Bienvenue sur Scribd !

Ignorer le carrousel

Mark+Battersby+SABSA+ +Brief+Introduction

Transféré par

zuzylove

0% ont trouvé ce document utile (1 vote)

58 vues14 pages

BBSA

Titre original

Mark%2BBattersby%2BSABSA%2B %2BBrief%2BIntroduction

Copyright

Formats disponibles

PDF, TXT ou lisez en ligne sur Scribd

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Signaler ce document

BBSA

Droits d'auteur :

Formats disponibles

Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

0% ont trouvé ce document utile (1 vote)

58 vues14 pages

Mark+Battersby+SABSA+ +Brief+Introduction

Transféré par

zuzylove

BBSA

Droits d'auteur :

Formats disponibles

Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd

Signaler comme contenu inapproprié

Passer à la page

Vous êtes sur la page 1sur 14

Rechercher à l'intérieur du document

SABSA

A Brief Introduction
Mark Battersby
2013-05-15

Agenda
SABSA Overview
SABSA Security Architecture

SABSA Security Architecture Matrix

Operational Security Architecture Matrix
SABSA Business Attributes
SABSA Strategy and Concept/Design Process

SABSA Architecture Development Process

SABSA Lifecycle

| Sector, Alliance, Offering

Insert "Title, Author, Date"
2011 Capgemini. All rights reserved.
2

SABSA Overview
The SABSA (Sherwood Applied Business Security Architecture) framework has evolved as
a "best practice" method for delivering cohesive information security solutions to
enterprises
SABSA is a six-layer model covering all four parts of the IT lifecycle: Strategy, Design,
Implementation and Management & Operations
SABSA ensures the security needs of your enterprise are met completely and that security
services are designed, delivered, and supported as an integral part of your IT Management
infrastructure
SABSA is essentially a model and methodology for developing risk-driven enterprise
information security

| Sector, Alliance, Offering

Insert "Title, Author, Date"
2011 Capgemini. All rights reserved.
3

SABSA Security Architecture

Contextual Security Architecture:
Business View: Business Risk Model
Business Process Model

Conceptual Security Architecture:

Architects View: Control Objectives
Security Strategies & Architecture
Logical Security Architecture:
Designers View: Security Policies
Security Services
Physical Security Architecture
Builders view: Security Rules, Practices, Procedures
Security Mechanisms
Component Security Architecture
Tradesmans view: Security Standards
Security Products & Tools

Operational
Security
Architecture:
Facility
Managers
View:
Operational
Risk Mgmt
Security
Service Mgmt

| Sector, Alliance, Offering

Enterprise Security Architecture Matrix

Assets
(What)

Motivation
(Why)

Process
(How)

People
(Who)

Location
(Where)

Time
(When)

Contextual

The Business

Business Risk
Model

Business Process
Model

Business
Organization and
Relationships

Business
Geography

Business Time
Dependencies

Conceptual

Business Attributes
Profile

Control Objectives

Security Strategies
and Architectural
Layering

Security Entity
Model and Trust
Framework

Security Domain
Model

Security-Related
Lifetimes and
Deadlines

Logical

Business
Information Model

Security Policies

Security Services

Entity Schema and

Privilege Profiles

Security Domain
Definitions and
Associations

Security
Processing Cycle

Physical

Business Data
Model

Security Rules,
Practices and
Procedurees

Security
Mechanisms

Users, Applications
and the User
Interface

Platform and
Network
Infrastructure

Control Structure
Execution

Component

Detailed Data
Structures

Security Standards

Security Products
and Tools

Identities,
Functions, Actions
and ACLs

Processes, Nodes,
Addresses and
Protocols

Security Step
Timing and
Sequencing

Operational

Assurance of
Operational
Continuity

Operational Risk
Management

Security Service
Management and
Support

Application and
User Management
and Support

Security of Sites,
Networks and
Platforms

Security Operations
Schedule

An IA Architecture is a consistent set of principles, policies and standards that sets the direction and vision for the development
and operation of the organisations communication and information services so that they are aligned with and support the
business needs of the organisation in an Assured way

| Sector, Alliance, Offering

SABSA Operational Security Architecture Matrix

| Sector, Alliance, Offering

SABSA Business Attributes

| Sector, Alliance, Offering

SABSA Business Attributes

| Sector, Alliance, Offering

SABSA Strategy and Concept/Design Process

| Sector, Alliance, Offering

SABSA Architecture Development Process

| Sector, Alliance, Offering

SABSA Lifecycle

Strategy &
Concept

Contextual
Conceptual

Manage &
Measure

Attributes defined
and measured

Design

Logical,
Physical,
Component,
Operational

Implement

Copyright SABSA Limited. Printed with permission

From: www.SABSA.com

| Sector, Alliance, Offering

Questions ?

