Security Architecture
Security architecture는 layered defenses (network, application, data, IAM)와 policies, standards, technologies의 integration을 정의하여 assets을 보호하고 risk management을 지원합니다.
A comprehensive security architecture는 governance, risk management, engineering practices를 수립하여 people, processes, technology 전반에 걸쳐 information assets을 보호합니다. 이는 governance/policy layer; network security; application security; data security; identity and access management; endpoint and cloud security; supply chain security를 포함하는 여러 layer에 걸친 governance와 policy, reference models, technical stack을 포괄합니다. 효과적인 architecture는 recognized standards (e.g., NIST SP 800-53, ISO/IEC 27001, ISO/IEC 27002, NIST SP 800-160, CSA CCM; SABSA; TOGAF)에 controls을 매핑하고 security를 software development lifecycle (secure SDLC) 및 threat modeling (e.g., STRIDE, PASTA)에 통합합니다. 이는 risk-based approach, least privilege, defense-in-depth를 강조하며, 명확한 ownership, measurement, monitoring (SIEM, EDR, IAM analytics) 및 governance reviews를 통한 continuous improvement를 포함합니다. Architecture artifacts는 reference diagrams, policy mappings, control catalogs, data classification schemes, 그리고 evolving threats 및 regulatory requirements에 적응하기 위한 ongoing program을 포함합니다. Education and awareness, supply chain risk management, incident response integration은 architecture를 완성하여 business objectives 및 regulatory posture와의 alignment를 보장합니다.
graph LR
Center["Security Architecture"]:::main
Rel_computer_architecture["computer-architecture"]:::related -.-> Center
click Rel_computer_architecture "/terms/computer-architecture"
Rel_security_automation["security-automation"]:::related -.-> Center
click Rel_security_automation "/terms/security-automation"
Rel_hardware_security["hardware-security"]:::related -.-> Center
click Rel_hardware_security "/terms/hardware-security"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 5살도 이해할 수 있게 설명
Generated ELI5 content
🤓 Expert Deep Dive
Generated expert content
❓ 자주 묻는 질문
What is the purpose of a security architecture?
To provide a risk-based blueprint for selecting and implementing security controls that protect critical assets while enabling business operations, governed by policy and continuous improvement.
What frameworks or standards guide security architecture?
Common references include NIST SP 800-53, ISO/IEC 27001/27002, NIST SP 800-160, SABSA, TOGAF, and threat modeling practices (STRIDE, MITRE ATT&CK).
What are typical layers or components?
Governance/policy, network security, application security, data security, identity and access management, endpoint/cloud security, and supply chain security.
How does security architecture relate to risk management?
It translates risk-based requirements into concrete controls, aligns with risk appetite, and enables measurable security outcomes.
What is Zero Trust in this context?
A model that requires verification and least-privilege access for every resource, irrespective of location or network perimeter.