Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Chapter 1. Introduction > IBM Security Blueprint - Pg. 7

1.2 Framework and Blueprint The Security Framework is technology-neutral, providing a guide to what solutions are needed rather than how they are to be delivered. Solutions for problems in a given domain tend to share characteristics, and can be evaluated using common criteria. See Figure 1-2. Figure 1-2 IBM Security Framework and Blueprint views The next step after the IBM Security Framework's business view is the IBM Security Blueprint , a map of security concerns and responses for technical architects. Designed primarily for use by technical stakeholders, the Security Blueprint goes beyond a strategy view to add a more detailed operational and technical view. While the Security Blueprint is still product-agnostic and platform-neutral, it provides a guide to the architecture of security systems. The Blueprint provides system views, component catalogs, and solution patterns that can be used to build and analyze secure IT systems. For more information about understanding and applying the IBM Enterprise Security Architecture, see Introducing the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security, REDP-4528. 1.3 IBM Security Blueprint The IBM Security Blueprint divides security architecture into four layers: Business domains Security controls Security technologies Architectural principles Chapter 1. Introduction 7