Professional Documents
Culture Documents
TCI Reference Architecture v2.0 PDF
TCI Reference Architecture v2.0 PDF
Uploaded by
Mikhalis MakrodimitrisOriginal Title
Copyright
Available Formats
Share this document
Did you find this document useful?
Is this content inappropriate?
Report this DocumentCopyright:
Available Formats
TCI Reference Architecture v2.0 PDF
TCI Reference Architecture v2.0 PDF
Uploaded by
Mikhalis MakrodimitrisCopyright:
Available Formats
Reference Architecture Version 2.
0
Guiding Principles
q Define protections that enable trust in the cloud.
q Develop cross-platform capabilities and patterns for proprietary and open-source providers.
q Will facilitate trusted and efficient access, administration and resiliency to the customer/consumer. Business Operation Information Technology Presentation Services Security and Risk
Presentation Platform
Support Services Operation & Support Management
q Provide direction to secure information that is protected by regulations.
q The Architecture must facilitate proper and efficient identification, authentication, authorization,
administration and auditability. Presentation Modality End-Points
q Centralize security policy, maintenance operation and oversight functions.
q Access to information must be secure yet still easy to obtain.
(BOSS) (ITOS) Consumer Service Platform Enterprise Service Platform Mobile Devices
Mobile Device Management Company
Desktops
Speech Recognition
(IVR) Governance Risk & InfoSec
q Delegate or Federate access control where appropriate.
B2E B2M
owned
Third-Party Public Kiosk Compliance Management
Social Portable Devices
q Must be easy to adopt and consume, supporting the design of security patterns Colaboration Compliance Policy Management
q The Architecture must be elastic, flexible and resilient supporting multi-tenant, multi-landlord platforms Compliance IT Operation Media B2B B2C
Medical Devices Smart Appliances Handwriting Management Exceptions Self Assessment
Capability
Mapping
Fixed Devices (ICR) Vendor Audit IT Risk Risk Portfolio Risk
q The architecture must address and support multiple levels of protection, including network, operating Search E-Mail e-Readers P2P
Audit Planning Secure Sandbox Management Management Management Management Dashboard
system, and application security needs. Contact/Authority DRP IT Governance
Independent Third-Party Internal Maintenance Technical Awareness and Training Residual Risk Management
High Level Use Cases Audits Audits Audits Plan Test Architectrure Standards and
Information System Regulatory Management Management Governance Guidelines
Mapping
Intellectual Property Protection
Privilege Management Infrastructure
Data Governance
Resource
Management
PMO
Program
Portfolio
Management Application Services Identity Management
Domain Unique
Identifier
Federated IDM
Authentication Services
SAML
Token
Risk Based
Auth
Multifactor
Mgmnt
Segregation Maturity
Data Ownership /
Stewardship
Data
Classification
Handling / Labeling /
Security Policy of Duties Project
Mgmnt
Model Programming Interfaces Security Knowledge Lifecycle Integration Middleware Identity
Provisioning
Attribute
Provisioning
OTP
Smart
Card
Password
Management
Secure Disposal of Rules for Information Contractors Roadmap Biometrics Network
Clear Desk Policy
Data Leakage Prevention Remediation Authorization Services Authentication
Strategy Alignment Input Single Sign On
Rules for Entitlement Review Middleware
SaaS, Validation Security
Data Retention Attack Code Security Application Policy WS-Security Authentication
PaaS, IaaS Design Policy Definition
Patterns Samples Framwrok - ACEGI Enforcement
Patterns Identity Verification OTB AutN
Policy Principal Data
