Gartner 2006 Integrating Security Into the Enterprise Architecture Framework.Pdf
Research
Publication Date: 25 January 2006 ID Number: G00137069
Integrating Security Into the Enterprise Architecture Framework
Gregg Kreizman, Bruce Robertson
Enterprise architecture frameworks should integrate and separate security and other EA deliverables to offer value to security professionals and other business and IT planners.
© 2006 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.
WHAT YOU NEED TO KNOW
An enterprise architecture (EA) framework should allow for security-related requirements and artifacts to be organized within primary EA viewpoints, but should also have these security elements abstracted to a security-only viewpoint. This allows different stakeholders to view these requirements and artifacts in ways that best help them do their jobs while ensuring that security requirements are built in to all aspects of solutions.
ANALYSIS
An architecture framework provides a structure and a common set of semantics that enforce consistency across the wide range of participants in enterprise architecture initiatives who typically come from diverse areas of the business. Without a framework, it is difficult to relate work in different areas to each other and to integrate that work. With a framework, work in different areas by different
Publication Date: 25 January 2006 ID Number: G00137069
Integrating Security Into the Enterprise Architecture Framework
Gregg Kreizman, Bruce Robertson
Enterprise architecture frameworks should integrate and separate security and other EA deliverables to offer value to security professionals and other business and IT planners.
© 2006 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.
WHAT YOU NEED TO KNOW
An enterprise architecture (EA) framework should allow for security-related requirements and artifacts to be organized within primary EA viewpoints, but should also have these security elements abstracted to a security-only viewpoint. This allows different stakeholders to view these requirements and artifacts in ways that best help them do their jobs while ensuring that security requirements are built in to all aspects of solutions.
ANALYSIS
An architecture framework provides a structure and a common set of semantics that enforce consistency across the wide range of participants in enterprise architecture initiatives who typically come from diverse areas of the business. Without a framework, it is difficult to relate work in different areas to each other and to integrate that work. With a framework, work in different areas by different