| Sector, Alliance, Offering

More Information

Please contact:
Mark Battersby
email: mark.battersby@capgemini.com

| Sector, Alliance, Offering

www.se.capgemini.com

Vous aimerez peut-être aussi

Fundamentals of Ecommerce Security
Document15 pages
Fundamentals of Ecommerce Security
calmansoor
Pas encore d'évaluation
Cloud Native Security Whitepaper v2 (May 2022)
Document55 pages
Cloud Native Security Whitepaper v2 (May 2022)
Vlad Vikernes
Pas encore d'évaluation
OUR Ompany AME Ccess Ontrol Assword Olicy: (Y C N) A C & P P
Document12 pages
OUR Ompany AME Ccess Ontrol Assword Olicy: (Y C N) A C & P P
burak yesilderya
Pas encore d'évaluation
Romantis User Guide Ops Manual
Document70 pages
Romantis User Guide Ops Manual
AhmadHambali
Pas encore d'évaluation
Passwords
Document1 page
Passwords
cesarararara
Pas encore d'évaluation
Mobile Phone Cloning
Document12 pages
Mobile Phone Cloning
Naveen Kamboj
100% (1)
Privileged Account Management PDF
Document20 pages
Privileged Account Management PDF
ayalewtesfaw
Pas encore d'évaluation
Jisl@002 Jisl@001 Jisl@007 Jisl@sqc Jisl@123 Jisl@007 Sqc@1234
Document22 pages
Jisl@002 Jisl@001 Jisl@007 Jisl@sqc Jisl@123 Jisl@007 Sqc@1234
jagtap
Pas encore d'évaluation
WP An 8 Step Guide To Administering Admin Privileges
Document14 pages
WP An 8 Step Guide To Administering Admin Privileges
Feleke Afework
Pas encore d'évaluation
Get Started on Your Passwordless Journey
Document12 pages
Get Started on Your Passwordless Journey
pnorberto
Pas encore d'évaluation
History
Document964 pages
History
Riax
Pas encore d'évaluation
Common Passwords of 2016
Document1 page
Common Passwords of 2016
WXYZ-TV Channel 7 Detroit
Pas encore d'évaluation
Online Banking
Document49 pages
Online Banking
Shamsjaved
Pas encore d'évaluation
Hosts Blu
Document2 988 pages
Hosts Blu
Adnan Sulejmanovic
Pas encore d'évaluation
Abusing Active Directory Certificate Services - Certified - Pre-Owned
Document143 pages
Abusing Active Directory Certificate Services - Certified - Pre-Owned
dimos katerina
Pas encore d'évaluation
Cybersecurity Threat Model Report
Document7 pages
Cybersecurity Threat Model Report
Michael Ndegwa
Pas encore d'évaluation
System Audit Report Template
Document16 pages
System Audit Report Template
jhaverirajiv
Pas encore d'évaluation
Harnessing Blockchain As A Platform For Digital Transformation in Finance
Document10 pages
Harnessing Blockchain As A Platform For Digital Transformation in Finance
Blockchain Worx
Pas encore d'évaluation
Cheat Sheet: 10 Github Security Best Practices: WWW - Snyk.Io
Document1 page
Cheat Sheet: 10 Github Security Best Practices: WWW - Snyk.Io
lhewlett
100% (1)
Mobile Computing: Securing your workforce
D'Everand
Mobile Computing: Securing your workforce
BCS, The Chartered Institute for IT
Pas encore d'évaluation
Dokumen - Pub Computer Fundamentals and C Programming 9387886077 9789387886070
Document672 pages
Dokumen - Pub Computer Fundamentals and C Programming 9387886077 9789387886070
v_azygos
100% (1)
Threats Countermeasures PDF
Document919 pages
Threats Countermeasures PDF
Pavan Vasudevan
Pas encore d'évaluation
Exam AZ-104: Microsoft Azure Administrator - Skills Measured
Document12 pages
Exam AZ-104: Microsoft Azure Administrator - Skills Measured
Al Qanas
Pas encore d'évaluation
Credit Card Fraud Detection Using Hybrid Approach of Machine Learning
Document8 pages
Credit Card Fraud Detection Using Hybrid Approach of Machine Learning
IJRASETPublications
Pas encore d'évaluation
4 Oct Part 1 UNQ Cloud
Document14 584 pages
4 Oct Part 1 UNQ Cloud
Isam el-laymouny
Pas encore d'évaluation
55394b75ba748d792c39dd995e189041
Document574 pages
55394b75ba748d792c39dd995e189041
ikkiik509 End
Pas encore d'évaluation
Pass List
Document59 pages
Pass List
Nicolas Mota
