Security Architecture - A Foundation for Trust in a Connected World
Keith Price 2007
This presentation introduces an architecture framework as a tool for developing secure ICT solutions. This framework describes a methodology and model to provide the strategic context for the design of ICT solutions.
This model introduces two fundamental components that form the basis for security related design decisions - a security zone model and a security trust model. The objective of these models is to provide the fundamental technology and security structure required to support a security strategy.
The zone and trust models are foundational models for developing the security architecture of an infrastructure solution. They facilitate the network organisation and placement of the primary functions of service presentation, business application logic, and secure storage. Through this architecture, we can control communications throughout the infrastructure from various internal and external users and devices. As a result, there is assurance that an ICT infrastructure solution is designed, developed, and maintained using formalised and rigorous controls and standards and is able to withstand concerted and methodical attempts to bypass or make fail its security mechanisms.
About Keith Price
Keith Price is Principal Consultant with Telstra’s new Security Solutions team in Sydney. Keith started his ICT career over 20 years ago and has most recently been focussing on information and IT security while working in Australia, U.K., and U.S. Prior to joining Telstra in early 2007, Keith was Manager, Information Security with Westpac Bank in Sydney.
Keith’s industry experience spans consulting, banking, insurance, utilities, and ICT solutions and services businesses. His assignments include information security governance programs; security strategy, policy, and architecture development; and security consulting and solutions design.
His qualifications include Bachelor of Business Administration and Master of Science degrees from Georgia State University in Atlanta USA and he is a CISSP and CISM.
He is Sydney branch chair for the Australian Information Security Association (AISA) and a Director for the Sydney branch of the Information Systems Audit and Control Association (ISACA).