Security Architecture & Design Flashcards
Architecture
A high-level perspective of how business requirements are to be structures and aligned with technology and processes in a comprehensive and manageable way.
Best practice
A well-recognized and accepted approach to designing, developing, managing/ monitoring, and enhancing processes: often codified into a standard.
Cache
The very fast memory directly on the CPU chip body. It is not upgradeable.
Central Processing Unit (CPU)
The heartbeat of a system. It controls primary processing, interaction with peripheral devices, organization of memory, and control over networking operations.
Closed systems
Proprietary interfaces. Many older systems used proprietary interfaces, and implementations were customized for a specific application’s environments. Interoperability was sacrificed to achieve uniqueness and obscurity, an illusion that security through obscurity works.
Confidentiality
Limiting information access and disclosure to authorized users.
Dedicated systems
Single level of processing permitted. In military applications, this often means that the system was only used for a single purpose (i.e. firing a weapon) and only personnel holding the designated security clearance are granted access to the system.
Embedded systems
A single purpose computer built into a device and typically programmed to perform a dedicated function.
Enterprise Security Architecture (ESA)
Includes all areas of security for an organization: leadership, strategy, organizational structure, planning, design, implementation, and operations.
Firmware
Software that is permanently (or semi-permanently) embedded in hardware and typically provides low-level services and/or control of hardware.
Framework
A defined approach to the process used to achieve the goals of an architecture, based on policy, and reflecting the requirements and expectations of the various stakeholders.
Infrastructure
The integrated building blocks that support the goals of the architecture.
Information-flow model
Tracks the movement of information from one object to another so that movement of sensitive data to an unprotected area will be identified. A covert channel is the release of information in violation of security policy. The Information-Flow Model specifically addresses the issue of covert channel analysis; no other model addresses this.
Information Security Architecture (ISA)
Another term from the ISO/IEC 27002. High-level description of how security requirements are structured.
Information Security Management System (ISMS)
Sets a standard for addressing security throughout the development, deployment, and implementation schedule.