From the course: Using SABSA to Architect Cloud Security
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Using attributes to collect lower layer risks - SABSA Tutorial
From the course: Using SABSA to Architect Cloud Security
Using attributes to collect lower layer risks
- [Instructor] We've looked at how we can decompose one high level attribute into multiple lower level attributes to enable easier measurement. However, we can also use the same attribute to manage risk down through the architectural layers. Let's see how we do this. Let's look at a cloud-based online shopping service where the business requirement is to ensure the service is available to its customers. In the conceptual layer, we'll select to top level attribute of available to represent the enterprise requirement that the cloud-based shopping service we provide is available to be used. This doesn't exist in any tangible form. It's just an element of the architect's model of the business. Now let's look at how we would architect that service. This occurs at the logical layer of the architecture. We need technology to run the web service and customer services to provide customer support. We need stores to manage the…
Contents
-
-
-
-
(Locked)
Establishing a conceptual architecture4m 50s
-
(Locked)
Threat modeling for cloud4m 41s
-
(Locked)
Risk management with SABSA4m 31s
-
(Locked)
Using attributes to collect lower layer risks2m 18s
-
(Locked)
Thinking clouds with SABSA6m 3s
-
(Locked)
Tiers of the CAT6m 22s
-
(Locked)
A cloud-enhanced conceptual architecture2m 48s
-
(Locked)
-
-