skip to main content
10.5555/1400549.1400596acmconferencesArticle/Chapter ViewAbstractPublication PagesspringsimConference Proceedingsconference-collections
research-article

Understanding security architecture

Published: 14 April 2008 Publication History

Abstract

This paper is an attempt to explain and understand what security architecture means and represents. A starting point was to include all elements of security architecture such as: network, host-based, applications, information, software, hardware, databases and physical elements. Any security architecture should also include principles and process laid out in this paper. Models to capture security architecture and an example are presented. Finally techniques used to capture and assess security architectures are mentioned.

References

[1]
{Byfield 2005} Byfield, Bruce. "Nine principles of security architecture". November 22, 2005. http://www.linux.com/articles/49803
[2]
{Cheng et al. 1998} Cheng, P.-C., Garay, J. A. and Herzberg, A. "A security architecture for the Internet Protocol". Internet Computing. Volume 37, Number 1, 1998.
[3]
{Cisco IOS} "Cisco IOS Security Architecture". White paper. http://www.cisco.com/warp/public/614/9.html
[4]
{Foster et al. 1998} Foster, I., Kesselman, C., Tsudik G. and Tuecke S. "A Security Architecture for Computational Grid", Proceedings of the 5th ACM Conference on Computer and Communications Security Conference, San Francisco, California, November, 1998.
[5]
{JSA 1997} "Java Security Architecture". Sun Microsystems, Inc. 1997--2002. http://java.sun.com/j2se/1.4.2/docs/guide/security/spec/security-specTOC.fm.html
[6]
{Kent and Atkinson 1998} Kent, S. and Atkinson, R. "Security Architecture for the Internet Protocol". Network Working Group. RFC 2401. November 1998. http://www.faqs.org/rfcs/rfc2401.html
[7]
{Kiely and Benzel 2006} Kiely, Laree and Benzel, Terry. "Systemic Security Management". Technical report. USC. Marshall School of Business. Commissioned by the Institute for Critical Information Infrastructure Protection (ICIIP). http://www.marshall.usc.edu/ctm/ICIIP/Events/SSM%20Final%20WP%20April%2023%202006.pdf
[8]
{Lawlor and Vu 2003} Lawlor, B. and Vu, L. "A Survey of Techniques for Security Architecture Analysis". Technical Report. DSTO-TR-1438. 2003. http://dspace.dsto.defence.gov.au/dspace/handle/1947/4007
[9]
{Moriconi et al. 1997} Moriconi, M., Xiaolei, Q., Riemenschneider, R. A., and Li, G., "Secure software architectures", Proc. IEEE Symposium on Security and Privacy, 1997, pp. 84--93.
[10]
{Peterson 2006} Peterson, Gunnar. "Security Architecture Blueprint". 2006. http://arctecgroup.net/pdf/ArctecSecurityArchitectureBlueprint.pdf
[11]
{Pfleeger and Pfleeger 2003} Pfleeger, C. P., Pfleeger, S. L., Security In Computing. Professional Technical Reference. Prentice Hall, Upper Saddle River, NJ, 2003.
[12]
{Spencer et al. 1999} Spencer, R., Smalley, S. Loscocco, P., Hibler, M., Andersen, D. and Lepreau, J. "The Flask Security Architecture: System Support for Diverse Security Policies". in the Proceedings of The Eighth USENIX Security Symposium, August 1999, pages 123--139.
[13]
{Suess 2003} Suess, Jack. "Security architecture: computer and network security in higher education". Published by Jossey-Bass, a Wiley company. 2003. http://www.educause.edu/ir/library/pdf/pub7008j.pdf
[14]
{Wallach et al. 1997} Wallach, D. S., Balfanz, D, Dean, D. and Felten, E. W. "Extensible security architectures for Java". In Proceedings of the Sixteenth ACM Symposium on Operating System Principles, pages 116--128, SaintMalo, France, October 1997.
[15]
{Whitman and Mattord 2003} Whitman, M. E., and Mattord, H. J. Principles of Information Security. Thomson. Course Technology. Canada 2003.

Cited By

View all
  • (2010)Information assurance modeling using the Department of Defense architecture frameworkProceedings of the 2010 Spring Simulation Multiconference10.1145/1878537.1878717(1-8)Online publication date: 11-Apr-2010
  • (2009)Suggested improvements to the DoDAF for modeling architectural securityProceedings of the 2009 Spring Simulation Multiconference10.5555/1639809.1639864(1-9)Online publication date: 22-Mar-2009

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SpringSim '08: Proceedings of the 2008 Spring simulation multiconference
April 2008
880 pages
ISBN:1565553195

Sponsors

Publisher

Society for Computer Simulation International

San Diego, CA, United States

Publication History

Published: 14 April 2008

Check for updates

Author Tags

  1. policy
  2. security architecture
  3. security attacks
  4. security threats

Qualifiers

  • Research-article

Conference

SCS SSM'08
Sponsor:
SCS SSM'08: Spring Simulation Multiconference
April 14 - 17, 2008
Ottawa, Canada

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)8
  • Downloads (Last 6 weeks)2
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2010)Information assurance modeling using the Department of Defense architecture frameworkProceedings of the 2010 Spring Simulation Multiconference10.1145/1878537.1878717(1-8)Online publication date: 11-Apr-2010
  • (2009)Suggested improvements to the DoDAF for modeling architectural securityProceedings of the 2009 Spring Simulation Multiconference10.5555/1639809.1639864(1-9)Online publication date: 22-Mar-2009

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media