Chapter 13

A Blueprint for Security

Information in this Chapter

Introduction

How do you validate the design of new applications before coding even begins? Do you have a formal methodology to assess the fundamental design of third-party applications or services? The key to these issues is defining an enterprise-wide approach to security architectural risk analysis. Information security architecture is not a new concept, but it is still a relatively immature discipline with few effective models available. This chapter introduces a new model that can help organizations to tackle this kind of analysis without having to employ a team ...

Get Security Risk Management now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.