This book takes a pragmatic view of the field, with emphasis on enterprise security. It begins with an overview of what is an architecture and why one needs an architecture-based approach to the issue of security (Chapter 1). This is followed by a description of the typical corporate networking and computing environments; Unsecured Zones, Semi-Secure Zones, Secure Zones are examined (Chapter 2.) Existing Security Architecture Models are surveyed, leading the author to synthesize a model that is used throughout the rest of the book (Chapter 3). The remainder of the book looks at architectural constructs for various aspects of the IT environment that may be subject to security infractions. Chapter 4 looks at the physical/electromagnetic radiation control function. Chapter 5 looks at perimeters defenses, specifically credential/access verification functions. Chapter 6 examines administrative internally-connected function & privilege levels. This is follows by a discussion of the application defenses Function (Chapter 7); OS defenses functions are covered in Chapter 8. Finally Chapter 9 looks at data and data-at-rest Functions.
This text book is intended for security professionals at all levels in medium-to-large size companies. It is expected to also be useful to Enterprise Architects, vendors, auditors, and students in the IT field.
- ISBN10 0470109726
- ISBN13 9780470109724
- Publish Date 9 November 2007
- Publish Status Cancelled
- Publish Country US
- Publisher John Wiley and Sons Ltd
- Imprint Wiley-Blackwell
- Format Hardcover
- Pages 300
- Language English