Okay, let's go ahead and look at our next element. Let's talk about the requirements of system architecture. So when we talk about the architecture of the system, we're talking about the design. We're talking about the elements of approach. We're talking about the internal structure on which
the system's gonna be built.
So when we talk about the architecture of system, the main priority and this is something you'll see on this test quite a bit essential is that the design of the system's architecture must meet the requirements of the business once again, security
it And I don't live that I stress. This is much, um, as perhaps we should have. But I want to tell you, for this exam and in life,
the whole purpose of security is to support the business. That's the only reason we care about security. That's the only benefit it brings to us is it supports the business,
right? So when we look at going back to the question about how much security is enough, just enough security so that we provide appropriate risk management without compromising our business objectives, so the system architecture has to be designed with that in mind,
second bullet points. So very important. Security should be integrated into the design of an information system as opposed to duct taped on later. And that happens all the time. If I were to ask, how many of you have been through some sort of introduction to program in class,
you know, probably many of us have, whether it was in college, perhaps high school here, there.
The next question I would ask you is how much of that introduction to program in class was designed on writing secure code.
And I'll just about guarantee you the interest zero. Because historically what we've done is we've made functional code and said, Oh, we'll put out a security patch and secure it later, obviously not the best approach to secure design. So we're gonna focus on its designing software that is secure
or another way to look at that, or or to think about that. And here's a good I S C Square phrase.
Security is part of the folk sh inal. Baseline
security is part of the functional baseline. And what that means is the product, you know, historically, we've asked, does it work and then is it secure
now? the question becomes, Does it work securely? And if it doesn't, then it doesn't work at all.
That's a big change for us again. You see the bullet point balancing the security needs of the organization versus the desired level of security. We've got a really examining balance that and always understand those tradeoffs for security
in just a little bit will be talking about risk management will really get into that cost benefit analysis in those ideas.
Okay, now, when we talk about the architecture of a system, there are some things that we would consider.
Ah, specifically, we would look at some elements, help the trusted computer base, the TCBY, and that's a term that's been around for a long time. It came to us from the Orange Book. You know, it really hasn't been used in 20 years
and to say the least, but the Orange Foot gave us a lot of ideas that are very important that her that we used today to work on.
So when we look at that, a couple of terms, the TC be primarily
are those elements of a system that have to be, you know, you could say they have to be beyond reproach. For instance, Um, I don't care how many mechanisms you put for security into your operating system, but if I can compromise your systems bios,
none of that matters.
I'll redirect and going to another operating system, for instance. Or if we can't trust your CPU,
then none of the rest of it matters. Memories part of the TCP, the operating system kernel. All of those elements must support the security policy of the system and should not be able to violate security policy. And those elements are infertile. Is the TCBY
now a couple of important elements of the trusted computer base? We have the security perimeter,
the reference monitor in the security Colonel.
So if I would look at all of the elements that are part of the trusted computing base inside of one circle the boundary around the TCBY, that enforcing border, if you will, would be referred to as the security perimeter.
Now the security colonel in the reference monitor the reference monitor there, like the law's the law of the land, the security colonels like the police. So the reference monitor all the lists of do's and don'ts and
you know your access control list to your requirements that, say, three
attempts at a password. All of those rules in anytime. A subject access is an object. The reference monitor has to be verified,
but walls, the reference monitor is no good without enforcement. So if the reference monitor the laws of the system the security Colonel, that's the police. That's the enforcement of the security perimeter. I'm sorry if the reference monitor
so the reference monitor may state you get three attempts at guessing a password
before you're logged out. That's the rule. But the actual software elements that log you out or, um, lock out your account. That's the security, Colonel. I hope that makes sense. So you've got the rules that air the reference monitor. The enforcement comes from the security Colonel.