Pas encore d'évaluation
PAM in Most Reasonable Price in India.
Document26 pages
PAM in Most Reasonable Price in India.
Iraje Software
Pas encore d'évaluation
Cybersecurity Prologue
Document44 pages
Cybersecurity Prologue
Raj Prabhu Rajendran
Pas encore d'évaluation
WordPress Process
Document30 pages
WordPress Process
robertplant22
Pas encore d'évaluation
Hik Studio
Document5 pages
Hik Studio
Wisnu Hidayat
Pas encore d'évaluation
Account
Document3 pages
Account
Bea Nicole Ardidon Macaraeg
Pas encore d'évaluation
Password
Document1 page
Password
gud2seeu
Pas encore d'évaluation
SQL Injection On Sybase: The Defensible Attacks
Document16 pages
SQL Injection On Sybase: The Defensible Attacks
Thanavit Cheevaprabhanant
Pas encore d'évaluation
Always Encrypted PDF
Document21 pages
Always Encrypted PDF
rajiv_ndpt8394
Pas encore d'évaluation
Netflix Bumber
Document6 pages
Netflix Bumber
Adel Bej
Pas encore d'évaluation
Spec: Track: Registered Event Might Have Properties Like Plan or Accounttype. Calling Track in One of Our
Document3 pages
Spec: Track: Registered Event Might Have Properties Like Plan or Accounttype. Calling Track in One of Our
fuck off f
100% (1)
Instagram Script
Document5 pages
Instagram Script
Heru Dwi Lega
Pas encore d'évaluation
Privileged Access Security Data Sheet PDF
Document2 pages
Privileged Access Security Data Sheet PDF
Da Arch
Pas encore d'évaluation
User Password List
Document9 pages
User Password List
Nuno Oliveira
Pas encore d'évaluation
Cookie List
Document13 pages
Cookie List
Andrew Shevchenko
Pas encore d'évaluation
2019 Endpoint Security Trends
Document12 pages
2019 Endpoint Security Trends
jo do
Pas encore d'évaluation
URL Directory Submission: S.No Submitted URL
Document73 pages
URL Directory Submission: S.No Submitted URL
IS tools
Pas encore d'évaluation
Passwords and Accounts
Document1 page
Passwords and Accounts
api-291040047
Pas encore d'évaluation
Circ 02
Document4 pages
Circ 02
Kausthub Krishnamurthy
Pas encore d'évaluation
TwilioElasticSIPTrunking AsteriskPBX Configuration Guide Version2 1 FINAL 09012018
Document13 pages
TwilioElasticSIPTrunking AsteriskPBX Configuration Guide Version2 1 FINAL 09012018
mohitsinghcse
Pas encore d'évaluation
SPEED-e Is A Common Internet Infrastructure That Enables The Clients To Operate
Document4 pages
SPEED-e Is A Common Internet Infrastructure That Enables The Clients To Operate
robinchintu
Pas encore d'évaluation
Ransomware Containment and Remediation Strategies
Document38 pages
Ransomware Containment and Remediation Strategies
Vaibhav Sawant
Pas encore d'évaluation
Hosts
Document1 454 pages
Hosts
cooltepa
Pas encore d'évaluation
Advance Filters
Document42 pages
Advance Filters
Carlos Hernández
Pas encore d'évaluation
Open Banking On AWS
Document4 pages
Open Banking On AWS
Duc Anh Le
Pas encore d'évaluation
Google Tokens
Document3 pages
Google Tokens
Aditya Chaudhary
Pas encore d'évaluation
Openreports-Install-Guide-1 0
Document19 pages
Openreports-Install-Guide-1 0
george
100% (2)
Webservers
Document1 page
Webservers
seeraj4uraj
Pas encore d'évaluation
Microsoft Notes Application
Document5 pages
Microsoft Notes Application
Ţîbuleac Oliviu
Pas encore d'évaluation
Active Directory and Pci
Document26 pages
Active Directory and Pci
Shahab Mirzadeh
Pas encore d'évaluation
SQL Commands: Backup Command
Document13 pages
SQL Commands: Backup Command
Sreenivasulu Reddy Sanam
Pas encore d'évaluation
SMTP Credentials from Multiple Sources
Document2 pages
SMTP Credentials from Multiple Sources
Zen Tod
Pas encore d'évaluation
Adobe Security Breach
Document8 pages
Adobe Security Breach
Gaurav Fouzdar
100% (1)
New Text Document
Document1 page
New Text Document
jitendra
Pas encore d'évaluation
Configure vpopmail for qmail
Document21 pages
