Collaboration Oriented Architecture COA Position Paper An Overview

Slides:



Advertisements
Similar presentations
Connected Health Framework
Advertisements

IT Governance & Quality Management
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Building a SOA roadmap for your enterprise Presented by Sanjeev Batta Architect, Cayzen Technologies.
Collaboration Oriented Architecture COA Position Paper An Overview Adrian Seccombe Board of Management, Jericho Forum ® CISO & Snr Enterprise Information.
ISS IT Assessment Framework
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
COBIT Framework Introduction. Problems with IT? – Increasing pressure to leverage technology in business strategies – Growing complexity of IT environments.
Connect – Mersey Care NHS Trust & SCC Knowledge Driven Health.
EA Modelling Guidelines
Information Systems Controls for System Reliability -Information Security-
COBIT 5: Framework, BMIS, Implementation and future Information Security Guidance Presented by.
Getting Smarter with Information An Information Agenda Approach
Developing Enterprise Architecture
An Introduction to the new features in TOGAF® 9
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
A NASSCOM ® Initiative Security and Quality Kamlesh Bajaj CEO, DSCI May 23, 2009 NASSCOM Quality Summit Hyderabad 1.
INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.
The disappearing perimeter and The need for secure collaboration Bob West Founder and CEO, Echelon One, & Jericho Forum ® Board Member Jericho Forum at.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Roles and Responsibilities
CSI - Introduction General Understanding. What is ITSM and what is its Value? ITSM is a set of specialized organizational capabilities for providing value.
The Jericho Forum’s Architecture for De-Perimeterised Security Presentation at CACS 2007 Auckland Prof. Clark Thomborson 10 th September 2007.
Jericho’s Architecture for De-Perimeterised Security Presentation at ISACA/IIA Wellington Prof. Clark Thomborson 27 th July 2007.
IT Governance: COBIT, ISO17799 & ITIL. Introduction COBIT ITIL ISO17799Others.
Setting the Foundations  The Jericho Forum “Commandments”  Nick Bleech Rolls Royce & Jericho Forum Board.
The DoD Information Enterprise Strategic Plan and Roadmap (SP&R)
Samantha Schreiner University of Illinois at Urbana- Champaign BA 559 – Professor Michael Shaw December 15 th, 2008 A Survey of IT Governance Through COBIT,
Enterprise Architecture HOW COMPANIES ARE EXPLOITING INFORMATION TO THROUGH IT.
Jericho Commandments, Future Trends, & Positioning.
Secure Business Collaboration Do It Now!
COA Masterclass The introduction! Paul Simmonds Board of Management, Jericho Forum ® ex.CISO, ICI Plc.
12-CRS-0106 REVISED 8 FEB 2013 APO (Align, Plan and Organise)
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Driving Value from IT Services using ITIL and COBIT 5 July 24, 2013 Gary Hardy ITWinners.
The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation.
COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.
Department of Computer Science Introduction to Information Security Chapter 8 ISO/IEC Semester 1.
Telephone : +234 (0) | Website : Registered company : Telephone : +234.
Digital Asset Management & Storage Program Program Summary
Azure Stack Foundation
An Information Security Management System
Michael J. Novak ASQ Section 0511 Meeting, February 8, 2017
Sample Fit-Gap Kick-off
Open Platform 3.0™ Overview – 3rd August 2016 Dr Christopher J Harding
BIL 424 NETWORK ARCHITECTURE AND SERVICE PROVIDING.
Transforming business
Data Architecture World Class Operations - Impact Workshop.
Current ‘Hot Topics’ in Information Security Governance Auditing
NIST Cybersecurity Framework
FUTURE WATER ASSOCIATION
IT and Project Management Best Practice Training
Standards for success in city IT and construction projects
The disappearing perimeter and The need for secure collaboration
Introducing Statistical Standards -GAMSO
Following Up on Internal Audit Reports Workshop on IIA Standard 2500
COBIT® Compliance Oriented Architecture
EA Modelling Guidelines
QUALITY MATTERS - OVERVIEW OF ISO QUALITY MANAGEMENT SYSTEM
Collaboration Adoption Framework
Collaboration Adoption Framework
AMI Security Roadmap April 13, 2007.
The People Ready Vision for Business in the Enterprise
Employee engagement Delivery guide
COBIT 5: Framework, BMIS, Implementation and future Information Security Guidance Presented by.
Data Governance & Management Skills and Experience
Introduction to SOA Part II: SOA in the enterprise
Baseline Expectations for Trust in Federation
High-Level Group for the Modernisation of Official Statistics
Presentation transcript:

Collaboration Oriented Architecture COA Position Paper An Overview Adrian Seccombe Board of Management, Jericho Forum® CISO & Snr Enterprise Information Architect, Eli Lilly

Questions at the end, please! ? Apart from points of clarification.

Backgrounder Technically an Open Group Forum Founded by CISO’s of multinational companies in January 2004 to respond to… De-Perimeterisation Today: 42 Member Companies and growing Mission Act as a catalyst to accelerate the achievement of the collective vision, by: Defining the problem space Communicating the collective vision Challenging constraints and creating an environment for innovation Demonstrating the market Influencing future products, services, and standards

Security Forum Standards Dev Work Types Needs Principles Strategy Desired Future State Work Types Needs Principles Strategy Position Papers Police and Gov’t Agencies Customers Security Forum White Papers Patterns Use Cases Standards Dev Suppliers Guidelines Standards Solutions Customers Standards and Solutions Suppliers

Backgrounder De-Perimeterisation The journey so far… Defined the issue, and created noise around … We don’t apologise for the controversy! Created the Commandments, there are 11! Created a generic Roadmap Trademarked: Jericho Forum Created Inherently Secure Communications Paper Published the COA Position Paper De-Perimeterisation

Why the COA Position Paper? We had defined the Problem… We had developed a set of “Principles” in the Commandments… We had created a roadmap (Though not rich with content) We realised we needed to provide more details around the Solution…. Deperimeterisation COA

COA: The Papers Framework Introduction Problem Why Should I Care? Components of COA Recommended Solution/Response Conclusion The Way Forward

Introduction Aim: To provide a guiding framework that enables Secure Information Sharing in a Collaborative environment. Aligned to the Jericho Forum Commandments 4-8 pertaining to Surviving in a Hostile World Need for Trust Identity Management and Federation

Problem Traditional approaches to architecting security solutions are aimed at securing organizational borders, and the network, reinforcing a ‘perimeterised’ perspective. This is contrary to the future business needs of most organisations.

A Lilly segway We are changing from a FIPCo to a FIPNet. Fully Integrated Pharmaceutical Company Fully Integrated Pharmaceutical Network Collaboration will be a core capability.

Why Should I care? De-perimeterisation is happening NOW! COA is the framework that will allow appropriately architected business-driven solutions to be developed and delivered. Adopting COA allows the added value of de-perimeterisation while mitigating the additional risks to your organizations.

Secure! Trustworthy! Reliable! Components of COA An Architects’ View Principles - Known parties - Assurance - Trust - Risk - Compliance - Legal, Regulatory, Contractual - Privacy Technologies - End Point Security/Assurance Secure Communications Secure Protocols Secure Data/Information Content Monitoring Content Protection Secure! Processes People Risk Information Devices Enterprise Trustworthy! Reliable! Services - Federated Identity - Policy Management - Data/Information Management - Classification - Audit Solution Attributes Usability/Manageability Availability Efficiency/Performance Effectiveness Agility Expand this section, to add more content An Architects’ View

Recommended Solution/Response A section that describes how existing standards, protocols and frameworks should be used and supplemented with additional standards, tools, and services to deliver COA… COBIT SAML ITIL ISO 27001/2 TOGAF SOA

Conclusion Implementing COA builds upon existing standards and practises to enable effective and secure collaboration COA provides a high level pattern to allow legacy applications to be re-architected to be collaboration oriented. It takes a different mindset, and new services, both in the cloud and around the data.

The way forward The COA position paper sketches the skeleton We need to collectively refine / develop the standards, tools and services in more detailed papers Many of which can, and should be taken up by the Security Forum and ultimately service providers Example : Inherently Secure Communications Standard Trust / Classification Framework….