Ron Thielen (University of Chicago) gave this presentation describing a proposed program to develop an Enterprise Security Architecture. He describes what Architecture is and what architectural processes might look like. Some of you might find some part of this interesting or useful.
http://home.uchicago.edu/~rthielen/IT-Architecture-June-04.pdf
This must have been a good presentation. I think Ron has an important point that there is not a difference between the enterprise architecture versus a specific security architecture. I hope that those of us in security do not come across stating that there is a difference. We do tend to have difficulties in identify were certain security controls should reside in the different parts of the architecture. Any thoughts? I like to think that security is what we do across the enterprise and is not its on block in a stack.
I also see that the security architecture diagram from the NAC ESA document was referenced. I am proud of that work but when I show that diagram to people, I receive a glazed over deer in the headlights response. Is there a way to simplify that digram for the higher education environment?