SlideShare une entreprise Scribd logo

Architecture and Security Match

Willem Kossen
Willem Kossen

My slides for the Security Conference, fall 2010 by NLUUG in the Netherlands. Subject: IT architecture and IT Security, a match made in heaven

Technologie
1  sur  48
<presentatie>
Ir. Willem J. Kossen Informatiebeveiliging en ICT-Architectuur, een 'match made in heaven’
<Today> • About @wkossen • The Statement • Some Reasoning • Some Discussion • Don’t hesitate to tweet… </Today>
---1---
@wkossen
http://willemkossen.nl/b http://linkedin.com/in/willemkossen http://twitter.com/wkossen http://stamstruik.nl http://insecten.org http://gazzary.nl … http://wkossen.myopenid.com
http://www.mxi.nl
---2---
Architecture? • Definition anyone?
• A set of design artifacts, that are relevant for describing an object such that it can be produced to requirements (quality) as well as maintained over the period of its useful life (change). The design artifact describe the structure of components, their inter- relationships, and the principles and guidelines governing their design and evolution over time. • Source: http://www.opensecurityarchitecture.org
Buildings • IT Architecture <> Building Architecture • FAIL
• Diagram of stiffness of a simple square beam (A) and universal beam (B). The universal beam flange sections are three times further apart than the solid beam's upper and lower halves. The second moment of inertia of the universal beam is nine times that of the square beam of equal cross section (universal beam web ignored for simplification)
VS.
Security • Definition anyone?
• Security betekent dat de architect eerst moet inloggen voor hij wat mag zeggen…
Some sites attempt to use firewalls to solve their network security problems. Unfortunately, firewalls assume that "the bad guys" are on the outside, which is often a very bad assumption (MIT)
• Proper Diskette Care and Usage • (1) Never leave diskettes in the drive, as the data can leak out of the disk and corrode the inner mechanics of the drive. Diskettes should be rolled up and stored in pencil holders. • (9) Periodically spray diskettes with insecticide to prevent system bugs from spreading..... • (13) Diskettes become "hard" with age. It's important to back up your "hard" disks before they become too brittle to use. • http://www.monster-island.org/tinashumor/humor/diskcare.html
• Security provided by IT Systems can be defined as the IT system’s ability to being able to protect confidentiality and integrity of processed data, provide availability of the system and data, accountability for transactions processed, and assurance that the system will continue to perform to its design goals • Source: http://www.opensecurityarchitecture.org
NEN 7510 ISO/IEC 17799
Defining • Tends to be hard • No-one agrees • Multi-interpretable • Inconsistent • Vague • Non conclusive • Impractical • …
What can we do? • Make lists • Talk by example • Roll-Your-Own !!! • Use what works • Just choose • …
So much in common • About Real life – Physical, information, behaviour, procedures, tech, etc • Business critical • Descriptive and normative • Quality oriented • Needs awareness • Tend to make things a bit harder and costly  • Take thought, balance and nuance • …
Architecture is:
Relation
What I Do… Samen Veilig Open Architectuur
IT Security Architecture • The design artifacts that describe how the security controls (= security countermeasures) are positioned, and how they relate to the overall IT Architecture. These controls serve the purpose to maintain the system’s quality attributes, among them confidentiality, integrity, availability, accountability and assurance. • Source: http://www.opensecurityarchitecture.org
---3---
Match Made in Heaven?
• Architecture focuses on coherence, principles, standards and buildingblocks, • Security applies aspects of those to real life
• Architecture and Security are interdependent. The one without the other doesn’t make sense
• If separated, security remains limited to Ad-Hoc conjuring up measures aimed at risk reduction and generally towards technocracy. That tends to not help the organisation.
• Applying IT Security should be aimed at providing the best experience for the user or client with the least amount of obstruction • That way organisational goals (including change) can be met.
• Architectural thinking supports that goal
This isn’t automatic. Awareness is needed: Architectural awareness is a precursor for security-awareness.
• Architecture is… (remember?) • Trends, standaarden, bestpractices, • Goals, strategy, vision, policy • Functional and operation requirements, processes • Risks and other constraints (financial) • Development, design, build, exploitation • Security is present in all of the above…
• Again, the connection is architecture • security is one of the views on architecture. • Looking at security this way, – we improve desicionmaking, – we avoid risk, – we prevent tunnelvision, – everybody profits from the IT assets
• Mensenwerk
• If tijd>10min soundbite()
---4---
Let’s Talk… • Nabranders: w.kossen@gmail.com
</presentatie>

Recommandé

Common WebApp Vulnerabilities and What to Do About Them
Common WebApp Vulnerabilities and What to Do About ThemCommon WebApp Vulnerabilities and What to Do About Them
Common WebApp Vulnerabilities and What to Do About ThemEoin Woods
 
Isys20261 lecture 02
Isys20261 lecture 02Isys20261 lecture 02
Isys20261 lecture 02Wiliam Ferraciolli
 
Security meeting 2012 ID Theft
Security meeting 2012 ID TheftSecurity meeting 2012 ID Theft
Security meeting 2012 ID TheftLuis Martins
 
Pacman Fever
Pacman FeverPacman Fever
Pacman Feverkarla_terroba
 
2013.07 vakblad warmtepompen wko kansen en valkuilen
2013.07 vakblad warmtepompen wko kansen en valkuilen2013.07 vakblad warmtepompen wko kansen en valkuilen
2013.07 vakblad warmtepompen wko kansen en valkuilenInstallect Bedrijven
 
Tectrade Magazine Jaargang 1.Nr.2
Tectrade Magazine Jaargang 1.Nr.2Tectrade Magazine Jaargang 1.Nr.2
Tectrade Magazine Jaargang 1.Nr.2mjdevries
 
Ux for Windows 8 - BGGD55
Ux for Windows 8 - BGGD55Ux for Windows 8 - BGGD55
Ux for Windows 8 - BGGD55Pureplexity
 
2 week course - Introduction to Strategic Sustainable Development
2 week course - Introduction to Strategic Sustainable Development2 week course - Introduction to Strategic Sustainable Development
2 week course - Introduction to Strategic Sustainable Developmenttamaraconnell
 

Recommandé

Common WebApp Vulnerabilities and What to Do About Them
Common WebApp Vulnerabilities and What to Do About ThemCommon WebApp Vulnerabilities and What to Do About Them
Common WebApp Vulnerabilities and What to Do About ThemEoin Woods
 
Isys20261 lecture 02
Isys20261 lecture 02Isys20261 lecture 02
Isys20261 lecture 02Wiliam Ferraciolli
 
Security meeting 2012 ID Theft
Security meeting 2012 ID TheftSecurity meeting 2012 ID Theft
Security meeting 2012 ID TheftLuis Martins
 
Pacman Fever
Pacman FeverPacman Fever
Pacman Feverkarla_terroba
 
2013.07 vakblad warmtepompen wko kansen en valkuilen
2013.07 vakblad warmtepompen wko kansen en valkuilen2013.07 vakblad warmtepompen wko kansen en valkuilen
2013.07 vakblad warmtepompen wko kansen en valkuilenInstallect Bedrijven
 
Tectrade Magazine Jaargang 1.Nr.2
Tectrade Magazine Jaargang 1.Nr.2Tectrade Magazine Jaargang 1.Nr.2
Tectrade Magazine Jaargang 1.Nr.2mjdevries
 
Ux for Windows 8 - BGGD55
Ux for Windows 8 - BGGD55Ux for Windows 8 - BGGD55
Ux for Windows 8 - BGGD55Pureplexity
 
2 week course - Introduction to Strategic Sustainable Development
2 week course - Introduction to Strategic Sustainable Development2 week course - Introduction to Strategic Sustainable Development
2 week course - Introduction to Strategic Sustainable Developmenttamaraconnell
 
Introductie in Social Media en Div
Introductie in Social Media en DivIntroductie in Social Media en Div
Introductie in Social Media en DivSOD Next
 
Representatieve monstername
Representatieve monsternameRepresentatieve monstername
Representatieve monsternameEurofins Agro
 
2. Services
2. Services2. Services
2. ServicesPrecipio
 
Consultancy on Demand - Infographic
Consultancy on Demand - InfographicConsultancy on Demand - Infographic
Consultancy on Demand - InfographicLaura Hood
 
Ivrs based news extracting system
Ivrs based news extracting systemIvrs based news extracting system
Ivrs based news extracting systemeSAT Publishing House
 
Project 1
Project 1Project 1
Project 1JoeBrannigan
 
Bottomupparser
BottomupparserBottomupparser
BottomupparserRoyalzig Luxury Furniture
 
Presentation peno
Presentation penoPresentation peno
Presentation penoNiels
 
Php security
Php securityPhp security
Php securityNikolai
 
Duurzaam vastgoed met wko
Duurzaam vastgoed met wkoDuurzaam vastgoed met wko
Duurzaam vastgoed met wkoInstallect Bedrijven
 
Blu ray disc
Blu ray discBlu ray disc
Blu ray discCarlos Andres Perez Cabrales
 
2Getthere
2Getthere2Getthere
2Gettherealexmeeuwen
 
Ravi ubana presentation on cloud
Ravi ubana presentation on cloudRavi ubana presentation on cloud
Ravi ubana presentation on cloudRavi Ubana
 
Variatie in de kuil 2010
Variatie in de kuil 2010Variatie in de kuil 2010
Variatie in de kuil 2010Eurofins Agro
 
DB2 10 Webcast #2 - Justifying The Upgrade
DB2 10 Webcast #2 - Justifying The UpgradeDB2 10 Webcast #2 - Justifying The Upgrade
DB2 10 Webcast #2 - Justifying The UpgradeLaura Hood
 
Erp Software Presentatie Unizo
Erp Software Presentatie UnizoErp Software Presentatie Unizo
Erp Software Presentatie Unizoalex dossche
 
Workshop 2.4 saxion definitief
Workshop 2.4 saxion definitiefWorkshop 2.4 saxion definitief
Workshop 2.4 saxion definitiefbuitengewoon
 
S09mid2sol
S09mid2solS09mid2sol
S09mid2solAnil Reddy
 
Hosting share pointproducts2010
Hosting share pointproducts2010Hosting share pointproducts2010
Hosting share pointproducts2010Ard van Someren
 
Week-2_LectureA1_701.pdf
Week-2_LectureA1_701.pdfWeek-2_LectureA1_701.pdf
Week-2_LectureA1_701.pdfssuserc3fe80
 
The New Security Practitioner
The New Security PractitionerThe New Security Practitioner
The New Security PractitionerAdrian Sanabria
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architectureDenise Bailey
 

Contenu connexe

En vedette

Introductie in Social Media en Div
Introductie in Social Media en DivIntroductie in Social Media en Div
Introductie in Social Media en DivSOD Next
 
Representatieve monstername
Representatieve monsternameRepresentatieve monstername
Representatieve monsternameEurofins Agro
 
2. Services
2. Services2. Services
2. ServicesPrecipio
 
Consultancy on Demand - Infographic
Consultancy on Demand - InfographicConsultancy on Demand - Infographic
Consultancy on Demand - InfographicLaura Hood
 
Presentation peno
Presentation penoPresentation peno
Presentation penoNiels
 
Php security
Php securityPhp security
Php securityNikolai
 
Ravi ubana presentation on cloud
Ravi ubana presentation on cloudRavi ubana presentation on cloud
Ravi ubana presentation on cloudRavi Ubana
 
Variatie in de kuil 2010
Variatie in de kuil 2010Variatie in de kuil 2010
Variatie in de kuil 2010Eurofins Agro
 
DB2 10 Webcast #2 - Justifying The Upgrade
DB2 10 Webcast #2 - Justifying The UpgradeDB2 10 Webcast #2 - Justifying The Upgrade
DB2 10 Webcast #2 - Justifying The UpgradeLaura Hood
 
Erp Software Presentatie Unizo
Erp Software Presentatie UnizoErp Software Presentatie Unizo
Erp Software Presentatie Unizoalex dossche
 
Workshop 2.4 saxion definitief
Workshop 2.4 saxion definitiefWorkshop 2.4 saxion definitief
Workshop 2.4 saxion definitiefbuitengewoon
 
Hosting share pointproducts2010
Hosting share pointproducts2010Hosting share pointproducts2010
Hosting share pointproducts2010Ard van Someren
 

En vedette (19)

Introductie in Social Media en Div
Introductie in Social Media en DivIntroductie in Social Media en Div
Introductie in Social Media en Div
 
Representatieve monstername
Representatieve monsternameRepresentatieve monstername
Representatieve monstername
 
2. Services
2. Services2. Services
2. Services
 
Consultancy on Demand - Infographic
Consultancy on Demand - InfographicConsultancy on Demand - Infographic
Consultancy on Demand - Infographic
 
Ivrs based news extracting system
Ivrs based news extracting systemIvrs based news extracting system
Ivrs based news extracting system
 
Project 1
Project 1Project 1
Project 1
 
Bottomupparser
BottomupparserBottomupparser
Bottomupparser
 
Presentation peno
Presentation penoPresentation peno
Presentation peno
 
Php security
Php securityPhp security
Php security
 
Duurzaam vastgoed met wko
Duurzaam vastgoed met wkoDuurzaam vastgoed met wko
Duurzaam vastgoed met wko
 
Blu ray disc
Blu ray discBlu ray disc
Blu ray disc
 
2Getthere
2Getthere2Getthere
2Getthere
 
Ravi ubana presentation on cloud
Ravi ubana presentation on cloudRavi ubana presentation on cloud
Ravi ubana presentation on cloud
 
Variatie in de kuil 2010
Variatie in de kuil 2010Variatie in de kuil 2010
Variatie in de kuil 2010
 
DB2 10 Webcast #2 - Justifying The Upgrade
DB2 10 Webcast #2 - Justifying The UpgradeDB2 10 Webcast #2 - Justifying The Upgrade
DB2 10 Webcast #2 - Justifying The Upgrade
 
Erp Software Presentatie Unizo
Erp Software Presentatie UnizoErp Software Presentatie Unizo
Erp Software Presentatie Unizo
 
Workshop 2.4 saxion definitief
Workshop 2.4 saxion definitiefWorkshop 2.4 saxion definitief
Workshop 2.4 saxion definitief
 
S09mid2sol
S09mid2solS09mid2sol
S09mid2sol
 
Hosting share pointproducts2010
Hosting share pointproducts2010Hosting share pointproducts2010
Hosting share pointproducts2010
 

Similaire à Architecture and Security Match

Week-2_LectureA1_701.pdf
Week-2_LectureA1_701.pdfWeek-2_LectureA1_701.pdf
Week-2_LectureA1_701.pdfssuserc3fe80
 
The New Security Practitioner
The New Security PractitionerThe New Security Practitioner
The New Security PractitionerAdrian Sanabria
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architectureDenise Bailey
 
NISI Agile Software Architecture Slide Deck
NISI Agile Software Architecture Slide DeckNISI Agile Software Architecture Slide Deck
NISI Agile Software Architecture Slide DeckUtrecht University
 
Software Architecture as Systems Dissolve
Software Architecture as Systems DissolveSoftware Architecture as Systems Dissolve
Software Architecture as Systems DissolveEoin Woods
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Claus Cramon Houmann
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...John M. Willis
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCJohn M. Willis
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure SecurityRicky Sanders
 
System Security Beyond the Libraries
System Security Beyond the LibrariesSystem Security Beyond the Libraries
System Security Beyond the LibrariesEoin Woods
 
How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...Vsevolod Shabad
 
Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"
Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"
Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"EC-Council
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
Securing Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataSecuring Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataMirantis
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Claus Cramon Houmann
 
Architecture in action 01
Architecture in action 01Architecture in action 01
Architecture in action 01Krishna Sankar
 
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...DevOpsDays Riga
 
Reducing inertia in organizations is the key to a successful DevOps transition
Reducing inertia in organizations is the key to a successful DevOps transitionReducing inertia in organizations is the key to a successful DevOps transition
Reducing inertia in organizations is the key to a successful DevOps transitionJoep Piscaer
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins
 

Similaire à Architecture and Security Match (20)

Week-2_LectureA1_701.pdf
Week-2_LectureA1_701.pdfWeek-2_LectureA1_701.pdf
Week-2_LectureA1_701.pdf
 
The New Security Practitioner
The New Security PractitionerThe New Security Practitioner
The New Security Practitioner
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
 
NISI Agile Software Architecture Slide Deck
NISI Agile Software Architecture Slide DeckNISI Agile Software Architecture Slide Deck
NISI Agile Software Architecture Slide Deck
 
Software Architecture as Systems Dissolve
Software Architecture as Systems DissolveSoftware Architecture as Systems Dissolve
Software Architecture as Systems Dissolve
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLC
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure Security
 
System Security Beyond the Libraries
System Security Beyond the LibrariesSystem Security Beyond the Libraries
System Security Beyond the Libraries
 
Careers in Cyber Security
Careers in Cyber SecurityCareers in Cyber Security
Careers in Cyber Security
 
How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...How can a successful SOC2-compliant ISMS be built without power, money and a...
How can a successful SOC2-compliant ISMS be built without power, money and a...
 
Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"
Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"
Global CCISO Forum 2018 | Tari Schreider "The Fault Lies in the Architecture"
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
 
Securing Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container DataSecuring Your Containers is Not Enough: How to Encrypt Container Data
Securing Your Containers is Not Enough: How to Encrypt Container Data
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015
 
Architecture in action 01
Architecture in action 01Architecture in action 01
Architecture in action 01
 
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...
DevOpsDaysRiga 2018: Joep Piscaer - Reducing inertia with Public Cloud and Op...
 
