Enterprise Architecture Frameworks for Security Establishment

Kavita Bhatia, S. Pandey, Vivek Kumar Singh
{"title":"Enterprise Architecture Frameworks for Security Establishment","authors":"Kavita Bhatia, S. Pandey, Vivek Kumar Singh","doi":"10.1109/AISC56616.2023.10085439","DOIUrl":null,"url":null,"abstract":"Transformation is a process that is welcomed by almost all enterprises and Governments in order to make them ready for new challenges. Changing work environment and expectations of the individuals are the main driving forces behind such transformations. However, these changes, considering large enterprises, are not that easy and many times need a total shift in technologies (IT) adopted by them. This shift in technology also brings a shift in the working style of enterprises. Out of various technological requirements, security is considered as paramount importance in order to deliver safe and trustworthy solutions. Currently, the enterprises are practicing security establishments under various arenas viz. Network & Application Firewalls, Anti-Virus Software, Network Proxy, Endpoint Detection & Response, Vulnerability Patching, Intrusion Detection and Protection Systems, Role-Based Access Control, Identity & Access Management, and Secure Operating Environment etc. To establish these security requirements in an enterprise at later stage, require many systems / sub-systems to be implemented bearing a significant cost, efforts, and time. This leads to a need of such an Enterprise Architecture (EA) that keeps all the security requirements of the enterprises ‘right from the inception itself’ by reducing significant cost, efforts etc. with improved security. Various Enterprise Architecture Frameworks (EAFs) are available in the literature to safely and intelligently transform an enterprise/Government from its \"as is\" version to desired level. In this paper, attempts have been made to explore the existing EAFs on the basis of their security considerations at various levels of implementation. Thereafter, strengths and weaknesses of each EAF have been identified and on this basis as well as adoption outcomes, a comparative study of major EAFs has also been accomplished.","PeriodicalId":408520,"journal":{"name":"2023 International Conference on Artificial Intelligence and Smart Communication (AISC)","volume":"219 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Artificial Intelligence and Smart Communication (AISC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AISC56616.2023.10085439","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Transformation is a process that is welcomed by almost all enterprises and Governments in order to make them ready for new challenges. Changing work environment and expectations of the individuals are the main driving forces behind such transformations. However, these changes, considering large enterprises, are not that easy and many times need a total shift in technologies (IT) adopted by them. This shift in technology also brings a shift in the working style of enterprises. Out of various technological requirements, security is considered as paramount importance in order to deliver safe and trustworthy solutions. Currently, the enterprises are practicing security establishments under various arenas viz. Network & Application Firewalls, Anti-Virus Software, Network Proxy, Endpoint Detection & Response, Vulnerability Patching, Intrusion Detection and Protection Systems, Role-Based Access Control, Identity & Access Management, and Secure Operating Environment etc. To establish these security requirements in an enterprise at later stage, require many systems / sub-systems to be implemented bearing a significant cost, efforts, and time. This leads to a need of such an Enterprise Architecture (EA) that keeps all the security requirements of the enterprises ‘right from the inception itself’ by reducing significant cost, efforts etc. with improved security. Various Enterprise Architecture Frameworks (EAFs) are available in the literature to safely and intelligently transform an enterprise/Government from its "as is" version to desired level. In this paper, attempts have been made to explore the existing EAFs on the basis of their security considerations at various levels of implementation. Thereafter, strengths and weaknesses of each EAF have been identified and on this basis as well as adoption outcomes, a comparative study of major EAFs has also been accomplished.
用于安全建立的企业架构框架
改革是几乎所有企业和政府都欢迎的一个进程,以便使它们准备好迎接新的挑战。不断变化的工作环境和个人的期望是这种转变背后的主要驱动力。然而,考虑到大型企业,这些变化并不是那么容易的,很多时候需要完全改变它们所采用的技术(IT)。这种技术的转变也带来了企业工作方式的转变。在各种技术需求中,为了提供安全可靠的解决方案,安全性被认为是最重要的。目前,企业在网络与应用防火墙、杀毒软件、网络代理、端点检测与响应、漏洞修补、入侵检测与防护系统、基于角色的访问控制、身份与访问管理、安全运行环境等领域进行安全设置。为了在企业的后期阶段建立这些安全需求,需要实现许多系统/子系统,承担大量的成本、努力和时间。这导致了对这样一种企业架构(EA)的需求,这种架构通过减少显著的成本和工作等来提高安全性,从而“从一开始就”保持企业的所有安全需求。文献中有各种各样的企业架构框架(EAFs),可以安全、智能地将企业/政府从“现状”版本转换为所需的级别。在本文中,我们试图根据现有的eaf在不同实施层次上的安全考虑来探讨它们。然后,确定了每个EAF的优势和劣势,并在此基础上以及采用结果,对主要EAF进行了比较研究。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信