Security Architecting

Definition

Security architecting is the subclass of architecting during which an application’s security architecture is produced.

Goals

The goals of security architecting are to:

• Produce and maintain the top-level strategic structure of security aspects of an application that captures the most important, pervasive security mechanisms and design decisions including their rationales.

Objectives

The objectives of security architecting are to:

• Produce a formally documented consensus amoung the project stakeholdlers (e.g., client, management, developers) concerning the overall structure and security mechanism of the next version [incremental iteration] of the application.
• Maximize the quality of the security architecture:
  • Correctness, completeness, consistency, and understandability.
  • To meet architecturally significant:
    • Operational requirements,
    • Quality requirements (e.g., extensibility, scalability, performance, operational availability, and security),
    • Design constraints (e.g., use of existing databases), and
    • Business rules.
• Maximize the productivity of the architecture team (e.g., reuse of reusable architectural frameworks, reuse of architecture conventions, and existence of example documents).

Examples

Examples of security architecting include:

• Architecting the security aspects of a web-based application.
• Architecting the security aspects of a business-internal application.

Preconditions

Security architecting typically may begin when the following preconditions hold:

• The initiation phase has started.
• The security team is initially staffed and adequately trained in security architecting.
• Some security requirements have been specified.

Completion Criteria

Security architecting is typically complete when the following postconditions hold:

• The security architecture has been documented.
• The security portion of the software architecture document has:
  • Passed evaluation.
  • Been accepted by the customer.
  • Been delivered to the customer.

Tasks

Security architecting typically involves the following producers performing the following architecting tasks:

• security Team, which performs:
  • Architecture Reuse
  • Architecture Prototyping
  • Architecture Documentation
  • Architecture Integrity Assurance

Environments

Security architecting is typically performed using the following environment(s) and associated tools:

• Development Environment:
  • Whiteboards
  • Word processing tool
  • Modeling tools

Work Products

Security architecting typically results in the production of the following architecture work products:

• Software Architecture Document

Phases

Security architecting tasks are typically performed during the following phases:

• Initiation: Started
• Construction: Completed
• Delivery: Maintained
• Usage: Maintained
• Retirement: Not Applicable

Guidelines

• The system and software architectures must fulfill (and is therefore validated against) the security requirements.
• The security mechanisms drive and constrain the tactical (i.e., detailed) design.
• This activity is documented using the typical configuration for large projects. It is intended to be configured (i.e., instantiated, extended, and tailored) to meet the needs of specific projects.
• The preconditions of this activity should be the union of the preconditions of its constituent tasks.
• The completion criteria for this activity should be the union of the postconditions of its constituent tasks.