Security Architecture Diagram

Definition

A security architecture diagram is a low-level architecture diagram work product that primarily documents the major security components and mechanisms of an application and their relationships.

Objectives

The typical objectives of a security architecture diagram is to:

• Document the security mechanisms of the application.

Benefits

The typical benefits of a security architecture diagram are to:

• TBD

Contents

The typical contents of a security architecture diagram are:

• Hardware Icons (e.g., Firewalls, LDAP Directory)
• Software Icons (e.g., Encryption/Decryption software)

Stakeholders

The typical stakeholders of a security architecture diagram are:

• Producers:
  • Architecture Team
  • Security Team
• Evaluators:
  • Project Manager
  • Technical Leader
• Approvers:
  • Project Manager
  • Technical Leader
  • Customer Representative
• Maintainers:
  • Security Team
• Users:
  • Security Team
  • Software Development Team

Phases

• Business Strategy: Not Applicable
• Business Optimization: Not Applicable
• Initiation: Completed
• Construction: Maintained
• Delivery: Maintained
• Usage: Maintained
• Retirement: Archived

Preconditions

Security architecture diagrams can typially be started if the following preconditions hold:

• The initiation phase has started.
• The architecture team is adequately staffed and trained in logical architecture production.

Inputs

The typical inputs to a security architecture diagram include:

• Work Products:
  • Application Vision Statement
  • System Requirements Specification
• Stakeholders:
  • TBD

Guidelines

• TBD

Conventions

Security architecture diagrams are typically constrained by the following conventions:

• Work Flow
• Content and Format Standard
• Inspection Checklist

Examples

• Example Security Architecture Diagram