Chapter 13

A Blueprint for Security

Information in this Chapter

Introduction

How do you validate the design of new applications before coding even begins? Do you have a formal methodology to assess the fundamental design of third-party applications or services? The key to these issues is defining an enterprise-wide approach to security architectural risk analysis. Information security architecture is not a new concept, but it is still a relatively immature discipline with few effective models available. This chapter introduces a new model that can help organizations to tackle this kind of analysis without having to employ a team ...

Get Security Risk Management now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.