Configure vpopmail for qmail
d14n4d
Pas encore d'évaluation
2019 Privileged Access Management Buyer'S Guide
Document17 pages
2019 Privileged Access Management Buyer'S Guide
Rsk Rojgar
Pas encore d'évaluation
Intrinsic Stability: How Organic Leadership Breeds Excellence
D'Everand
Intrinsic Stability: How Organic Leadership Breeds Excellence
Christopher Smith
Pas encore d'évaluation
Email Security Architecture A Clear and Concise Reference
D'Everand
Email Security Architecture A Clear and Concise Reference
Gerardus Blokdyk
Pas encore d'évaluation
Computer Networks Components and Topologies
Document88 pages
Computer Networks Components and Topologies
PURENDU PANDEY
Pas encore d'évaluation
An Efficient IoT Group Association and Data Sharing - 2023 - Cyber Security and
Document6 pages
An Efficient IoT Group Association and Data Sharing - 2023 - Cyber Security and
Roxana Stan
Pas encore d'évaluation
HP NAS DataSheet
Document4 pages
HP NAS DataSheet
VELIKHOVVE
Pas encore d'évaluation
EW-7209APg - Datasheet 1023 PDF
Document2 pages
EW-7209APg - Datasheet 1023 PDF
Pablo Andres Rojo Paz
Pas encore d'évaluation
Packetfence Nac
Document33 pages
Packetfence Nac
bigq4mayor
Pas encore d'évaluation
Instructions For 1830-185 Tcp/Ip Manual Mode To Rs-232 Converter Kit
Document2 pages
Instructions For 1830-185 Tcp/Ip Manual Mode To Rs-232 Converter Kit
Depto Sandhy
Pas encore d'évaluation
Audit of ERP Systems
Document45 pages
Audit of ERP Systems
srilakshmi
Pas encore d'évaluation
Augmented Reality For Network Management and Security
Document98 pages
Augmented Reality For Network Management and Security
Nathan Reynolds
100% (1)
OSI 7-Layer Network Architecture
Document52 pages
OSI 7-Layer Network Architecture
ram
Pas encore d'évaluation
ABB Smart Cities - Technologies For Efficient and Sustainable Cities - ABB Brochure PDF
Document12 pages
ABB Smart Cities - Technologies For Efficient and Sustainable Cities - ABB Brochure PDF
Ravi Agarwal
Pas encore d'évaluation
IOT For Industrial Automation
Document27 pages
IOT For Industrial Automation
Sreya Grandhi
Pas encore d'évaluation
Diploma in Information Technology Technical Support
Document3 pages
Diploma in Information Technology Technical Support
Ajay Bedi
100% (1)
Users Manual PDF
Document660 pages
Users Manual PDF
Chris Vince
Pas encore d'évaluation
ABB FOX Firewall AFF650 PDF
Document2 pages
ABB FOX Firewall AFF650 PDF
Oscar Mercado García
Pas encore d'évaluation
A Survey On Tor Encrypted Traffic Monitoring
Document8 pages
A Survey On Tor Encrypted Traffic Monitoring
tomas strange
Pas encore d'évaluation
DATAKOM D500 Ethernet Configuration
Document14 pages
DATAKOM D500 Ethernet Configuration
Orion Peresvit
Pas encore d'évaluation
Chartered Accountancy
Document28 pages
Chartered Accountancy
Nidhi Shrivastava
Pas encore d'évaluation
MSGuide
Document17 pages
MSGuide
jaya kumar royal
Pas encore d'évaluation
DWL-3200AP B1 Manual v2.40 PDF
Document83 pages
DWL-3200AP B1 Manual v2.40 PDF
Frank Erick Soto Huillca
Pas encore d'évaluation
GATE 2016 Question Papers For CS - S6
Document21 pages
GATE 2016 Question Papers For CS - S6
ajaymcts
Pas encore d'évaluation
HCI Exam
Document4 pages
HCI Exam
alain Fotso Negho
Pas encore d'évaluation
The Buyers Guide To Remote Machine Monitoring
Document24 pages
The Buyers Guide To Remote Machine Monitoring
suhas
Pas encore d'évaluation
Service Inspection Gateway (SIG9800) (Eng) PDF
Document8 pages
Service Inspection Gateway (SIG9800) (Eng) PDF
temp temp
Pas encore d'évaluation
B0750ap - D System Manager
Document328 pages
B0750ap - D System Manager
Sreedhar Avula
100% (1)
Question code
Document2 pages
Question code
Akash Reghu
Pas encore d'évaluation
IDS & IPS - Snort PDF
Document8 pages
IDS & IPS - Snort PDF
Sridhar P
Pas encore d'évaluation