From MIKE2 Methodology
Activity: Information Security Design
Objective
The Information Security Design activity covers an overall design approach for information security. It builds off the Information Standards and Information Governance Policies defined in Phase 2 and the Security Model and the classification model defined in Phase 3 to provide an implementable design. In conjunction with the Infrastructure Management Process Design activity, an approach is defined to protect information assets.
The Information Security Design does not cover all aspects of security. For a further description of the scope of Information Security, refer to the Solution Definition of the Information Security Solution Offering. There are tasks listed within this activity that relate more to Infrastructure Development than Information Development but they are covered only at a high level.
Major Deliverables
- Information Security Design
- Information Security Monitoring Design
Tasks
Design Network Infrastructure Security Controls
Objective:
Network Infrastructure Security is used to ensure the network is secure and it is protected from attack. This includes making sure the proper hardware and software firewalls are in place and that data is encrypted across this network.
Input:
Output:
Design Host Security Controls
Objective:
Host Security Controls make sure the platform that the information systems run on is secure. Host security is implemented by restricting equipment access, controlling host password assignments and through setting permission levels on what functions users can perform. It is also implemented through the use of anti-virus, anti-spyware and anti-spam software which also impact network and application security.
Input:
- Detailed Business Requirements
- Information Security Standards
- Information Security Policies
- Information Security Model
- Classified Information Assets
Output:
Design Database Security Controls
Objective:
This task defines the controls that will be implemented to restrict users from accessing information, based on how the information is classified and the security model. Example controls include:
- Restricting the rights a user has to access information
- Restricting the rights a user has to perform certain functions, e.g. only letting a system user drop tables
- Tracking activities in the database to provide an audit trail if needed
Database security is the last line of defense to protect information assets. For an information management engagement it is typically the area where the implementation team will be most directly involved.
Input:
- Detailed Business Requirements
- Information Security Standards
- Information Security Policies
- Information Security Model
- Classified Information Assets
Output:
Design Identity and Access Management Controls
Objective:
Identity and Access Management ensures that the user accessing the system is who they claim to be, thereby protecting systems from incorrect usage. It also protects users by informing them through:
- Stating how their personal information will be used
- Only using user information in the fashion that is stated
- By protecting user information from dissemination to other entities without stated permission
Authentication is generally the key design feature from a technical perspective. It may involve use of simple password logins or more advanced forms of authentication such as the use of security tokens or biometrics so it goes across network, host, application and data security. The authentication design may involve single-sign on across a federated systems environment.
Input:
Output:
Design Cryptographic Controls
Objective:
Cryptographic control processes go across each of the above tasks. Cryptographic design involves putting additional controls in place so that only appropriate users are able to read information, even if a non-authenticated user is able to access it. Cryptography may take place during access management stages by encrypting data that goes across the network. Encryption is also often applied within an information store so that even an administrator cannot see the data, such as password, credit card details or classified government content.
The design process defines the most appropriate encryption technique and technologies to be used. It also defines the approach for how it will be applied specifically to the information in scope.
Input:
Output:
Design Security Monitoring Processes
Objective:
As part of this task, a Security Monitoring solution is designed that makes sure the solution that has been implemented continues to meet the defined business requirements. Security Monitoring pro-actively and reactively looks for issues in the environment that are violations of security policies or may be indications of attempted breaches.
Input:
- Detailed Business Requirements
- Solution Architecture Definition/Revision#Information Security Model
- Information Security Design
Output:
Core Supporting Assets
Yellow Flags
Areas to look out for include:
- Strong resistance from the organisation to follow standards and policies.
- The organisation has suffered security breaches in the past and root causes have not been eliminated.
- Use of technologies that are either immature (e.g. biometric technologies) or new to the organisation.
- New business requirements that push security boundaries that have been traditionally followed in the organisation (e.g the need to deal with external partners).
Key Resource Requirements
Potential Changes to this Activity
This activity is still being defined and will likely undergo a number of changes. Potential changes include:
- Some areas of security aren't really covered that are important for security, such as restricting physical access to hosts.
- Need to determine how much depth will be covered on Information Security as it relates to techniques for Infrastructure Development
BlogMarks
del.icio.us
digg
Furl
Simpy
smarking
