Security architecture
It is proposed that this article be deleted because of the following concern:
If you can address this concern by improving, copyediting, sourcing, renaming, or merging the page, please edit this page and do so. You may remove this message if you improve the article or otherwise object to deletion for any reason. Although not required, you are encouraged to explain why you object to the deletion, either in your edit summary or on the talk page. If this template is removed, do not replace it. This message has remained in place for seven days, so the article may be deleted without further notice. Find sources: "Security architecture" – news · newspapers · books · scholar · JSTOR Nominator: Please consider notifying the author/project: {{subst:proposed deletion notify|Security architecture|concern=It is an essay}} ~~~~Timestamp: 20120524101039 10:10, 24 May 2012 (UTC) Administrators: delete |
 | The article's lead section may need to be rewritten. (September 2009) |
 |
 | Template:Wikify is deprecated. Please use a more specific cleanup template as listed in the documentation. |
Security provided by IT Systems can be defined as the IT system’s ability to be able to protect confidentiality and integrity of processed data, as well as to be able to provide availability of the system and data.
“IT Architecture” may be defined as a set of design artifacts, that are relevant for describing an object such that it can be produced to requirements (quality) as well as maintained over the period of its useful life (change). The design artifact describe the structure of components, their inter-relationships, and the principles and guidelines governing their design and evolution over time.
Consequently the definition of “IT Security Architecture” may be considered as:
The design artifacts that describe how the security controls (= security countermeasures) are positioned and how they relate to the overall IT Architecture. These controls serve the purpose to maintain the system’s quality attributes, among them confidentiality, integrity and availability.
Security qualities are often considered as Non-functional requirements when systems are designed. In other words they are not required for the system to meet its functional goals such as processing financial transactions, but are needed for a given level of assurance that the system will perform to meet the functional requirements that have been defined.
In recent years there has been a trend towards a hierarchy of control objectives, controls and specific technical implementations of controls, which are implemented within a given security architecture in order to meet the security requirements.
See also
References
http://www.opensecurityarchitecture.org/cms/definitions/it-security-architecture