Content area
Full Text
Abstract. Enterprise security architecture is a unifying framework and reusable services that implement policy, standard and risk management decision. The purpose of the security architecture is to bring focus to the key areas of concern for the enterprise, highlighting decision criteria and context for each domain. TOGAF-9 architecture framework provides guidance on how to use TOGAF-9 to develop Security Architectures and SOA's. This paper addresses the enterprise architect of what the security architect will need to carry out their security architecture work. It is also intended as a guide to help the enterprise architect avoid missing a critical security concern.
Keywords: Enterprise Security Planning, Enterprise Architectures, TOGAF
1. Introduction
The Open Group Architecture Framework (TOGAF) is a framework - a detailed method and a set of supporting tools for developing enterprise architecture [1]. TOGAF 9 is much different from other architecture frameworks such as Zachman, as it is lot more process driven and gives you a way to essentially codify architectural patterns [2]. Key enhancement in TOGAF 9 is the introduction of a seven-part structure and reorganization of the framework into modules with well-defined objectives. This will allow future modules to evolve at different speeds and with limited impact across the entire blueprint - something that's needed if you're looking to create architecture within compartments and have those compartments operating independently [1],[3],[5]. TOGAF 9, first of all, is more business focused. Before that it was definitely in the IT realm, and IT was essentially defined as hardware and software. The definition of IT in TOGAF 9 is the lifecycle management of information and related technology within an organization. It puts much more emphasis on the actual information, its access, presentation, and quality, so that it can provide not only transaction processing support, but analytical processing support for critical business decisions [4].
2. TOGAF Structure
As shown in Fig 1, TOGAF structure consists of;
PART I (Introduction) -This part provides a high-level introduction to the key concepts of enterprise architecture and in particular the TOGAF approach. It contains the definitions of terms used throughout TOGAF and release notes detailing the changes between this version and the previous version of TOGAF.
PART II (Architecture Development Method) - This part is the core of TOGAF. It...