The eLearning Series:
Systems Engineering for Software Intensive Systems

EA Security Architecture

Prerequisite

None

Required Textbooks

Bernard, Scott A. (2005). An Introduction to Enterprise Architecture (2nd Edition). AuthorHouse, Bloomington, IL. ISBN: 1-4208-8050-0.

Killmeyer, Jan. (2006). Information Security Architecture: An Integrated Approach to Security in the Organization (2nd Edition). Auerbach Publications. ISBN: 0-8493-1549-2.

Course Objectives

This course introduces information technology (IT) Security Architecture concepts and practices using an organization-wide enterprise architecture as context. The purpose of an IT security architecture is to ensure that proper levels of information confidentiality, integrity, and availability are provided for an organization’s information and data. The course will show that the implementation of an IT security architecture is based on a Security Architecture Framework that has eight areas to address enterprise and system-level security requirements: information security governance, operations security, personnel security, information and data security, systems security, application development security, infrastructure security, and physical security. At the end of the course, students will be able to:

• Understand the basic concepts and practices of IT Security Architecture.

• Understand how and why an Enterprise Architecture provides context and standards.

• Understand the purpose and function of an IT Security Architecture Framework.

• Appreciate organizations in the context of highly complex operating environments.

• Understand what security controls are and how to develop them.

• Be familiar with examples of IT security architecture from the public and private sector.

Weekly Lecture and Discussion Topics