ArchiMate_SABSA
06 Modeling the Contextual Security Architecture
The SABSA Matrix illustration:
Sourse: https://www.slideshare.net/MVeeraragaloo/sabsa-implementationpart-viver10
another Matrix view with Lifecycle context:
Source: https://www.alctraining.com.sg/course/sabsa-foundation/
6.1 Business Assets
6.1.1 Capability and Value Stream
Value Streamis a behavioral element within ArchiMate’s Strategy Layer- A key principle of a
Value Streamis that its value is always defined from the perspective of the Stakeholder, the consumer of the product, service, or deliverable, and not on its intrinsic value; i.e., the cost of production - The value of
Value Streamcan be modeled in the ArchiMate language using theValueelement.
6.1.2 Business Object
Business Objectrepresent Information Assets.
6.1.3 Business Service, Interface, and Service Level Agreements
- Business Layer services need a distinct property set when they are offered through human interfaces.
- SLA is using
Contractelement, a bespokeRequirement/Constraintmay also be used where a simple property is insufficient. Business Services may be offered via multiple interfaces (Business Interface)
6.2 Business Risk
- Risk, threats, vulnerabilities, and opportunities can be modeled at the Business and Strategy level using the orthodox ArchiMate approach discussed in Section 4.3
- The Security Overlay adds stereotyps(«») of motivational layer elements for this purpose, introduced in Section 5.5
6.3 Business Process/Function/Interaction
6.4 Business Roles and Actors
6.5 Business Geography
6.6 Business Time Dependencies
Any comments, feel free to post to the Discussion Board.