A set of physical and logical security-relevant representations (i.e., views) of system architecture that conveys information about how the system is partitioned into security domains and makes use of security-relevant elements to enforce security policies within and between security domains based on how data and information must be protected. Note: The security architecture reflects security domains, the placement of security-relevant elements within the security domains, the interconnections and trust relationships between the security-relevant elements, and the behavior and interaction between the security-relevant elements. The security architecture, similar to the system architecture, may be expressed at different levels of abstraction and with different scopes.
Sources:
NIST SP 800-37 Rev. 2
An embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise’s security processes, information security systems, personnel and organizational sub-units, showing their alignment with the enterprise’s mission and strategic plans. See information security architecture.
Sources:
NIST SP 800-37 Rev. 2
from
NIST SP 800-39
Fundamental concepts or properties related to a system in its environment embodied in its elements, relationships, and in the principles of its design and evolution.
Sources:
NIST SP 800-160v1r1
under architecture
A set of physical and logical security-relevant representations (i.e., views) of system architecture that conveys information about how the system is partitioned into security domains and makes use of security-relevant elements to enforce security policies within and between security domains based on how data and information must be protected.
Sources:
NIST SP 800-160v1r1