Overview
The ArchiMate language specification and TOGAF methodology/framework, The SABSA methodology and matrix from different layers, Alignment between SABSA and ArchiMate from the joint modeling approach, Hands-on practice through Archi, Protege and other tools to modeling the Security Overlay
Enterprise Architect or Security Architect who want to find the hands-on method of modeling Security Overlay, Any architects who want to enrich security modeling skills base on ArchiMate language specification
Certain knowledge on SABSA and Open Group's ArchiMate would be beneficial
SABSA® (Sherwood Applied Business Security Architecture) is a methodology for developing risk-driven enterprise information security and information assurance architectures and for delivering security infrastructure solutions that support critical business initiatives. It is an open standard, comprising a number of frameworks, models, methods and processes, free for use by all, with no licensing required for end-user organizations who make use of the standard in developing and implementing architectures and solutions. (Source: W100 - SABSA® White Paper)
The Joint Working Group, between SABSA and the Open Group, was established around 2024, aims to following variable purpose:
develop a settled consensus of core security elements, relationships, and properties - referred to collectively as the "Security Overlay".
propose a reference of vocabulary, patterns, and conventions in this domain, to further enterprise security as a practice, and encourage the wider appreciation of security concepts in general and the SABSA approach in particular.
incentivize toolmakers to facilitate support for security within their products, no need to focus on how to model the security perspective.
The practice in this repository is to detail go through the guide, and using Archi (ArchiMate® modeling tool) to create the hands-on model step-by-step, so that it can be tailored by every architecture team to their own company's EA+Security meta-model creation.
This course goes through the reference guide, provide you the live demo and analysis on the alignment between ArchiMate and SABSA.
Through learning the Security Overlay modeling, you'll get chance to practice Archi, JSON, Protege, as well as FreePlane, enjoy!
Xiaoqi Zhao
Enterprise Architect from 2015, with global responsibility.
Start career from year 1997, first two years working as product marketing and mechanical material procurement, then moved to Information Technology field till now.
Starting from end user support, server and network adminitration, data center operation, to IT project management, then changed to pre-selling and solution architect as major focus.
First group of ITIL Manager certificate in China in 2002, as well as PMP in same year. Pursuit CISA and got certificate following.
Back to Tsinghua University to get MBA during 2005 to 2008.
Working in IT Company (HP), Consulting Firm (Accenture) and now Automotive Transportation Area (Volvo IT) from 2009 till 2014, moved to Volvo Financial Service as Enterprise Architect since 2015.
Keep learning...