Security Architecture and Design

Security Architecture is one component of a products/systems overall architecture and is developed to provide guidance during the design of the product/system. Security Architecture is the design artifacts that describe how the security controls (= security countermeasures) are positioned and how they relate to the overall systems architecture. These controls serve the purpose to maintain the system’s quality attributes such as confidentiality, integrity and availability.

A security policy is a statement that outlines how entities access each other, what operations different entities can carry out, what level of protection is required for a system or software product, and what actions should be taken when these requirements are not met.

A security model outlines the requirements necessary to properly support and implement a certain security policy.


 * 1) /Computer Systems Architecture/
 * 2) /Systems Security Architecture/
 * 3) /Security Models/
 * 4) /Security Product Evaluation Methods and Criteria/