[Cisspstudy] IBM Security Framework & Security Blueprint
Prakash
prakash2757 at yahoo.com
Tue Aug 18 11:33:51 EDT 2009
The IBM
Security Framework was developed to describe security in terms of the
business resources that need to be protected, and looks at the
different resource domains from a business point of view. It divides IT
security into the following six resource domains:
- People and Identity
- Data and Information
- Application and Process
- Network, Server, and Endpoint
- Physical Infrastructure
- Security Governance, Risk Management, and Compliance
The IBM
Security Blueprint expands on the business oriented view of the IBM
Security Framework by mapping the domains into a core set of security
capabilities and services. These capabilities and services serve as a
starting point for design, development, integration, operation, and
management of an enterprise IT environment that has security at its
core.
Download
http://www.redbooks.ibm.com/redpapers/pdfs/redp4528.pdf
Notes from Prakash
- This is a small but very valuable document of 40 pages (4.08 MB)
gives oversight on Business context for IT security, IT security
management, IBM Security Framework, Mapping PCI DSS principles to IBM
Security Framework & even have Business scenarios.
I hope security community finds it useful.
- Prakash
http://www.linkedin.com/in/prakashp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090818/a5ee6994/attachment.html>
More information about the cisspstudy
mailing list