OESA - Open Enterprise Security Architecture

Luboš Fryc, TOGAF®, SABSA® and Business Architecture expert

Luboš Fryc je kouč a školitel podnikové a bezpečnostní architektury. Přednáší mj. standardy TOGAF®, SABSA® a Business Architecture, a to s důrazem na vysvětlení vzájemných vazeb s dalšími metodikami, jako řízení rizik a služeb, projektové a procesní řízení nebo ověřování kvality.

Aktivně spolupracuje na tvorbě standardů a na přípravě Bodies of Knowledge v rámci celosvětové komunity The Open Group Architecture & ArchiMate Forum.

Je držitelem certifikátů TOGAF® 9 Certified, TOGAF® Essentials 2018 a The TOGAF® Standard – Version 9.2 a IRS within TOGAF®.

Anotace:

Dvoudenní školení zaměřené na strukturální popis rámce, určeného pro návrh, implementaci a operativu bezpečností architektury podniku.

I. den

General Description of an Enterprise Security Program

1. Enterprise Security Program Framework
2. Enterprise Security Architecture
3. Housing Design Model
4. The Enterprise Security System Design Model
5. Community Standards vs. Corporate Standards
6. Building Codes and Engineering Practices vs. Governance
7. House Architecture vs. Security Technology Architecture
8. Bill of Materials vs. Security Services
9. Maintenance vs. Operations
10. The Remodelling

Security Governance

1. Governance Components and Processes
2. Governance Process Overview
3. Governance Process Roles
4. Governance Model Policy Framework
5. Governance Principles
6. Security by Design
7. Managed Risk
8. Usability and Manageability
9. Defense in Depth
10. Simplicity
11. Resilience
12. Integrity
13. Enforced Policy
14. Design for Malice
15. Mobility
16. Policies
17. Policy Development
18. Policy Template – ISO/IEC 27002:2022
19. Security Policy Language – XACML
20. Standards, Guidelines, Procedures
21. Enforcement
22. Ongoing Assessment
23. Governance Example
24. Authentication Policy Example
25. Password Quality Enforcement Standard Example
26. Example Comments

Security Technology Architecture

1. Components and Processes
2. Conceptual Framework for Policy-Driven Security
3. Conceptual Architecture for Policy-Driven Security
4. PDP/PEP Detail
5. Identity Management Architecture
6. Identity Management Conceptual Architecture
7. Identity Management Logical Architecture
8. Identity Management Security Services Template
9. Identity Management Physical Architecture
10. Federated Identity Management
11. Border Protection Architecture
12. Border Protection Conceptual Architecture
13. Border Protection Logical Architecture
14. Border Protection Security Services Template
15. Other Security Services Template
16. Access Management Services
17. Configuration Management Services
18. Access Control Services
19. Authentication Services
20. Authorization Services
21. Detection Services
22. Virtualization
23. Content Control Services
24. Auditing Srvices
25. Cryptographic Services
26. Design and Development
27. Design Principles
28. Design Requirements
29. Design Best Practices
30. Re-Usable Tools, Libraries, Templates
31. Coding Best Practices
32. Testing Best Practices

II. den

Security Operations

1. Asset Management
2. Security Event Management
3. Security Administration
4. Security Compliance
5. Vulnerability Management
6. Reactive Process for Responding to Vulnerability Notifications
7. Proactive Process for Vulnerability Identification and Response
8. Event Management
9. Incident Management
10. Testing Security Architecture
11. Security Metrics
12. Operational and Business-Aligned Metrics
13. Objectives
14. What is a Security Metric?
15. Types of Metrics
16. Applying Security Metrics
17. Types of Metrics
18. Security Metrics Process

Toward Policy-Driven Security Architecture

1. Policy Layers and Relationships
2. Policy Automation Vision
3. Policy Automation Model
4. Policy Automation Model – HIPAA Example
5. Policy Automation Roadmap

Conclusions and Recommendations

1. Conclusions
2. Recommendations
3. Recommendations to User Organizations
4. Recommendations to Vendors and Standards Organizations

A Glossary of Resources

1. Annex 1 – Security Governance Resources and Tools
2. Annex 2 – NIST References for O-ESA Implementation

Security Architecture Checklist