Hossein,
My view of the world, other will have different opinions.
A security architecture is the framework under which security will be implemented and for the most part is a functional description of an organization's security policy. For example, the policy might state, "We must protect the confidentiality of our information." The architecture would say, "Data will be classified and user access limited to by Role Based access controls to only the information necessary for the user to perform their job function."
The architecture might include the generation of an access control and data classification standard that defines the roles RBAC will use and how data will be classified. The architecture is then transformed into a security design that implements the architecture on specific systems.
- Bill Stackpole, CISSP
| "Hossein Pourreza" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 03/25/01 07:38 PM
|
To: <[EMAIL PROTECTED]> cc: Subject: Security Architecture |
Hi to All,
I have some experience in firewall developing and network security and I
should prepare a report about "Information Security Architecture" but I do
not know what does it mean.
Do somebody help me about this topic?
Any help will be appreciated.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
