Patterns: IT Systems Management and Security

As the practice of IT architecture continues to evolve, so does the specialty of IT security architecture.

The general practice of IT architecture has advanced from object-oriented design toward services-oriented approaches that combine object orientation and process orientation within a Component Business Model. Increasingly, it is becoming apparent that IT security architecture is broader than the application of specialized technology.

IT security includes a combination of process design and technology deployment that provides for:

• Modification of business processes to account for integration of business policies and risk management models
  
• A set of IT system management services needed to assure the desired level of resilience to the modified IT environment
  

This IBM Redpaper reviews the basic concepts of security component design, following the Method for Architecting Secure Solutions (MASS). It introduces a second critical element of the unified security architecture, the security system management service view.

• Federated Identity Management and Web Services Security with IBM Tivoli Security Solutions, SG24-6394-01
• Integrated Identity and Access Management Architectural Patterns, REDP-4423-00
• IBM Tivoli Access Manager for e-business, REDP-3677-01

Publish Date
08 December 2005

Last Update
20 December 2005

Rating: Not yet rated

Rate this paper

Author(s)

Axel Buecker is a Certified Consulting Software I/T Specialist at the ITSO, Austin Center. He writes extensively and teaches IBM classes worldwide on areas of software security architecture and network computing technologies. Before joining the ITSO in March 2000, he worked for IBM in Germany as a Senior I/T Specialist in Software Security Architecture. Axel has 19 years of experience in a variety of areas related to workstation and systems management, network computing, and e-business solutions. He holds a degree in computer science from the University of Bremen, Germany.

• Axel Buecker

Michael Ferrell is a Senior Consultant with IBM Security & Privacy Services in the U.S. His consulting experience is in the financial, pharmaceutical, and medical sectors. He is an Information Systems Security Architecture Professional (ISSAP) and a Certified Information Systems Security Professional (CISSP), with 14 years of experience in the IT and telecommunications area. His areas of expertise include enterprise security architecture, network security, and developing standards and policy. Michael has taught at the university level, has led training efforts for clients on information security topics, and has written on network security and telecommunications. He holds a degree in computer science from the New Jersey Institute of Technology and is completing a master degree in information security from James Madison University.

• Michael Ferrell

Jim Whitmore is an Executive IT Architect at IBM, within IBM Software Group/Tivoli. His role involves strategy and planning for autonomic computing focusing on security and event management solutions. He has worked for IBM for the past 21 years. He has been certified as an IT Architect for the past 10 years, in the disciplines of networking, security, and enterprise architecture. He was the technical leader in the development of the MASS. Jim's work has been published in the IBM Systems Journal, technical conference proceedings, and several IBM Redbooks. He has 30 years of experience in engineering and IT solution design, development, integration, and assessment.

• Jim Whitmore

IBM Form Number
REDP-4107-00

Number of pages

118