PERANCANGAN SECURITY TECHNOLOGY ARCHITECTURE PADA PERUSAHAAN TELEKOMUNIKASI MENGGUNAKAN KERANGKA KERJA ENTERPRISE SECURITY ARCHITECTURE

Sriwisnu Noloadi

Sriwisnu Noloadi Universitas Nasional Pasim

Keywords: Security Technology Architecture, ESA, NAC, TOGAF, NIST

Abstract

Security Technology Architecture of Enterprise Architecture as a part of business support system is mandatory needed by enterprise, the possibility of fraud, system intrusion including the threat viruses and spam is the reason we need reliable security technology for companies. The designing related security technology is to build a security technology architecture which is adequate and align with current architecture. Based on the current condition of company, the reliable of security technology very urgently required by Telcom Company mainly on 4 zonings area in the operation of IT system to support business which is related with the availability of secure data and information. The importance of Security Technology Architecture is will be act as the role to support company, it’s has been proven because of its provide the security of technology and process structure which are fundamental aspect in IT strategy and planning. Using frameworks of ESA (Enterprise Security Architecture) from NAC (Network Applications Consortium), TOGAF (The Open Group Architecture Framework) and NIST (National Institute Standard Technology) will be accelerate and simplify for designing of Security Technology Architecture by ascertaining comprehensive coverage of solution which is essentially the process of drafting and design of Security Technology Architecture should be through 4 (four) steps which needed to be carry out as develop a conceptual framework, conceptual architecture, logical architecture and physical architectural. Capabilities of security services which is able to given by Security Technology coverage access control services, border protection services, detection services, information content services, auditing and cryptography. Deliverables show that most suitable designing and applying of Security Technology Architecture for company is by proposed the security model that consist of a cover business, information system, and The architecture of technology which are relied on recommended technical basics that is to be able to implemented for telecommunication and common company.

References

1. Obeid, Doug., 2003 - 2004, NAC-Network Applications Consorsium: “Enterprise Security Architecture” Journal of NAC, E-Journal on-line. Trough http://trygstad.rice.iit.edu:8000 /Articles/EnterpriseSecurityArchitecture-NetworkApplicationsConsortium.pdf [June 1, 2012, 6:40pm]
2. Gary Stoneburner, Alice Goguen, and Alexis Feringa, 2002, NIST sp800-30: “Risk Management Guide for Information Technology Systems” Journal of NIST. E-Journal on-line. Trough http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf [July 19, 2012, 7.40pm]
3. NIST Special Publication 800-53 Revision 3, 2009, NIST sp800-53: “Information Security” Journal of NIST. E-Journal on-line. Trough http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final.pdf., [July 20, 2012, 2.26pm]
4. Henk Jonkers (Ed.), Iver Band, Dick Quartel, Henry Franken, Mick Adams, Peter Haviland, and Erik Proper., July 2012. “Using The TOGAF 9.1 Architecture Content Framework with the Archimate 2.0 Modeling Language”. Journal of Opengroup. E-Journal on-line. Trough https://www2.opengroup.org/ogsys/jsp/publications/PublicationDetails.jsp?publicationid=12697 [July 18, 2012, 6.34am]
De Haes, Steven, Ph.D. du Preez, Gert, CGEIT. Massa, Rachel, CGEIT. Bart, Peeter. Steve, Reznik, CISA. Steuperaert, Dirk, CISA, CGEI, 2009. ”The Risk IT Practioner Guide