Information Security Component

From MIKE2 Methodology

Information Security covers the key aspects of security - access management, single sign on , encryption, etc are required to ensure end-to-end information security. Depending on the architectural scope, some areas become more critical. Data is the most critical asset to be kept secure; securing data often involves a holistic approach that covers data in databases, on the filesystem, in motion between systems and in the presentation layer.

Contents 1 Overview 1.1 Authentication 1.2 Authorization 1.3 Monitoring 1.4 Session Management 1.5 Encryption 2 Implementation 3 Relationship to other components of the SAFE Architecture

Overview

Shown below are some of the component areas that are particularly relevant across the architecture.

Authentication

Authentication may involve use of simple password logins or more advanced forms of authentication such as use of security tokens or biometrics. The authentication design may involve single-sign on across a federated systems environment.

Authorization

Authorization ensures that the user accessing the system is who they claim to be to protect systems from incorrect usage. It also protects users by using the information in a proper fashion and telling them how it will be used.

Monitoring

Monitoring pro-actively and reactively looks for violations of security policies in the environment that may be indications of attempted breaches.

Session Management

Session Management provides the mechanism to maintain state in the event of loss of connectivity or a crash. The system will need to manage sessions to avoid data loss.

Encryption

Encryption covers keeping information secure in the data store as well as ensuring it is secure as it flows between systems.

Implementation

Security requirements differ greatly across different customer environments and industries. An integrated security architecture is becoming more critical with the proliferation of increasingly distributed architectures, web channels, and B2X trading partners.

Relationship to other components of the SAFE Architecture

The Information Security goes across the architecture and is considered to be one of the Foundation Capabilities for Infrastructure Development as well as "front end" capability in relation to information access.