Reducing inertia in organizations is the key to a successful DevOps transition
Reducing inertia in organizations is the key to a successful DevOps transitionReducing inertia in organizations is the key to a successful DevOps transition
Reducing inertia in organizations is the key to a successful DevOps transition
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
 

Dernier

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Dernier (20)

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Architecture and Security Match

  • 2. Ir. Willem J. Kossen Informatiebeveiliging en ICT-Architectuur, een 'match made in heaven’
  • 3. <Today> • About @wkossen • The Statement • Some Reasoning • Some Discussion • Don’t hesitate to tweet… </Today>
  • 5.
  • 9.
  • 12.
  • 13. • A set of design artifacts, that are relevant for describing an object such that it can be produced to requirements (quality) as well as maintained over the period of its useful life (change). The design artifact describe the structure of components, their inter- relationships, and the principles and guidelines governing their design and evolution over time. • Source: http://www.opensecurityarchitecture.org
  • 14. Buildings • IT Architecture <> Building Architecture • FAIL
  • 15. • Diagram of stiffness of a simple square beam (A) and universal beam (B). The universal beam flange sections are three times further apart than the solid beam's upper and lower halves. The second moment of inertia of the universal beam is nine times that of the square beam of equal cross section (universal beam web ignored for simplification)
  • 16. VS.
  • 17.
  • 18.
  • 20.
  • 21. • Security betekent dat de architect eerst moet inloggen voor hij wat mag zeggen…
  • 22. Some sites attempt to use firewalls to solve their network security problems. Unfortunately, firewalls assume that "the bad guys" are on the outside, which is often a very bad assumption (MIT)
  • 23. • Proper Diskette Care and Usage • (1) Never leave diskettes in the drive, as the data can leak out of the disk and corrode the inner mechanics of the drive. Diskettes should be rolled up and stored in pencil holders. • (9) Periodically spray diskettes with insecticide to prevent system bugs from spreading..... • (13) Diskettes become "hard" with age. It's important to back up your "hard" disks before they become too brittle to use. • http://www.monster-island.org/tinashumor/humor/diskcare.html
  • 24. • Security provided by IT Systems can be defined as the IT system’s ability to being able to protect confidentiality and integrity of processed data, provide availability of the system and data, accountability for transactions processed, and assurance that the system will continue to perform to its design goals • Source: http://www.opensecurityarchitecture.org
  • 26. Defining • Tends to be hard • No-one agrees • Multi-interpretable • Inconsistent • Vague • Non conclusive • Impractical • …
  • 27. What can we do? • Make lists • Talk by example • Roll-Your-Own !!! • Use what works • Just choose • …
  • 28. So much in common • About Real life – Physical, information, behaviour, procedures, tech, etc • Business critical • Descriptive and normative • Quality oriented • Needs awareness • Tend to make things a bit harder and costly  • Take thought, balance and nuance • …
  • 31. What I Do… Samen Veilig Open Architectuur
  • 32. IT Security Architecture • The design artifacts that describe how the security controls (= security countermeasures) are positioned, and how they relate to the overall IT Architecture. These controls serve the purpose to maintain the system’s quality attributes, among them confidentiality, integrity, availability, accountability and assurance. • Source: http://www.opensecurityarchitecture.org
  • 34. Match Made in Heaven?
  • 35. • Architecture focuses on coherence, principles, standards and buildingblocks, • Security applies aspects of those to real life
  • 36. • Architecture and Security are interdependent. The one without the other doesn’t make sense
  • 37. • If separated, security remains limited to Ad-Hoc conjuring up measures aimed at risk reduction and generally towards technocracy. That tends to not help the organisation.
  • 38. • Applying IT Security should be aimed at providing the best experience for the user or client with the least amount of obstruction • That way organisational goals (including change) can be met.
  • 39. • Architectural thinking supports that goal
  • 40. This isn’t automatic. Awareness is needed: Architectural awareness is a precursor for security-awareness.
  • 41. • Architecture is… (remember?) • Trends, standaarden, bestpractices, • Goals, strategy, vision, policy • Functional and operation requirements, processes • Risks and other constraints (financial) • Development, design, build, exploitation • Security is present in all of the above…
  • 42. • Again, the connection is architecture • security is one of the views on architecture. • Looking at security this way, – we improve desicionmaking, – we avoid risk, – we prevent tunnelvision, – everybody profits from the IT assets
  • 44. • If tijd>10min soundbite()
  • 45.
  • 47. Let’s Talk… • Nabranders: w.kossen@gmail.com