
PPTX
DDoS ATTACKS
byAnil Antony
 
PPTX
Malware Classification and Analysis
byPrashant Chopra
 
PPT
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
PDF
Local File Inclusion to Remote Code Execution
byn|u - The Open Security Community
 
ODP
Web Application Firewall
byChandrapal Badshah
 
PPT
Software security
byRoman Oliynykov
 
PPTX
Zero Trust Model
byYash
 
PPTX
Types of attacks in cyber security
byBansari Shah
 
PPTX
Abusing Microsoft Kerberos - Sorry you guys don't get it
byBenjamin Delpy
 
PDF
Software Security
byRoman Oliynykov
 
PDF
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
byFlorian Roth
 
PDF
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
PPTX
Cyber Threat Intelligence.pptx
byAbimbolaFisher1
 
I hunt sys admins 2.0
byWill Schroeder
 
Vulnerabilities in modern web applications
byNiyas Nazar
 
Web Application Security
byAbdul Wahid
 
Backup And Recovery
byWynthorpe
 
The FIVE Phases of Ethical Hacking | How Hackers Gain Control?
byRajashakher Intha
 
5 Different Phases of Ethical Hacking
byINDIAN INSTITUTE OF ETHICAL HACKING & TECHNOLOGY
 
Penetration testing & Ethical Hacking
byS.E. CTS CERT-GOV-MD
 
DDoS ATTACKS
byAnil Antony
 
Malware Classification and Analysis
byPrashant Chopra
 
Introduction to Web Application Penetration Testing
byAnurag Srivastava
 
Local File Inclusion to Remote Code Execution
byn|u - The Open Security Community
 
Web Application Firewall
byChandrapal Badshah
 
Software security
byRoman Oliynykov
 
Zero Trust Model
byYash
 
Types of attacks in cyber security
byBansari Shah
 
Abusing Microsoft Kerberos - Sorry you guys don't get it
byBenjamin Delpy
 
Software Security
byRoman Oliynykov
 
Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021
byFlorian Roth
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
byEdureka!
 
Cyber Threat Intelligence.pptx
byAbimbolaFisher1
 

Viewers also liked

PPTX
Information Security Fundamentals - New Horizons Bulgaria
byNew Horizons Bulgaria
 
PPTX
Power point ratih 9e ee
byratihiragardaniia
 
PDF
Dasar keselamatan ict_ukas
bySyaliza Razak
 
PPTX
SmartUnity Building Automation System
byVitaly Fedorov
 
PPTX
Building Automation: The scope for energy and CO2 savings
byLeonardo ENERGY
 
PPT
Isu dan cabaran dunia
byAidil Syazwan
 
PDF
Internet of Things in Scandinavia - society and ecosystem for early adaptation
byJosef Noll
 
PDF
20170201 RILHEVA RENEWABLES IoT PLATFORM
byMassimiliano Cravedi
 
PPTX
iot building automation
byOur Point
 
PPTX
Strategic Management Unit I&II
byCarmel EM High School Chebrole
 
PDF
Business Values for IoT Solutions
byIBM Analytics
 
PPTX
Iot data analytics
byUnmesh Ballal
 
PDF
Why and-how-to-choose-an-iot-platforms-201701
byOmar Nawaz
 
PPTX
Does Anyone Remember Enterprise Security Architecture?
byrbrockway
 
PPT
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...
byMcKenney's Inc
 
PPTX
InduSoft Building Automation and Energy Management Webinar
byAVEVA
 
PPTX
Bpp 602 security and safety addministration
byKamizatul Liyana
 
PDF
20170101 RILHEVA HVAC IOT PLATFORM
byMassimiliano Cravedi
 
PDF
2014 pt3 21_sejarah
bySarvess Peace
 
Information Security Fundamentals - New Horizons Bulgaria
byNew Horizons Bulgaria
 
Power point ratih 9e ee
byratihiragardaniia
 
Dasar keselamatan ict_ukas
bySyaliza Razak
 
SmartUnity Building Automation System
byVitaly Fedorov
 
Building Automation: The scope for energy and CO2 savings
byLeonardo ENERGY
 
Isu dan cabaran dunia
byAidil Syazwan
 
Internet of Things in Scandinavia - society and ecosystem for early adaptation
byJosef Noll
 
20170201 RILHEVA RENEWABLES IoT PLATFORM
byMassimiliano Cravedi
 
iot building automation
byOur Point
 
Strategic Management Unit I&II
byCarmel EM High School Chebrole
 
Business Values for IoT Solutions
byIBM Analytics
 
Iot data analytics
byUnmesh Ballal
 
Why and-how-to-choose-an-iot-platforms-201701
byOmar Nawaz
 
Does Anyone Remember Enterprise Security Architecture?
byrbrockway
 
Building Automation and Control Systems - Atlanta, Georgia, North Carolina, F...
byMcKenney's Inc
 