Operational Risk Human Resources Service Delivery Mangement Management
Connectivity & Delivery Resource Data Privilege Usage Management
Management Security Development Process Management
XACML
Keystroke/Session Password
Role Logging Vaulting
Operational Risk Committee Service Level Information Technology Obligation
Self-Service Software Quality Assurance Management Privilege Usage Resource
Crisis Business Management Resiliency Application Stress and Out of the Box (OTB) AutZ
Gateway Protection
Security Hypervisor Governance and Compliance
Management Impact Analysis Employee Employment Vulnerability Volume
Code Review
Key Risk Indicators Termination
Background
Agreements
Job
Objectives Internal SLAs
Availability Resiliency
Scanning Testing
Abstraction
Business Continuity Screening Descriptions
OLAs External SLAs Management Analysis
Threat and Vulnerability Management
Planning Testing Roles and Employee Vendor Management
Responsibilities Awareness Capacity Planning Compliance Testing Vulnerability Management
Risk Management Framework Service Dashboard
Information Services
Employee Code of Conduct Databases Servers Network Application Infrastructure DB
Business Technical
Assessment Assessment
Independent Risk Management Asset Management Application Performance Penetration Testing Threat Management
Service Operational Monitoring Service Delivery Reporting Services ITOS Problem
Management
Incident
Management
BOSS Internal External Source Code Scanning Risk Taxonomy
PMO Strategy Roadmap
Security Monitoring Services Costing Bugdeting Service
Catalog
SLAs OLAs Dashboard Data Mining Reporting Tools Business Intelligence Risk
Assessments
Data Process
SIEM Event Database Application Honey End-Point Charge
Back
Investment
Budgeting
CMDB
Knowledge
Management
Classification Ownership
Infrastructure Protection Services
Platform Mining Monitoring Monitoring Pot Monitoring
Contracts
Recovery
Plans Data Governance Security Monitoring HR Data
Server
Behavioral Malware Prevention
End-Point
Event Cloud E-Mail Market Threat Counter Non- Service Change Audit Business Anti-Virus, Anti-Spam, Host
Findings
(Employees & White Sensitive File HIPS /HIDS
Correlation Monitoring Journaling Intelligence Threat Risk Production Management Management Contractors)
Strategy Anti-Malware Firewall
Listing Protection
Assessments Data Session Authorization Authentication Application Network Computer
SOC Portal Management Events Events Events Events Events
Anti- HIPS / Host Behavioral
Media Hardware Based
Service Support
Events Virus HIDS Firewall Malware
Lockdown Trusted Assets
Managed Security Knowledge Branding Information Data Prevention
Services Base Protection
Anti-Phishing
Service Support Service
Leakage
Metadata
Segregation
User Directory Services Network
Behavioral Malware Prevention Inventory Control
Content Forensic Tools
HIPS NIPS Filtering
User Behavior & Configuration Events White Listing
Real-time internetwork defense (SCAP) Events Content
Profile Patterns Rules Firewall DPI
Transformation Services Filtering
(Metadata)
Risk Management Active DBMS NIPS / Application
Configuration Management Knowledge Database Directory
LDAP X.500
Repositories NIDS
Wireless
Protection XML Applicance Application Firewall Real
Privilege Repositories Repositories
Repository Events Services Meta Link Layer Network Security Time
Software Usage Events
Legal Services Internal Investigations Capacity Planning
Management
Physical Inventory Configuration
Management
GRC RA BIA Directory Black Listing Filtering Secure Messaging Secure Collaboration Filtering
Forensic e-Mail Virtual Services
Contracts E-Discovery Automated Asset Configuration Database Registry Location Federated
