ABSTRACT
This paper is an attempt to explain and understand what security architecture means and represents. A starting point was to include all elements of security architecture such as: network, host-based, applications, information, software, hardware, databases and physical elements. Any security architecture should also include principles and process laid out in this paper. Models to capture security architecture and an example are presented. Finally techniques used to capture and assess security architectures are mentioned.
- {Byfield 2005} Byfield, Bruce. "Nine principles of security architecture". November 22, 2005. http://www.linux.com/articles/49803Google Scholar
- {Cheng et al. 1998} Cheng, P.-C., Garay, J. A. and Herzberg, A. "A security architecture for the Internet Protocol". Internet Computing. Volume 37, Number 1, 1998. Google ScholarDigital Library
- {Cisco IOS} "Cisco IOS Security Architecture". White paper. http://www.cisco.com/warp/public/614/9.htmlGoogle Scholar
- {Foster et al. 1998} Foster, I., Kesselman, C., Tsudik G. and Tuecke S. "A Security Architecture for Computational Grid", Proceedings of the 5th ACM Conference on Computer and Communications Security Conference, San Francisco, California, November, 1998. Google ScholarDigital Library
- {JSA 1997} "Java Security Architecture". Sun Microsystems, Inc. 1997--2002. http://java.sun.com/j2se/1.4.2/docs/guide/security/spec/security-specTOC.fm.htmlGoogle Scholar
- {Kent and Atkinson 1998} Kent, S. and Atkinson, R. "Security Architecture for the Internet Protocol". Network Working Group. RFC 2401. November 1998. http://www.faqs.org/rfcs/rfc2401.html Google ScholarDigital Library
- {Kiely and Benzel 2006} Kiely, Laree and Benzel, Terry. "Systemic Security Management". Technical report. USC. Marshall School of Business. Commissioned by the Institute for Critical Information Infrastructure Protection (ICIIP). http://www.marshall.usc.edu/ctm/ICIIP/Events/SSM%20Final%20WP%20April%2023%202006.pdfGoogle Scholar
- {Lawlor and Vu 2003} Lawlor, B. and Vu, L. "A Survey of Techniques for Security Architecture Analysis". Technical Report. DSTO-TR-1438. 2003. http://dspace.dsto.defence.gov.au/dspace/handle/1947/4007Google Scholar
- {Moriconi et al. 1997} Moriconi, M., Xiaolei, Q., Riemenschneider, R. A., and Li, G., "Secure software architectures", Proc. IEEE Symposium on Security and Privacy, 1997, pp. 84--93. Google ScholarDigital Library
- {Peterson 2006} Peterson, Gunnar. "Security Architecture Blueprint". 2006. http://arctecgroup.net/pdf/ArctecSecurityArchitectureBlueprint.pdfGoogle Scholar
- {Pfleeger and Pfleeger 2003} Pfleeger, C. P., Pfleeger, S. L., Security In Computing. Professional Technical Reference. Prentice Hall, Upper Saddle River, NJ, 2003. Google ScholarDigital Library
- {Spencer et al. 1999} Spencer, R., Smalley, S. Loscocco, P., Hibler, M., Andersen, D. and Lepreau, J. "The Flask Security Architecture: System Support for Diverse Security Policies". in the Proceedings of The Eighth USENIX Security Symposium, August 1999, pages 123--139. Google ScholarDigital Library
- {Suess 2003} Suess, Jack. "Security architecture: computer and network security in higher education". Published by Jossey-Bass, a Wiley company. 2003. http://www.educause.edu/ir/library/pdf/pub7008j.pdfGoogle Scholar
- {Wallach et al. 1997} Wallach, D. S., Balfanz, D, Dean, D. and Felten, E. W. "Extensible security architectures for Java". In Proceedings of the Sixteenth ACM Symposium on Operating System Principles, pages 116--128, SaintMalo, France, October 1997. Google ScholarDigital Library
- {Whitman and Mattord 2003} Whitman, M. E., and Mattord, H. J. Principles of Information Security. Thomson. Course Technology. Canada 2003. Google ScholarDigital Library
- Understanding security architecture
Recommendations
Analyzing security architectures
ASE '10: Proceedings of the 25th IEEE/ACM International Conference on Automated Software EngineeringWe present a semi-automated approach, SECORIA, for analyzing a security runtime architecture for security and for conformance to an object-oriented implementation. Type-checkable annotations describe architectural intent within the code, enabling a ...
Security Architecture of Computer Communication System Based on Internet of Things
ICASIT 2020: Proceedings of the 2020 International Conference on Aviation Safety and Information TechnologyIn large-scale service collaboration environment, security and privacy protection are the main factors affecting the development of IoT service applications. The security and privacy requirements of IoT services mainly focus on three aspects: secure ...
Securing Sensor to Cloud Ecosystem using Internet of Things (IoT) Security Framework
ICC '16: Proceedings of the International Conference on Internet of things and Cloud ComputingThe Internet of things (IoT) refers to every object, which is connected over a network with the ability to transfer data. Users perceive this interaction and connection as useful in their daily life. However any improperly designed and configured ...
Comments