The assignment for the Physical Security Layer was highly useful in that it required us to map business drivers to strategies to logical services and finally to physical components. This may be useful to myself in the future, or anyone looking for an example on how to do this to better interpret business needs and translate them into information technology solutions. The Physical Security Architecture layer of the SABSA® model takes the logical deliverables and choose which components (not specific products) will best meet the logical needs. First, it requires that an updated business data model is provided which includes the added security architecture data items (certificates, passwords, etc.), and the security mechanisms database. Thus, the deliverables from this phase include (Sherwood, Clark, & Lynas, 2005, pp 121):
References
- A statement of the security rules, practices, and procedures that will be required
- A list of the security mechanisms that will be needed to implement the logical security services from the layer above
- A list of applications and user communities, with a security user interface design for each type
- The physical layout of the platforms and networks, probably in diagrammatic form.
- A statement of capacity planning (e.g. throughput of devices, processing power required, and bandwidth of communication lines)
- A description of the resilience model provided by redundancy of boxes and connections.
- The control structure execution model needed to execute the logical security processing cycle from the above layer.
References
- Sherwood, J., Clark, A., & Lynas, D. (2005). Enterprise Security Architecture - A Business-Driven Approach. Boca Raton: CRC Press.