Analysis Journaling (CMDB) Change ACLs CRLs Compliance NIPS DLP eDiscovery Directory
Discovery Management DR & BC Services Services Services
Data Protection
VRA TVM Monitoring Events EVents
Incident Response Legal Logs Events Services
Plans
Preparation
Incident Management Problem Management Data lifecycle management
Automated Event Root Cause Meta Data Data
Security Incident Data Masking Data Tagging
Response Ticketing Classifiation Analysis Control De-Identification
Self-Service Ticketing
Trend
Analysis
Problem
Resolution Internal Infrastructure
Infrastructure Services Virtual Infrastructure
eSignature
(Unstructured data)
Life cycle
management
Data Obscuring Data Seeding
Cross Cloud Security Incident
Orphan Incident Management
Response
Facility Security Patch Servers Desktop “Client” Virtualization Storage Virtualization
<<insert Jairo’s content>
Data Loss Prevention Intellectual Property
Block-Based Virtualization Protection
Knowledge Management Controlled Physical Asset Management Secure Build
Image Management Local Session-
Remote
VM-Based Host-Based
Storage
Network-Based
Data Discovery
Intellectual Digital Rights
Based (VDI) LDM LVM Appliance
Network End-Point Server
Compliance Monitoring Device-
Best Trend Security Job Security
Access Handling LUN Based Switched
(Data in Transit) (Data in Use) (Data at Rest) Property Management
Electronic Service Discovery
Benchmarking Barriers
practices Analysis Aids FAQ Surveillance Data
Security Patrols
Physical
Authentication Software
Hardware
Application Virtualization Virtual Cryptographic Services
Equipment End Point Client
Application
Server
Application
Workspaces File-Based Virtualization Key Management PKI
Signature
Services
Data-in-use
Encryption (Memory)
Change Management Release Environmental Risk Management Streaming Streaming Vertical Isolation
Symmetric Asymmetric
Change Management Physical Security
Equipment Power Maintenance Keys Keys Data-in-Transit
Encryption
Data-at-Rest Encryption
(DB, File, SAN, Desktop,
Domain
Location Redundancy
Service Approval Mobile)
Review Server Virtualization Network Database (Transitory, Fixed)
SABSA Provisioning Workflow
Board
Scheduling
Virtual Machines (Hosted Based) Virtualizaton
Network Address
Virtualization
Testing Version
Container Storage Availability
Space
ITIL v3
Planned Changes Control Network Full Paravirtualization Hardware-Assisted
Virtualization
IPv4 IPv6 Mobile Device
Emergency Build Virtualization
Policies and Standards
Process or
Project
Changes
Operational
Chages
Changes Source Code
Management
Services Services Services OS TPM Virtual External Internal Operational Security Baselines Job Aid Guidelines Role Based Awareness
Solution
Data
TOGAF Network
Segmentation
Authoritative
Time Source
VIrtualization Virtualization Memory
(VLAN) (VNIC)
Smartcard
Virtualization
Information Security
Policies
Technical Security
Standards
Data/Asset Classification
Best Practices &
Regulatory correlation
JERICHO
Co-Chairs: Jairo Orea, Yaron Levi, Dan Logan.
Team: Richard Austin, Frank Simorjay, Yaron Levi, Jon-Michael Brook,
Jarrod Stenberg, Ken Trant, Earle Humphreys, Vern Williams
Date: 02/25/2013
You might also like
- Security ArchitectureDocument6 pagesSecurity ArchitecturestudydatadownloadNo ratings yet
- Microsoft Cybersecurity Reference Architectures (MCRA) : Capabilities Zero Trust User Access PeopleDocument47 pagesMicrosoft Cybersecurity Reference Architectures (MCRA) : Capabilities Zero Trust User Access Peopleduongkai100% (1)
- ComplianceForge Integrated Cybersecurity Governance ModelDocument1 pageComplianceForge Integrated Cybersecurity Governance ModelbsrpropNo ratings yet