InduSoft Building Automation and Energy Management Webinar
byAVEVA
 
Bpp 602 security and safety addministration
byKamizatul Liyana
 
20170101 RILHEVA HVAC IOT PLATFORM
byMassimiliano Cravedi
 
2014 pt3 21_sejarah
bySarvess Peace
 

Similar to iCode Security Architecture Framework

PDF
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
byIBMSSA
 
PDF
Cloud Security
byHi-Tech College
 
PDF
My PC Mistook Me For A Hat
bygopikurup
 
PDF
HTLV - DSS @Vilnius 2010
byAndris Soroka
 
PDF
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
byCraig Martin
 
PDF
Day 3 p2 - security
byLilian Schaffer
 
PDF
Day 3 p2 - security
byLilian Schaffer
 
PPTX
HDFC_Grp4_iiimc
byAshish Anand
 
PDF
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
byIBM Sverige
 
PDF
ccmigration_09186a008033a3b4
byguest66dc5f
 
PDF
Summit 2011 trends in information security
byShahar Geiger Maor
 
PDF
Pci Req
byNamrata Arora
 
PDF
Apollo Infoways Profile
byRavi Prakash
 
PDF
Security Patterns How To Make Security Arch Easy To Consume
byJeff Johnson
 
PPSX
3 Telecom+Network Part1
byAlfred Ouyang
 
PDF
Security Awareness Training
byDaniel P Wallace
 
PDF
Information systems security(1)
bySandeep Agarwal
 
PDF
Secure Enterprise Cloud
byIndu Kodukula
 
PPT
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
byArrow ECS UK
 
PPTX
Sådan undgår du misbrug af kundedata og fortrolig information
byIBM Danmark
 
[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux
byIBMSSA
 
Cloud Security
byHi-Tech College
 
My PC Mistook Me For A Hat
bygopikurup
 
HTLV - DSS @Vilnius 2010
byAndris Soroka
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
byCraig Martin
 
Day 3 p2 - security
byLilian Schaffer
 
Day 3 p2 - security
byLilian Schaffer
 
HDFC_Grp4_iiimc
byAshish Anand
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
byIBM Sverige
 
ccmigration_09186a008033a3b4
byguest66dc5f
 
Summit 2011 trends in information security
byShahar Geiger Maor
 
Pci Req
byNamrata Arora
 
Apollo Infoways Profile
byRavi Prakash
 
Security Patterns How To Make Security Arch Easy To Consume
byJeff Johnson
 
3 Telecom+Network Part1
byAlfred Ouyang
 
Security Awareness Training
byDaniel P Wallace
 
Information systems security(1)
bySandeep Agarwal
 
Secure Enterprise Cloud
byIndu Kodukula
 
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
byArrow ECS UK
 
Sådan undgår du misbrug af kundedata og fortrolig information
byIBM Danmark
 

iCode Security Architecture Framework

  • 1.
    Security Verified Security Architecture Framework Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved
  • 2.
    Agenda Security Verified Introduction Approach to Develop Security Architecture Information Security Concepts Security Architecture Levels & Viewpoints Technical Viewpoint Information Viewpoint Business Viewpoint Security Architecture Framework iCode Professional Services © 2012 iCode information security All rights reserved
  • 3.
    Introduction Security Verified There are a Number of Approaches to Develop a Security Architecture Like : 1. As a DOMAIN in the TECHNICAL ARCHITECTURE 2. As TOTALLY SEPARATE Security Architecture ViewPoint Security is Pervasive across all of Architecture impacting : - Business - Information - and Technology © 2012 iCode information security All rights reserved
  • 4.
    Approach to DevelopSecurity Architecture Security Verified Architecture Information Security : . Data Security Architecture Requirements Solutions & Business . Data Classification Security . Application Security Architecture Standard Architecture Security : Technology . Business Security Requirements . Security Organization Security : . Security Policy . Technology Framework Security . Process Security Requirements . Security Principles . Security Patterns . Security Services . Security Bricks © 2012 iCode information security All rights reserved
  • 5.
    Information Security Concepts Security Verified Digital Signatures Encryption Authentication Verifies identities Confidentiality Integrity only authorized Data has not been disclosure changed Isolation Information Data Validation System Data Hashing Core Concept Resilient Designs Availability Data has not been Related Concept changed Utility Service Level Technique Usefulness Agreements of data © 2012 iCode information security All rights reserved
  • 6.
    iCode Security ArchitectureFramework Security Verified Vision Security Services Framework Design Principles Requirement Templates Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
  • 7.
    Technical Viewpoint Security Verified Vision Security Services Framework .Trust Levels .Conceptual Technology Models Design Principles .Logical Technology Models .Trust Models Requirement Templates . Technical Reference Models .Security Infrastructure Architecture .Security Services Architecture .Application Security Architecture Technical Viewpoint © 2012 iCode information security All rights reserved
  • 8.
    Information Viewpoint Security Verified Vision Security Services Framework . Policy Framework . Information Classification Framework Design Principles . Security Information Flow Models . SLA Model Requirement Templates . Security Information Architecture . Information Classification Register . SLA’s Information Viewpoint © 2012 iCode information security All rights reserved
  • 9.
    Business Viewpoint Security Verified Vision Security Services Framework .Process Models .Roles & Responsibi- lities Models Design Principles .Organization Models Requirement Templates .Organizational Architecture Business Viewpoint © 2012 iCode information security All rights reserved
  • 10.
    Global Security ArchitectureFramework Security Verified Vision Security Services Framework .Process . Policy .Trust Levels Models Framework .Roles & . Information .Conceptual Responsibi- Classification Technology lities Models Framework Models Design Principles . Security Information .Logical Technology .Organization Flow Models Models Models . SLA Model .Trust Models Requirement Templates .Organizational . Security Information Architecture . Technical Reference Models .Security Infrastructure Architecture . Information Classification Register Architecture . SLA’s .Security Services Architecture .Application Security Architecture Business Information Technical Viewpoint Viewpoint Viewpoint © 2012 iCode information security All rights reserved
  • 11.
    iCode Professional Servicesfor Tunisiana Security Verified © 2012 iCode information security All rights reserved
  • 12.
    Security Verified Thanks Mohamed Ridha Chebbi, CISSP iCode InfoSec – CEO & Head of PS ridha.chebbi@icodesecurity.com © 2012 iCode information security All rights reserved