KEMBAR78
Security Architecture: Identity Management Authentication Access Control | PDF
Scribd
Upload
64 views1 page

Security Architecture: Identity Management Authentication Access Control

The document outlines the key components of a security architecture including identity and access management with user provisioning, authentication, access control, and support for external identity managers. It also covers application security with data validation, session management, transaction limits, authorization, exception management, sensitive data handling, data masking, audit logging, and configuration audits. The security architecture also includes secure development processes for data classification, threat modeling, secure coding, and security testing. Infrastructure security covers platform, transport, and message security aligned with common standards.

Uploaded by

Laxmi Narasimha Boddu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
64 views1 page

Security Architecture: Identity Management Authentication Access Control

The document outlines the key components of a security architecture including identity and access management with user provisioning, authentication, access control, and support for external identity managers. It also covers application security with data validation, session management, transaction limits, authorization, exception management, sensitive data handling, data masking, audit logging, and configuration audits. The security architecture also includes secure development processes for data classification, threat modeling, secure coding, and security testing. Infrastructure security covers platform, transport, and message security aligned with common standards.

Uploaded by

Laxmi Narasimha Boddu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Security Architecture

Identity and Access Management Standards Support

Identity Management Authentication Access Control


(Role & User Provisioning, (SSO, LDAP, 2FA, support (Segregation of duties, ISO 27001
support External Identity Manager) Enterprise Access Manager) Minimum Privilege,
User Hierarchy, Multiple levels)
COBIT

Application Security
PCI-DSS
Data Validation Session Management

MAS-HKMA
Transaction Limits Authorization Exception Management

FFIEC
Sensitive Data Data Masking Audit and Logging Configuration Audit

Secure Development Process OWASP

Data Classification Threat Modeling Secure Coding Security Testing


JAAS

Infrastructure Security WS-Security

Platform Transport Message


(OS, Database, Network Zoning) (Encryption, SSL, Client IP (Credentials, Non-Repudiation, JCE
Validation) Hashing)

You might also like