Security Services Catalogue

Project Scope & Goals

The Project Scope is to build a catalogue of standardised security services that are available ‘off the shelf’ so that both enterprise architects and security architects can share in the collective wisdom of the architecture community, and be able to make the leap from business-driven requirements for security and risk management to conceptual and logical enterprise architectures and solution architectures.

Vision

For security architects, the Security Services Catalogue is a register that supports filling in the logical (aka functional) layer of the architecture with security safeguards. Unlike existing control frameworks that contain requirements, the Security Services Catalogue describes security building blocks that actually deliver protection. This architecture approach enables smooth integration of information security in the enterprise architecture.

The standardised approach contributes to the professionalization of the security management organisation and facilitates a more efficient and cost effective way of working. One of the main advantages of the Security Services Catalogue is that it is a common terminology and reference framework for the domain of security management, allowing better cooperation between the parties concerned. Furthermore it helps rationalising the design of security services within architecture development, by choosing appropriate security services whilst avoiding overlapping security services

Contact the Security Services Catalogue Working Group