[Log In] []

Exploring the science and magic of Identity and Access Management
Thursday, October 22, 2020
 

Oracle White Paper: Information Security – A Conceptual Architecture Approach

Identity
Author: Mark Dixon
Thursday, April 14, 2011
8:31 pm
 
I just learned today about a new Oracle whitepaper entitled, “Information Security: A Conceptual Architecture Approach,” written by Paul Toal.  The paper’s basic premise is:
Information Security is a strategic approach that should be based on a solid, holistic framework encompassing all of an organization’s Information Security requirements, not just those of individual projects. The framework should be based on a reference architecture that takes into account key security principles such as ‘Defence in Depth’ and ‘Least Privileges’. By taking this approach to Information Security, organizations can ensure that the components of their Information security architecture address all business critical Information and are driven by the requirements of the business. 
The goal of the paper is stated as:
Our aim is to discuss the importance of providing an end-to-end, defence in depth enterprise-wide Information Security architecture with practical proof points, to meet both business and IT requirements for control as well as enabling the organisation to meet their desired goals.
The three major sections of the paper are:
  • Information Security Architecture Requirements
  • Information Security Conceptual Architecture
  • Validation of the Architecture

The paper addresses issues from business policy to technology enablers, effectively showing how information security can support enterprise business objectives and processes.  Thank you, Paul, for providing this excellent white paper.

 

Comments Off on Oracle White Paper: Information Security – A Conceptual Architecture Approach . Permalink . Trackback URL
 

Comments are closed.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.