[Log In] []

Exploring the science and magic of Identity and Access Management
Wednesday, October 21, 2020

#YJJ Architecture: Enabling my Yellow Jeep Journey

Yellow Jeep Journey, YJJ Architecture
Author: Mark Dixon
Friday, March 7, 2014
4:47 pm

YJJArchitecture

I have decide to use the term YJJ Architecture when I refer to the technology architecture that converges Identity, IoT, Mobile, Social and Cloud technologies to enable the Yellow Jeep Journey.

In keeping with well established Enterprise Architecture practices, the technology architecture should be an enabler for overall business objectives, not just a science experiment.  In the YJJ Architecture case, I may be stretching that definition a bit, because in a way, may objective for the YJJ Architecture is to create a rolling laboratory to test out great technology!

Roll on Yellow Jeep Journey!

Comments Off on #YJJ Architecture: Enabling my Yellow Jeep Journey . Permalink . Trackback URL
WordPress Tags:
 

Source Doc: Oracle Reference Architecture – Security

Enterprise Architecture, Identity, Information Security
Author: Mark Dixon
Tuesday, December 20, 2011
10:10 am

The Oracle outward-facing website is a virtual cornucopia of valuable information.  Unfortunately, I often just stumble onto valuable gems of knowledge instead of discovering them in an organized fashion.  Today was such a case.  Quite by accident, I found an excellent overview of Information Security issues in “Information Security, A Conceptual Architectural Approach.”  It provides, in an easy-reading 25 pages, a good overview of information security principles and approaches to addressing them.

This document referenced a larger treatise, the Oracle Reference Architecture – Security, which dives more deeply into information security issues and solutions.  In about 130 pages, this reference architecture document provides an excellent treatment of the basic principles of information security and recommended approaches to mitigate security risk.  The introduction aptly states:

Information is the lifeblood of every organization. If this Information is compromised there can be a wide range of consequences ranging from damage to a company’s reputation through to financial penalties such as regulatory fines and cost of remediation. …

Information Security is a strategic approach that should be based on a solid, holistic framework encompassing all of an organization’s Information Security requirements, not just those of individual projects. …

By taking this approach to Information Security, organizations can ensure that the components of their Information security architecture address all business critical Information and are driven by the requirements of the business.

The document is organized as follows:

  1. Introduction to Information Security
  2. Security Concepts and Capabilities
  3. Common Security Standards
  4. Conceptual Architecture View
  5. Logical View
  6. Product Mapping View
  7. Deployment View
  8. Summary
I hope you will find this to be a useful reference.
Comments Off on Source Doc: Oracle Reference Architecture – Security . Permalink . Trackback URL
 

Oracle White Paper: Information Security – A Conceptual Architecture Approach

Identity
Author: Mark Dixon
Thursday, April 14, 2011
8:31 pm
 
I just learned today about a new Oracle whitepaper entitled, “Information Security: A Conceptual Architecture Approach,” written by Paul Toal.  The paper’s basic premise is:
Information Security is a strategic approach that should be based on a solid, holistic framework encompassing all of an organization’s Information Security requirements, not just those of individual projects. The framework should be based on a reference architecture that takes into account key security principles such as ‘Defence in Depth’ and ‘Least Privileges’. By taking this approach to Information Security, organizations can ensure that the components of their Information security architecture address all business critical Information and are driven by the requirements of the business. 
The goal of the paper is stated as:
Our aim is to discuss the importance of providing an end-to-end, defence in depth enterprise-wide Information Security architecture with practical proof points, to meet both business and IT requirements for control as well as enabling the organisation to meet their desired goals.
The three major sections of the paper are:
  • Information Security Architecture Requirements
  • Information Security Conceptual Architecture
  • Validation of the Architecture

The paper addresses issues from business policy to technology enablers, effectively showing how information security can support enterprise business objectives and processes.  Thank you, Paul, for providing this excellent white paper.

 

Comments Off on Oracle White Paper: Information Security – A Conceptual Architecture Approach . Permalink . Trackback URL
 
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.