Security Architectures

Nicole Graf, University of Cooprative Education, Germany

Dominic Kneeshaw, Independent Consultant, Germany

Introduction

Security Criteria

Risk Analysis

Security Policy

Threats to IT Security

Spread of Computer Infection

Human Factor

Technological Vulnerabilities

Extraordinary and Catastrophic Events

All-Embracing Role of Security

Strategy

Management

Infrastructure

User Authentication

Fallback of the Data Network

Software

Software for Desktop PCs and Notebooks

Software for Servers

Hardware

New Technologies

Securing the Wireless LAN

Access Control

Evolution of IT Platforms

Firewalls, the First Line of Defense

Intrusion Detection

Protection of Remote Access Services (RAS)

Emergency Precautions

Backup of Local Hard Drives

Data Center Requirements

Mirrored Data Centers

Summary

Glossary

Cross References

References

Further Reading

INTRODUCTION

Webster's New Encyclopedic Dictionary (1994) describes the word architecture as the “art or science of designing and building habitable structures.” In its broadest sense, this meaning can also be applied to security architectures. The individual steps in the development of security architectures in an IT environment can be identified as follows:

  • define the system's purpose in the context of an organization's business process,
  • design technical structures and specifications,
  • develop functional systems,
  • deploy a tested and approved system,
  • periodically audit the system, and
  • continually improve the system.

This approach provides ...

Get Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.