- Executive Summary: U.S. House of Representatives Systems Development Life-Cycle PolicyDocument45 pagesExecutive Summary: U.S. House of Representatives Systems Development Life-Cycle PolicycasualityontopNo ratings yet
- UEM EPM Product EN PPTDocument28 pagesUEM EPM Product EN PPTLukas Christian Sirait - VTINo ratings yet
- Enterprise Architecture PrinciplesDocument5 pagesEnterprise Architecture PrinciplesHai Akang100% (2)
- PART 1 Empowering MSSP Real World Customer NeedsDocument10 pagesPART 1 Empowering MSSP Real World Customer NeedsmoxdyNo ratings yet
- Project Report - Business & Marketing Strategy For Next Generation BroadbandDocument75 pagesProject Report - Business & Marketing Strategy For Next Generation BroadbandSonali Agrawal100% (2)
- TCI Reference Architecture v1.1Document1 pageTCI Reference Architecture v1.1Venugopal Athiur RamachandranNo ratings yet
- Network Documentation PracticesDocument8 pagesNetwork Documentation PracticessupergadgetNo ratings yet
- Combining Classification and DLPDocument12 pagesCombining Classification and DLPTriệuAnhTuânNo ratings yet
- 18 DataCenter Security OverviewDocument22 pages18 DataCenter Security Overviewrnaveed01No ratings yet
- NIST Security Reference Architecture 2013.05.15 v1.0Document204 pagesNIST Security Reference Architecture 2013.05.15 v1.0Mariori TrIdiaNo ratings yet
- TSI SW100 Cyber Security How SABSA Can Help Your Business 1Document5 pagesTSI SW100 Cyber Security How SABSA Can Help Your Business 1koernjNo ratings yet
- Magic Quadrant For Endpoint Protection PlatformsDocument40 pagesMagic Quadrant For Endpoint Protection PlatformsLeonardo LatorreNo ratings yet
- BOOT CAMP (DAY 1) (Autosaved)Document157 pagesBOOT CAMP (DAY 1) (Autosaved)Ashish BhardwajNo ratings yet
- Microsoft Identity Manager 2016 DatasheetDocument2 pagesMicrosoft Identity Manager 2016 DatasheetaudreytticNo ratings yet
- 3rd Party Outsourcing Information Security Assessment Questionnaire V1.4Document15 pages3rd Party Outsourcing Information Security Assessment Questionnaire V1.4Adil Raza SiddiquiNo ratings yet
- Anatomy of A SOCDocument37 pagesAnatomy of A SOCDigit OktaviantoNo ratings yet
- Beginners Guide To Log CorrelationDocument14 pagesBeginners Guide To Log CorrelationMohamed IssaouiNo ratings yet
- Shostack ModSec08 Experiences Threat Modeling at MicrosoftDocument11 pagesShostack ModSec08 Experiences Threat Modeling at MicrosoftwolfenicNo ratings yet
- Structured Approach To IT Business System Availability and Continuity Planning, Analysis and DesignDocument73 pagesStructured Approach To IT Business System Availability and Continuity Planning, Analysis and DesignAlan McSweeney100% (1)
- ITIL Process Flows PDFDocument11 pagesITIL Process Flows PDFdanroddNo ratings yet
- Network Documentation and Netdot PDFDocument36 pagesNetwork Documentation and Netdot PDFROSARIO IVONNo ratings yet
- SIEM Pro ConsDocument58 pagesSIEM Pro Conssagar gautam0% (1)
- 13 Effective Security Controls For ISO 27001 ComplianceDocument55 pages13 Effective Security Controls For ISO 27001 ComplianceRobert Mota HawksNo ratings yet
- Modern Service Management For Azure v1.1Document45 pagesModern Service Management For Azure v1.1Ines MariaNo ratings yet
- Microsoft Sentinel Technical Playbook For MSSPsDocument60 pagesMicrosoft Sentinel Technical Playbook For MSSPsIlham SauqiNo ratings yet
- Implementing A Zero Trust Security Model at Microsoft BRK2240Document27 pagesImplementing A Zero Trust Security Model at Microsoft BRK2240jtsw2018No ratings yet
- Recommended Security Baseline SettingsDocument28 pagesRecommended Security Baseline Settingsbalamurali_aNo ratings yet
- AlgoSec Firewall Analyzer DatasheetDocument2 pagesAlgoSec Firewall Analyzer DatasheetGaston AcevedoNo ratings yet
