Chapter 9

Security Architecture and Design

In This Chapter

Taking a look at computer architecture, including hardware, firmware, and software

Reviewing basic security architecture concepts

Taking account of access control models

Understanding evaluation criteria and certification/accreditation

Chapters 5 and 7 address network security and software development security, respectively, but the primary focus of this chapter is systems security. The system comprises all the guts of a computer system, both literally and figuratively.

We also discuss security models in this chapter; security models apply to the inner workings of individual computers, but also to large networks consisting of hundreds or even thousands of computers. Security models are abstract by nature, and they can even be applied to embedded systems, which are small enough to fit on the head of a pin, as well as large systems, such as the global Internet. Security models are generalizations about how security can be used to protect information. Being familiar with these models helps the security professional to better protect information assets in his or her employer’s environment.

In this chapter, we discuss basic computer architecture (if you’re already CompTIA A+ certified, the following section will be a simple, quick review), security architectures (including important concepts such as the Trusted Computing Base [TCB], open and closed systems, and security modes), access control models, security countermeasures, evaluation criteria, and certification and accreditation.