-
Notifications
You must be signed in to change notification settings - Fork 70
Framework structure
Alexander Filipin edited this page Mar 4, 2021
·
16 revisions
Highly overview of personas, context and security controls.
We need to determine which security controls are required, the combination of persona and context will determine it. Below is a overview of the elements used in different frameworks.
- Internals (Employees)
- Externals (with Corp identity)
- Guests (B2B External User)
- Admins
- External Admins (with Corp identity)
- Guest Admins
- Service Accounts
- Service Principals
- General/catch the rest
SPA view
- Standard user
- High impact user / developer
- IT Operations
Cloud Adoption Framework enterprise-scale view
- Platform owner
- NetOps
- SecOps
- AppOps/DevOps
- Subscription / landing zone owner
- Enterprise
- Specialized
- Privileged
- Level 1
- Level 2
- Level 3
- Level 4
- Control
- Management
- Data/Workload
- Baseline
- Sensitive
- Highly regulated
- Personal
- Public
- General
- Confidential
- Highly Confidential
- Platform (Identity, Management, Connectivity)
- Landing zones
- Conditions (Apps, Authentication context, ...)