System Security

John Zachman’s use of the basic interrogatives to define a system lends itself to alternative analysis. One of these cases is system security. When it comes to security there are only four acts you can commit: Select, Insert, Update and Delete. However, you can commit these acts for each of the Zachman Framework Focuses: Data, Network, Motive, Process, People, Time and each of the Zachman Perspectives: Conceptual, Contextual, Logical, Physical, Mechanical, Instantial. What you have as a product is not just a security table, but a security cube. Below is an example of a security table defining 24 possible violations:

systemsecurity.jpg

A security cube would define 4 x 6 x 6 = 264 possible violations. It should be added that violations do not always work in isolation. For example spyware is a procedural insert and data selection. How many cells in the security cube would be affected if a plane crashed into one of your facilities?

It is also important to note that preventing snooping (or sniffing) is often an effective way to prevent the other three manipulation operations.  What they can’t see can’t hurt you.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: