nluug - fall 2010 conference - it architecture and it security, 'a match made in heaven?
TRANSCRIPT
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
1/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
2/48
Ir. Willem J. Kossen
Informatiebeveiliging enICT-Architectuur,
een 'match made in heaven
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
3/48
About @wkossen
The Statement
Some Reasoning
Some Discussion
Dont hesitate to tweet
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
4/48
---1---
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
5/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
6/48
@wkossen
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
7/48
http://willemkossen.nl/b
http://linkedin.com/in/willemkossenhttp://twitter.com/wkossen
http://stamstruik.nl
http://insecten.org
http://gazzary.nl
http://wkossen.myopenid.com
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
8/48
htt ://www.mxi.nl
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
9/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
10/48
---2---
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
11/48
Architecture?
Definition
anyone?
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
12/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
13/48
A set of design artifacts, that are relevant
for describing an object such that it can beproduced to requirements (quality) as well
as maintained over the period of its useful
life (change). The design artifact describe
the structure of components, their inter-
relationships, and the principles and
guidelines governing their design and
evolution over time.
Source: http://www.opensecurityarchitecture.org
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
14/48
Buildings
IT Architecture Building Architecture
FAIL
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
15/48
Diagram of stiffness of a simple square beam (A) anduniversal beam (B). The universal beam flange sections arethree times further apart than the solid beam's upper andlower halves. The second moment of inertia of the universalbeam is nine times that of the square beam of equal crosssection (universal beam web ignored for simplification)
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
16/48
VS.
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
17/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
18/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
19/48
Security
Definition
anyone?
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
20/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
21/48
Security betekent dat de architect
eerst moet inloggen voor hij wat
mag zeggen
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
22/48
Some sites attempt to use firewalls to solve
their network security problems.
Unfortunately, firewalls assume that "thebad guys" are on the outside, which is
often a very bad assumption (MIT)
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
23/48
Proper Diskette Care and Usage
(1) Never leave diskettes in the drive, as thedata can leak out of the disk and corrode the
inner mechanics of the drive. Diskettes should
be rolled up and stored in pencil holders.
(9) Periodically spray diskettes with insecticideto prevent system bugs from spreading.....
(13) Diskettes become "hard" with age. It's
important to back up your "hard" disks before
they become too brittle to use.
http://www.monster-island.org/tinashumor/humor/diskcare.html
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
24/48
Security provided by IT Systems can be
defined as the IT systems ability to beingable to protect confidentiality and integrityof processed data, provide availability ofthe system and data, accountability for
transactions processed, and assurancethat the system will continue to perform toits design goals
Source: http://www.opensecurityarchitecture.org
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
25/48
NEN 7510
ISO/IEC 17799
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
26/48
Defining
Tends to be hard
No-one agrees
Multi-
interpretable Inconsistent
Vague
Non conclusive
Impractical
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
27/48
What can we do?
Make lists
Talk by example
Roll-Your-Own !!! Use what works
Just choose
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
28/48
So much in common
About Real life Physical, information, behaviour, procedures, tech, etc
Business critical
Descriptive and normative Quality oriented
Needs awareness
Tend to make things a bit harder
and costly
Take thought, balance
and nuance
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
29/48
Architecture is:
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
30/48
Relation
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
31/48
What I Do
Samen Veilig
Open
Architectuur
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
32/48
IT Security Architecture The design artifacts that describe how the
security controls (= security
countermeasures) are positioned, and howthey relate to the overall IT Architecture.
These controls serve the purpose to
maintain the systems quality attributes,among them confidentiality, integrity,
availability, accountability and assurance.
Source: http://www.opensecurityarchitecture.org
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
33/48
---3---
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
34/48
Match Made in Heaven?
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
35/48
Architecture focuses on coherence,
principles, standards and buildingblocks,
Security applies aspects of those to real life
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
36/48
Architecture and Security are
interdependent. The one without the other
doesnt make sense
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
37/48
If separated, security remains limited to
Ad-Hoc conjuring up measures aimed at
risk reduction and generally towardstechnocracy. That tends to not help the
organisation.
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
38/48
Applying IT Security should be aimed at
providing the best experience for the user
or client with the least amount ofobstruction
That way organisational goals (including
change) can be met.
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
39/48
Architectural thinking supports that goal
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
40/48
This isnt automatic.
Awareness is needed:
Architectural awareness is a precursor for
security-awareness.
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
41/48
Architecture is (remember?)
Trends, standaarden, bestpractices,
Goals, strategy, vision, policy
Functional and operation requirements,
processes
Risks and other constraints (financial)
Development, design, build, exploitation
Security is present in all of the above
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
42/48
Again, the connection is architecture
security is one of the views onarchitecture.
Looking at security this way,
we improve desicionmaking,
we avoid risk,
we prevent tunnelvision, everybody profits from the
IT assets
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
43/48
Mensenwerk
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
44/48
If tijd>10min soundbite()
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
45/48
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
46/48
---4---
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
47/48
Lets Talk
Nabranders: [email protected]
-
8/8/2019 NLUUG - Fall 2010 conference - IT Architecture and IT Security, 'a match made in heaven?'
48/48