Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
7 views

Lecture 02

Security_architecture3

Uploaded by

Pradip Sarker
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views

Lecture 02

Security_architecture3

Uploaded by

Pradip Sarker
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Lecture-02

Define SECURITY ARCHITECTURE.

Security architecture refers to the comprehensive framework of principles, methods, and models
designed to keep an organization's infrastructure safe from potential risks and threats. It encompasses
the following key elements:

Security Principles: Foundational principles such as confidentiality, integrity, availability, authentication,


authorization, and non-repudiation guide the development and implementation of security measures.

Risk-Based Design: Security design addresses potential risks by conducting thorough risk assessments
and integrating appropriate mitigation measures into the architecture.

Overall System Protection: The architecture outlines the overall system required to protect the
organization's infrastructure, including network configurations, data handling mechanisms, and access
controls.

Security Controls: Implementation of a variety of security controls, including firewalls, intrusion


detection systems, encryption protocols, and multi-factor authentication mechanisms, helps mitigate
risks and protect against threats.

Policies, Procedures, and Guidelines: Clear security policies and procedures are established to provide
guidance for employees and stakeholders on acceptable use, data handling, incident response, and
access control.

Integration into System Lifecycle: Security is built into the system design, implementation, and
deployment processes, ensuring that protective measures are incorporated from the outset and
throughout the system's lifecycle.

By adhering to these principles and integrating them into the architecture, organizations can establish a
robust security framework that effectively safeguards their infrastructure against potential threats and
vulnerabilities.

Discuss Traditional Security Architecture and Defensible Security Architecture

Traditional Security Architecture:

The traditional security architecture follows the "castle and moat" model, which focuses on hardening
systems against potential risks and relies heavily on perimeter-based network security. The concept
behind this model is akin to a medieval castle surrounded by a moat – the objective is to keep intruders
out, with the assumption that everything inside the network perimeter is safe. In this approach, security
measures such as firewalls, intrusion detection systems, and access controls are primarily deployed at
the network perimeter to prevent unauthorized access from external threats. While this model has been
effective to some extent, it's increasingly inadequate in the face of evolving cyber threats and the
proliferation of remote access and cloud-based services.
Defensible Security Architecture:

In contrast, defensible security architecture is an ongoing process that emphasizes adapting security
controls and procedures based on current risks and threats. It recognizes that the traditional perimeter-
based approach is insufficient in today's dynamic threat landscape and focuses on implementing
fundamental security principles such as zero trust. Zero trust assumes that no entity, whether inside or
outside the network perimeter, should be trusted by default, and access should be granted based on
strict verification and continuous monitoring.

Defensible security architecture is about designing infrastructure and applications to be resilient under
attack. Instead of relying solely on perimeter defenses, it adopts a layered approach to security, with
controls implemented at multiple points throughout the network and application stack. This includes
measures such as encryption, multifactor authentication, network segmentation, least privilege access
controls, and continuous monitoring and incident response capabilities. By continuously assessing and
adapting security measures based on evolving threats and risks, defensible security architecture enables
organizations to better protect their assets and data in an increasingly hostile environment.

Objectives of security architecture.

The objectives of security architecture can be summarized into five key areas:

Identify: This objective focuses on understanding the system, its operations, and the context in which it
operates. It involves conducting thorough assessments to identify potential risks and vulnerabilities that
could pose a threat to the organization's security posture.

Prevent: The prevention objective aims to apply security controls to mitigate identified risks and
vulnerabilities. This involves implementing measures to harden and isolate systems, such as deploying
firewalls, intrusion detection systems, access controls, and encryption mechanisms to prevent
unauthorized access and protect sensitive data.

Detect: Continuous monitoring and logging are essential for detecting anomalies and security incidents
in real-time. This objective involves implementing monitoring tools and technologies to monitor network
traffic, system activities, and user behavior for signs of unauthorized access or malicious activity.

Respond: In the event of a security incident, the response objective focuses on initiating a rapid and
effective response. This includes promptly responding to alerts, investigating the incident, running
analysis to determine the root cause, and informing stakeholders about the impact and remediation
steps.

Recover: The recovery objective involves updating security policies, procedures, and guidelines based on
lessons learned from security incidents. It also includes restoring affected systems and data, as well as
implementing measures to prevent similar incidents in the future.

By addressing these objectives, security architecture helps organizations establish a proactive and
comprehensive approach to managing security risks and protecting their infrastructure, data, and assets
from potential threats.

You might also like