Database Reference
In-Depth Information
Table 16-1.
SABSA Security Architecture Framework vocabulary
Assets
(WHAT)
Motivation
(WHY)
Process
(HOW)
People
(WHO)
Location
(WHERE)
Time
(WHEN)
Contextual
The business
Business risk
model
Business process
model
Business organization
relationships
Business
geography
Business time
dependencies
Conceptual
Business attributes
profile
Control objectives
Security strategies
and architectural
layering
Security entity model
and trust framework
Security domain
model
Security-related
lifetime and
deadlines
Logical
Business
information model
Security policies
Security services
Entity schema and
privilege profiles
Security domain
definitions and
associations
Security processing
cycle
Physical
Business data
model
Security rules,
practices, and
procedures
Security
mechanisms
Users, applications,
and user interface
Platform
and network
infrastructure
Control structure
execution
Component
Detailed data
structures
Security standards
Security products
and tools
Identities, functions,
actions, and ACLs
Processes, nodes,
addresses, and
protocols
Security step timing
and sequencing
Operational
Assurance of
operational
continuity
Operational risk
management
Security service
management and
support
Application and user
management and
support
Security of sites
and platforms
Security operations
schedule
