Security View

The Security Architecture View is a cross cutting view of an Enterprise Architecture Framework.

The best openly available example of a Security Architecture Framework is SABSA, which is a proven framework and methodology for Enterprise Security Architecture and Service Management that is based on the Zachman Framework.
SABSA is used for a wide variety of Enterprise Security needs including Risk Management, Information Assurance, Governance, and Continuity Management.
Although copyright protected, SABSA is an open-use methodology, and is not a commercial product.

SABSA is described in the book Enterprise Security Architecture (A Business Driven Approach).


SABSA EA Framework

The SABSA Model comprises six layers based on the different rows in the Zachman Framework. Each layer represents the view of a different player in the process of specifying, designing, constructing and using the business system.


Row Security Deliverable
The Business View Contextual Security Architecture
The Architect’s View Conceptual Security Architecture
The Designer’s View Logical Security Architecture
The Builder’s View Physical Security Architecture
The Tradesman’s View Component Security Architecture
The Facilities Manager’s View Operational Security Architecture

Questions it answers

What are you trying to do at this layer? The assets to be protected by your security architecture
Why are you doing it? The motivation for wanting to apply security, expressed in the terms of this layer
How are you trying to do it? The functions needed to achieve security at this layer
Who is involved? The people and organisational aspects of security at this layer
Where are you doing it? The locations where you apply your security, relevant to this layer
When are you doing it? The time-related aspects of security relevant to this layer

Security View (based on Zachman Framework)


Security Service Management View (based on Zachman Framework)


Security Attributes

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License