Technology Type: Security

Home > Architecture Library > Review by Technology Type > Security

Confidentiality, integrity, and availability of NIH information and information systems such that the level of protection is commensurate with risk.

Technology Architecture: Brick (11) Pattern (12) Principles (1) Regulatory and Policy Drivers (1)

Technology Architecture

Security: 25 related definitions

Access Control Brick:: Logical access control within NIH is provided at the network, operating system, and application level. Network Access Control. Network access controls...
Confidentiality Brick:: The primary method of protecting confidentiality of information is via encryption. In addition to sensitive business data, there is also data about the...
Event Monitoring and Analysis Brick:: Vulnerability Analysis. Internet-based attack tools are becoming increasingly sophisticated and increasingly easy to use. NIH's network could contain vulnerabilities...
Identification and Authentication Brick:: This standard establishes NIH Login as the required method of implementing authentication in web-based applications at the NIH. Authenticated identities...
Integrity Brick:: Anti-Virus. An effective anti-virus architecture uses a multi-tier (that is, desktop, server, and gateway) approach and is not necessarily reliant on a...
Intrusion Detection Brick:: Vulnerability Analysis. Internet-based attack tools are becoming increasingly sophisticated and increasingly easy to use. NIH's network could contain vulnerabilities...
NIH Federated Identity - Authentication / Authorization Brick:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to access...
NIH Federated Identity - Identity Provider Brick:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to access...
NIH Federated Identity - Protocols Brick:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to access...
Secure Email Brick:: Secure email is a method of establishing trust and securing email communications and attachments exchanged between NIH and external users. The technology...
Vulnerability Tools Brick:: Vulnerability Analysis. Internet-based attack tools are becoming increasingly sophisticated and increasingly easy to use. NIH's network could contain vulnerabilities...

Business Partner Boundary Services Pattern:: This boundary is between NIHnet and a business partner. The business partner domain is assumed to be untrusted primarily because it is not under direct...
Federation Pattern:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to access...
High-Level Security Pattern:: The following diagram presents the security architecture patterns in an overall context. Each pattern is a definition of the security services and mechanisms...
Internet Boundary Services Pattern:: This pattern defines the boundary architecture between NIHnet and the public Internet. This boundary is where the majority of external access to internal...
Level 1 System Boundary Services Pattern:: This boundary applies to Level 1 servers. These servers are generally used to provide information to external organizations and to the general public....
Level 2 System Boundary Services Pattern:: This boundary addresses Level 2 systems. These systems are generally available to NIH employees and business partners who are involved in day to day NIH...
Level 3 System Boundary Services Pattern:: This pattern addresses the requirements of the most sensitive systems within NIH. These systems contain information that is subject to HIPAA and privacy...
NIHnet/ICnet Boundary Services Pattern:: NIHnet/ICnet Boundary Services Pattern Printer-Friendly Version Description This boundary is between the NIHnet backbone and any IC sub network (ICnet)....
Remote Access/Wireless Boundary Services Pattern:: The remote access boundary applies to all forms of remote access including Internet or business partner VPN, dial in remote access, and wireless. By definition,...
Secure Email Middleman Pattern:: This pattern depicts an alternative method for NIH and external users to exchange secure emails that are received and read by external users when PKI-based...
Service-Oriented Architecture (SOA) Security Pattern:: The SOA Security Pattern addresses security along four dimensions: Authentication – It must be possible for the service provider to ascertain the identity...
Trusted User Boundary Services Pattern:: This boundary pattern addresses the controls required for a trusted client to locally (that is, physical connection to an NIH managed network within NIH...

Security Principles:: High level statements of NIH's fundamental values that guide decision-making for IT security.

Security Policies:: Links to Federal websites that describe laws, regulations, and policies that impact information system security at NIH.

Go to top

Home | Contact Us | Privacy Statement | Accessibility

About | Your Part | Architecture Library | Tools & Resources