- PCI DSS Quick Reference GuideDocument34 pagesPCI DSS Quick Reference GuideJames LeeNo ratings yet
- SABSA White PaperDocument25 pagesSABSA White PaperMunyaradzi PasinawakoNo ratings yet
- Fortinet MSSP Program BrochureDocument7 pagesFortinet MSSP Program BrochureMaison S100% (1)
- IAM Managing Identity Remains Key To Cyber SecurityDocument48 pagesIAM Managing Identity Remains Key To Cyber Securitykanantaram7197No ratings yet
- 2021 Strategic Roadmap For SASE ConvergenceDocument17 pages2021 Strategic Roadmap For SASE ConvergenceChichiNo ratings yet
- Active Directory Audit Help Document PDFDocument84 pagesActive Directory Audit Help Document PDFrpathuriNo ratings yet
- The CIS Community Attack ModelDocument13 pagesThe CIS Community Attack Modela2304404No ratings yet
- QRadar SIEM Deployment GuideDocument52 pagesQRadar SIEM Deployment GuideblancorojoNo ratings yet
- Security - Domain - RoadmapDocument32 pagesSecurity - Domain - RoadmapVijay SrinivasanNo ratings yet
- ITIL Compatible With Other Framework98Document28 pagesITIL Compatible With Other Framework98kdNo ratings yet
- Enterprise Mobility Hero Demo GuideDocument48 pagesEnterprise Mobility Hero Demo GuidedanielroncattoNo ratings yet
- 2 Security Architecture+DesignDocument113 pages2 Security Architecture+DesignzequreshiNo ratings yet
- CIS Benchmarks-Compliance PDFDocument2 pagesCIS Benchmarks-Compliance PDFAndrey NyrovNo ratings yet
- Active Directory Security Assessment (ADSA)Document2 pagesActive Directory Security Assessment (ADSA)Daniel GarciaNo ratings yet
- DLP NotesDocument10 pagesDLP NotesoyooNo ratings yet
- Security Design PrinciplesDocument20 pagesSecurity Design Principlesroshanak attarNo ratings yet
- Integrating and Automating Security Into A Devsecops Model: DevelopDocument8 pagesIntegrating and Automating Security Into A Devsecops Model: DeveloprajeevrocksNo ratings yet
- Database Security RoadmapDocument1 pageDatabase Security Roadmapwaz32195No ratings yet
- Sabsa Matrix 2009Document1 pageSabsa Matrix 2009Eli_HuxNo ratings yet
- S e R V e R H: Server HardeningDocument3 pagesS e R V e R H: Server HardeningAbhijeet KumarNo ratings yet
- Palo Alto Networks Vs FireEye Battlecard - March 2015Document2 pagesPalo Alto Networks Vs FireEye Battlecard - March 2015gustavo100% (1)
- SCF Secure Controls Framework GuideDocument23 pagesSCF Secure Controls Framework GuideManinder KaurNo ratings yet
- Cyber Security & Penetration Testing Services Cyber Radar SystemsDocument15 pagesCyber Security & Penetration Testing Services Cyber Radar Systemscyberradar systemNo ratings yet
- Mitre Att&Ck As A Framework For Cloud Threat Investigation: Center For Long-Term CybersecurityDocument27 pagesMitre Att&Ck As A Framework For Cloud Threat Investigation: Center For Long-Term Cybersecurityivan004No ratings yet
- Elite Bilderberg Jesuits Home AdderssesDocument8 pagesElite Bilderberg Jesuits Home AdderssesrenebavardNo ratings yet
- Hakin9 StarterKit TEASER EbookDocument12 pagesHakin9 StarterKit TEASER EbookrenebavardNo ratings yet
- Hakin9 01 2013 TBO TeasersDocument46 pagesHakin9 01 2013 TBO TeasersNancy Martin100% (1)
- Hakin9 Extra Android TeaserDocument19 pagesHakin9 Extra Android TeaserrenebavardNo ratings yet
- Question AnswerDocument3 pagesQuestion AnswerrenebavardNo ratings yet
- Blue Badge Rights ResponsibilitiesDocument34 pagesBlue Badge Rights ResponsibilitiesrenebavardNo ratings yet
- Nistir 7275r4 Updated March 2012 MarkupDocument80 pagesNistir 7275r4 Updated March 2012 MarkuprenebavardNo ratings yet
- Cell Phone Forensic Tools:: An Overview and AnalysisDocument188 pagesCell Phone Forensic Tools:: An Overview and AnalysisrenebavardNo ratings yet
