Technology Type: Security

Home > Architecture Library > Review by Architecture Type > Technology Architecture > Security

Confidentiality, integrity, and availability of NIH information and information systems such that the level of protection is commensurate with risk.

Technology Architecture: Brick:(12) Pattern:(13) Principles:(1) Regulatory and Policy Drivers:(1)

Technology Architecture

Security:27 related definitions

Brick

Identification and Authentication Brick:: This standard establishes NIH Login as the required method of implementing authentication in web-based applications at the NIH. Authenticated....
Intrusion Detection Brick:: Vulnerability Analysis. Internet-based attack tools are becoming increasingly sophisticated and increasingly easy to use. NIH's network could contain....
Network Access Control Brick:: Network Access Control will be used to enforce authentication, compliance, and remediation policy for every device that connects to the NIH....
NIH Federated Identity - Authentication / Authorization Brick:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to....
NIH Federated Identity - Identity Provider Brick:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to....
NIH Federated Identity - Protocols Brick:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to....
RETIRED - Access Control Brick:: This topic has been determined as too broad for one document or standard to properly address and reconcile. As such, we feel we can archive this....
RETIRED - Confidentiality Brick:: This topic has been determined as too broad for one document or standard to properly address and reconcile. As such, we feel we can archive this....
RETIRED - Event Monitoring and Analysis Brick:: This topic has been determined as too broad for one document or standard to properly address and reconcile. As such, we feel we can archive this....
RETIRED - Integrity Brick:: This topic has been determined as too broad for one document or standard to properly address and reconcile. As such, we feel we can archive this....
Secure Email Brick:: Secure email is a method of establishing trust and securing email communications and attachments exchanged between NIH and external users. The....
Vulnerability Tools Brick:: Vulnerability Analysis. Internet-based attack tools are becoming increasingly sophisticated and increasingly easy to use. NIH's network could contain....

Pattern

Business Partner Boundary Services Pattern:: This boundary is between NIHnet and a business partner. The business partner domain is assumed to be untrusted primarily because it is not under....
Federation Pattern:: The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to....
High-Level Security Pattern:: The following diagram presents the security architecture patterns in an overall context. Each pattern is a definition of the security services and....
Internet Boundary Services Pattern:: This pattern defines the boundary architecture between NIHnet and the public Internet. This boundary is where the majority of external access to....
Level 1 System Boundary Services Pattern:: This boundary applies to Level 1 servers. These servers are generally used to provide information to external organizations and to the general....
Level 2 System Boundary Services Pattern:: This boundary addresses Level 2 systems. These systems are generally available to NIH employees and business partners who are involved in day to day....
Level 3 System Boundary Services Pattern:: This pattern addresses the requirements of the most sensitive systems within NIH. These systems contain information that is subject to HIPAA and....
Network Access Control Pattern:: NIH and its Institutes and Centers (ICs) are continually under computer attack from individuals and organizations, requiring NIH to take a defensive....
NIHnet/ICnet Boundary Services Pattern:: NIHnet/ICnet Boundary Services Pattern Printer-Friendly Version Description This boundary is between the NIHnet backbone and any IC sub network....
Remote Access/Wireless Boundary Services Pattern:: The remote access boundary applies to all forms of remote access including Internet or business partner VPN, dial in remote access, and wireless. By....
Secure Email Middleman Pattern:: This pattern depicts an alternative method for NIH and external users to exchange secure emails that are received and read by external users when....
Service-Oriented Architecture (SOA) Security Pattern:: The SOA Security Pattern addresses security along four dimensions: Authentication – It must be possible for the service provider to ascertain the....
Trusted User Boundary Services Pattern:: This boundary pattern addresses the controls required for a trusted client to locally (that is, physical connection to an NIH managed network within....

Principles

Security Principles:: High level statements of NIH's fundamental values that guide decision-making for IT security.

Regulatory and Policy Drivers

Security Policies:: Links to Federal websites that describe laws, regulations, and policies that impact information system security at NIH.

Go to top

Home | Contact Us | Privacy Statement | Accessibility | FOIA

About | Your Part | Architecture Library | Tools & Resources

National Institutes of Health The US Government's Official Portal US Department of Health and Human Services