Hi, everyone. I'm Mark Buckwell. I'm a security architect with IBM focusing on the Security for Cloud Transformation. I joined IBM 26 years ago as an open system specialist and my first project required a high-security solution. I continue getting involved in a wide variety of security projects. I've been interested in security architecture, teaching courses for IBM globally and for MSE modules at UK universities. It is the process of constructing security controls in a systematic way to create a robust security architecture that interests me. This is a series of full short videos that will be used to describe security architecture concepts. The first video will explain the characteristics of a security architecture, including why architectural thinking is important. The next video will go on to discuss different types of high-level security architecture representations that can be used and when to use them in practice. The third video will go on to look at how to describe security solutions as they are decomposed to identify threats and specify the required security controls. In the final video, I will discuss how security patterns can be used to accelerate the development of security for infrastructure and applications. So let's start this video by explaining the characteristics of security architecture. I believe architecture forms the foundation of goods security. How you put the security together is just as important as what security controls are used and how they're managed. This house you see is the Winchester Mystery House and is a good example of how not to construct a house. Sarah Winchester inherited $20 million on the death of her husband. She recruited a dedicated crew of carpenters to build a 160 rooms so quickly that nobody bothered to draw blueprints. She didn't hesitate to make unorthodox building decisions. A stairway ascending to a wall, a closet to bath an inch deep, and the door to nowhere that opens to empty space. This is a good example of how not to build a complex system, without an architect to define how the components of the house ought to be put together and a project manager to ensure it is built to specification. This is also true of security architecture. It is needed to provide assurance that the solution has been designed to construct it effectively integrating each of the components into a system. So Build with a clearly communicated structure. The second lesson is about the Raspberry Pi. The Jet Propulsion Labs in the US perform sensitive research, but also needs to be connected to the Internet. In 2018, an employee bras in their own Raspberry Pi and bridge the internal network with the Internet, allowing hackers to extract around 500 megabytes of data. It was found there were many shortcomings with the JPL security, including a lack of a mechanism to detect unauthorized devices on the network and insufficient networking segmentation. They could've done a better job of systematically assessing the potential threats and designing the controls to meet those threats. So systematically, analyzing threats and controls would've helped. Finally, don't build security like the security gate. Let's talk about the complexity and where security architecture is most effective. When a shed is constructed, it can be completed with one person and planned with list of components on a scrap of paper. With a house, there will be a team of skilled professionals, including that electrician, plumber, carpenter, etc. They will work to a solution provided by an architect and managed by a project manager. As the complexity increases, as with these high rise buildings in Hong Kong, there will be many teams of people involved in the construction. Different techniques and tools will be used. Plans will be at differing levels of abstraction with high-level architecture showing the overall solution without any specific details. This high-level architecture will be decomposed into a design for each building, a design for each floor, and then a design for each flat or apartment. Rather than creating a separate design for each floor and flat, a series of patterns will be defined that can be reused. Patterns provide a rapid way of developing similar systems or components. Special solutions will be developed for the different professions. There may be a solution for electricity, a solution for plumbing. There are different viewpoints of the same overall solution with more detail for a specific profession. The same approach is used with IT architecture with differing levels of abstraction targeted at different members of the team designing, delivering an operating system. There might be an architecture diagram for the overall system, we decomposition to more and more detail until there are documents describing how to install hardware in a rack. There will be different viewpoints. One of those viewpoints will be security to identify the security capabilities within a system. Each document describing the solution will need to be integrated with other viewpoints across the team, whether it's storage, platform, or availability. All of this should use a systematic approach to communicate an architecture. This is created using a standard set of tools and techniques. Using a standard way of communicating will enable team members to ensure robust system is constructed. Let's look at architectural thinking. Architectural thinking is about creating and communicating good structure and behavior with the intent of avoiding chaos. In IT systems, we talk about the architecture being described using different levels of abstraction covering both the implementation and the operations. This needs a careful balance as a solution needs to be affordable and yet secure. There are many ways to describe an architecture, but essentially, the architecture will be made up of a static structure and dynamic behavior. What does that mean? The static structure describes how the components will be connected together. If I connect two components together using a wire, it doesn't mean it will perform a useful function. The dynamic behavior describes how the components will interact over time, including how the communication is secured. As the system is put together, there is a series of design decisions that shape the system. Balancing security, usability, resilience, and cost. As a security architecture, you need to consider security does not override the other characteristics needed in a system. That's it for now. In the next video, you will get to understand the different types of architectural models and when to use them.