- Nistir7219 CSD 2004 Annual ReportDocument52 pagesNistir7219 CSD 2004 Annual ReportrenebavardNo ratings yet
- Nistir 7275r4 Updated March 2012 CleanDocument80 pagesNistir 7275r4 Updated March 2012 CleanrenebavardNo ratings yet
- Personal Identity Verification Card Management Report: Jim Dray David CorcoranDocument35 pagesPersonal Identity Verification Card Management Report: Jim Dray David CorcoranrenebavardNo ratings yet
- Specification For The Extensible Configuration Checklist Description Format (XCCDF) Version 1.2Document80 pagesSpecification For The Extensible Configuration Checklist Description Format (XCCDF) Version 1.2renebavardNo ratings yet
- Cisco TMS Admin Guide 15Document288 pagesCisco TMS Admin Guide 15ArticNo ratings yet
- BiSL BP008 en Operational Business Information Management Activity ManualDocument18 pagesBiSL BP008 en Operational Business Information Management Activity ManualhasandalalNo ratings yet
- ICICI Lombard - Microsoft AzureDocument5 pagesICICI Lombard - Microsoft AzurenasralaNo ratings yet
- How To Monitor VMAX Thin PoolDocument9 pagesHow To Monitor VMAX Thin PoolSrikanth MuthyalaNo ratings yet
- Product Catalog PreviewDocument24 pagesProduct Catalog PreviewNaveedNo ratings yet
- EMVCo White Paper On Contactless Mobile Payment 20110921111857912Document47 pagesEMVCo White Paper On Contactless Mobile Payment 20110921111857912Manpreet SinghNo ratings yet
- 1210ijasuc06 PDFDocument9 pages1210ijasuc06 PDFpooja07061990No ratings yet
- Aruba Instant 6.2.0.0-3.2 User Guide PDFDocument300 pagesAruba Instant 6.2.0.0-3.2 User Guide PDFsang_wooNo ratings yet
- Metro Ethernet ModelingDocument38 pagesMetro Ethernet ModelingUlianov SinforosoNo ratings yet
- GatekeeperDocument6 pagesGatekeeperSundeep RaoNo ratings yet
- Ucm6510 Setup GuideDocument30 pagesUcm6510 Setup Guiderataro123456No ratings yet
- Whitepaperc 117314552Document7 pagesWhitepaperc 117314552dangkuw5572No ratings yet
- Sample of Good ResumeDocument10 pagesSample of Good ResumeOchie RomeroNo ratings yet
- Identity Access and ManagementDocument25 pagesIdentity Access and ManagementSugandha BornWhimsicalNo ratings yet
- Reference Architecture Private Cloud Dell Microsoft Hyper VDocument48 pagesReference Architecture Private Cloud Dell Microsoft Hyper VlakshmanNo ratings yet
- SAP HANA EIM Administration Guide enDocument336 pagesSAP HANA EIM Administration Guide enDanielGarciaSanchez100% (1)
- Reference Architecture - Red Hat OpenStack PlatformDocument43 pagesReference Architecture - Red Hat OpenStack PlatformreajNo ratings yet
- Designing and Deploying Internet Scale ServicesDocument12 pagesDesigning and Deploying Internet Scale ServicesParvez2zNo ratings yet
- Glossary of OIMDocument22 pagesGlossary of OIMashu_abhisriNo ratings yet
- Hss Security User RoleDocument166 pagesHss Security User RolemohamedNo ratings yet
- Server Configuration: Sec 5, System Management, Web AppsDocument19 pagesServer Configuration: Sec 5, System Management, Web Appsderp692No ratings yet
- Vmware Operationalizing NSXDocument94 pagesVmware Operationalizing NSXMattNo ratings yet
- KeepGoing PDFDocument283 pagesKeepGoing PDFYunes Hasan Ahmed AliNo ratings yet
- Huawei FusionStorage Data SheetDocument6 pagesHuawei FusionStorage Data SheetLakshmi KiranNo ratings yet
- Cisco IT Case Study Oracle On VM On UCSDocument9 pagesCisco IT Case Study Oracle On VM On UCSCisco ITNo ratings yet
- RPVM 4.3 - FaqDocument7 pagesRPVM 4.3 - FaqAmul VermaNo ratings yet
- Connectrix DS-300B: Key FeaturesDocument13 pagesConnectrix DS-300B: Key FeaturesFelipe Gabriel Nieto ConchaNo ratings yet
- Okta Economic Impact 3.6Document22 pagesOkta Economic Impact 3.6mathurashwaniNo ratings yet
- 20765C 07Document29 pages20765C 07douglasNo ratings yet
