A set of physical and logical security-relevant representations (i.e., views) of system architecture that conveys information about how the system is partitioned into security domains and makes use of security-relevant elements to enforce security policies within and between security domains based on how data and information must be protected. Note: The security architecture reflects security domains, the placement of securty-relevent elements within the security domains, the interconnections and trust relationships between the security-relevent elements, and the behavior and interaction between the securuty-relevent elements. The security architecture, similar to the system architecture, may be expressed at different levels of abrstraction and with different scopes.
Source(s):
NIST SP 800-37 Rev. 2
NIST SP 800-160 Vol.2
An embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise’s security processes, information security systems, personnel and organizational sub-units, showing their alignment with the enterprise’s mission and strategic plans. See information security architecture.
Source(s):
NIST SP 800-37 Rev. 2
NIST SP 800-39
A set of physical and logical security-relevant representations (i.e., views) of system architecture that conveys information about how the system is partitioned into security domains and makes use of security-relevant elements to enforce security policies within and between security domains based on how data and information must be protected.
Note: The security architecture reflects security domains, the placement of security-relevant elements within the security domains, the interconnections and trust relationships between the security-relevant elements, and the behavior and interactions between the security-relevant elements. The security architecture, similar to the system architecture, may be expressed at different levels of abstraction and with different scopes.
Source(s):
NIST SP 800-160
[Superseded]
A set of physical and logical security-relevant representations (i.e., views) of system architecture that conveys information about how the system is partitioned into security domains and makes use of security-relevant elements to enforce security policies within and between security domains based on how data and information must be protected.
Note: The security architecture reflects security domains, the placement of security-relevant elements within the security domains, the interconnections and trust relationships between the security-relevant elements, and the behavior and interactions between the security-relevant elements. The security architecture, similar to the system architecture, may be expressed at different levels of abstraction and with different scopes.
Source(s):
NIST SP 800-160
[Superseded]
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
