Identity Defined Security Alliance

Putting Identity at the Center of Security

Reference Architecture

What components are needed to solve this problem?

All attached is a reference architecture that Jerry and I put together and offer up for feedback and discussion.

In preparation for our September onsite in Dallas please review and provide feedback here.

Just wondering if anyone has had a chance to review this architecture and had any feedback to share.

Hi All,

I think the inclusion of ThreatMetrix could be valuable in the workflow, The way this would work in the architecture is a line from “0365 Desktop Client” and “Web/Portal/Mobile” to TMX profiling. Then a line from “Fraud & Risk” to our API servers. Responses would be used by the “Fraud & Risk” system to determine viability. Thoughts?

There is already a Fraud & Risk component and I think that is where this would go. We could include a box with SIEM and CASB to reflect the TMX profiling. Maybe we change the F&R box to say something like Risk Profile and then add F&R below. Thoughts on that???

Microsoft CyberSecurity Reference Architecture

https://cloudblogs.microsoft.com/uploads/prod/2018/06/SRA-1024x569.png

Here is the current set of Security Capabilities and how they map to the MS Ref Architecture and IDSA components. In order to develop a IDSA ref architecture we need the following from the IDSA Members:

  1. Column A (IDSA Components) – Jerry and I too an initial pass at mapping the recommended capabilities to IDSA components, please validate this mapping, if it is blank we were unable to identify the right IDSA component.
  2. Column C (MS-Only Holes) – Need to reflect what Column D is resolving, please validate or update verbiage.
  3. Column D (Recommended Security Capabilities) – These capabilities need to be made more generic and not vendor / product specific

Once the above has been done we will also start to define the application Security Controls related to these capabilities. The impact of above is that unless a recommended security capability can be mapped to an IDSA component it will be dropped from the spreadsheet and not represented in the IDSA Reference Architecture output.IDSA-Ref-Capabilities.xlsx (28.8 KB)

Here is the updated capabilities list that was updated via our NYC work sessions:

IDSA-Ref-Capabilities_110718.xlsx (28.4 KB)

Here is the latest version of the reference capabilities based on the feedback received.

IDSA-Ref-Capabilities_11262018.xlsx (29.0 KB)