Secure System Modeling

We discuss secure system models and modeling activities here.

Table of Contents

Secure System Modeling

Modeling is an integral part of problem-solving activities. Models are created to document, understand, evaluate, and improve Work Systems. System modeling is the activity of building conceptual models of a real or abstract entity as a system, with each model representing a different purpose and viewpoint.

A secure system modeling considers explicitly the additional functions and data required to make a system secure. These additional secure functions and data must be an integral part of a system.

A model is a representation of a system under consideration. Modeling is an integral part of any kind of systems development activity. We model systems to describe them more accurately. It helps us understand and evaluate the system. A system has different aspects to it—data, function, and behavior, etc. We create different models to capture and represent these different aspects. For example, a data model is created to represent the static, structural, and information aspects of a system. A function model is created to represent the “activity” aspects of a system. A dynamic model is developed to represent the temporal, behavioral aspects of a system. All these models are related even though they are created as separate models. These models can be used to describe the enterprise architecture of a system. Figure 1 below shows the relationship between architecture and models.

Please click on the picture to see a better quality image.

Figure 1. A diagram showing the relationship between architecture and model.

The architecture of a system shows the overall structure of the system. The architecture of a system defines that system in terms of its components and interactions among those components. A component can be a function, a module, an object, etc. Architecture can be represented as a blueprint, drawings, or models. Information architecture shows the information aspect of a system. Information architecture is part of enterprise architecture. Enterprise architecture defines and describes the data, process, and technology, etc. needed to support the business of the enterprise. An enterprise architecture consists of several major architectures—information architecture, process architecture, network architecture, and technology architecture. As mentioned earlier, information architecture is generally represented as an information model. A more popular term for an information model is the data model.

Modeling Activities

A modeling activity typically produces a model of an object system for a given viewpoint and purpose. It follows a method/technique to create a model. Modeling activities use various techniques to represent a system model in various forms using well defined notations. For example, use case modeling and class diagramming techniques use Unified Modeling Language (UML) notations to model the functional and the data aspects of a system.

Secure System Model

A secure system model is a model that has security mechanisms built into it.  Secure function model and secure data model are the two important parts of a secure system model. We discuss these two models in subsequent articles.

Leave a Reply

Your email address will not be published. Required fields are marked *