Security Architecture

Developing consistent, reliable standards for secure architectures

There are two approaches to developing a secure architecture: the “build-it-in” and “bolt-it-on” approaches. Security professionals know that it is far more effective to build in security requirements and relevant security artifacts early in the development of a security architecture.

The Open Group’s market-leading TOGAF® [1] framework is continually enhanced and updated by members of The Open Group Architecture Forum [2]. The Open Group Security Forum [3] is responsible for developing standards and guidance on a wide range of information-security topics. In addition, The Open Group Jericho Forum® [4] has provided significant thought leadership on critical security issues including deperimeterization, Cloud security, and secure collaboration architectures. Between these three groups, The Open Group has a wealth of experience and offers access to experts through our Forums to help member companies efficiently develop effective security architectures.

As a hub where expertise in architecture development and security converge, The Open Group is uniquely qualified to lead the industry in establishing consistent, reliable standards for developing secure architectures.

Our publications on security architecture include:

• O-ESA standard [5]
• O-SCOA guide [6]
• TOGAF-SABSA white paper [7]
• Security Principles white paper [8]

Current security architecture projects include:

• integrating security architecture into TOGAF [9] - Next Generation TOGAF Security]
• security mobile architectures [10]

We invite you to contact us [11] to learn more about these projects and get involved.