Project Architecture Review Board Response · Web view2017-11-30 · Office of the Chief...

Detailed Architecture Design (DAD)<<Project Number – Project Name >>

Office of the Chief Information Officer (OCIO)Government of Newfoundland & Labrador

This document contains highly sensitive, confidential information that may reveal the security and/or technology posture of the Government of Newfoundland and Labrador's Information Technology environment. Distribution of this document is limited to Authorized Individuals only.

As information within this document will be used to protect Government's technology assets and information, it is essential that its contents remain accurate and up to date. For more information, please contact [email protected].

mailto:[email protected]

Government of Newfoundland and LabradorOffice of the Chief Information Officer

Corporate Services & Projects: Enterprise Architecture

Detailed Architecture Design (DAD)

Note – The contents of this document are subject to review and revision upgrades. This template is owned and maintained by the Enterprise Architecture (EA) Division within the Corporate Services & Projects Branch of the Office of the Chief Information Officer (OCIO). Direct your questions about this template to [email protected].

Document HistoryVersion Date Summary Responsible

YYYY-MM-DD

Purpose and Responsibilities

Purpose

Evaluates proposed system architectures (e.g. DAD) to:Ensure adherence to the OCIO’s technical standards;Evaluate the fitness of the proposed design for stability, availability, security, and supportability; andProvide feedback to project teams on areas of architectural design fitness or deficiency, and recommendations for improvement.

Responsibilities

PARBProvide clear instructions on required updates;Provide pertinent information, if applicable; andStreamline the approval process as much as possible.

Project TeamTake advantage of the resources provided, i.e. sample DAD, Guidelines and Best Practices, EA Prime, etc.Make updates in a timely manner.

Important Information for Completing this Document

The purpose of the DAD document is to determine the technical suitability of a project’s architectural design. The proposed solution will be reviewed for adherence to OCIO technical standards as well as stability, availability and security.

A review of the DAD is meant to provide feedback to project managers on areas of architectural design fitness or deficiency, and recommendations for improvement.

The DAD is NOT meant to determine support requirements or the need to assign OCIO resources to the project (although it may be used as supporting documentation in those decision making processes).

Detailed Architecture Design (DAD) of 23Template Version 7.0, 2015-03-31

mailto:[email protected]



Detailed Architecture Design (DAD)

This document may contain inline guidance to assist you with the completion of various sections. The inline guidance is contained within a table layout. The information and the table must be deleted prior to submitting the document to SDEA for review.

The document also contains a table of contents, a table of figures and a table of tables. If you do not use tables or images within this document those headings must be deleted prior to submitting the document to SDEA for review.

If you encounter any difficulty or are unsure about anything within this document, please contact your assigned EA Prime.

Completed in Full

Each section of the DAD must be completed in full. If a particular section is not applicable to this project, then you must write Not Applicable and provide a reason. No sections are to be deleted from this document.

Guidance

Text contained within << >> provides information on how to complete that section and should be deleted once the section has been completed. When appropriate, individual sections of this document reference the Guidelines and Best Practices for Government Technology Solutions document.

TRIM

Insert the TRIM document number in the footer. Project teams can obtain a document number from the Information Services Centre (ISC) by emailing [email protected].

Document Embedding

To insert a document (BRD, PPIA, PIA, etc.) into this document, perform the following steps:

From the Insert Menu, click Object;Click the Create from File Tab;Find the document via the Browse button;Check the Display as icon checkbox;Click OK; andAdd the TRIM number.




TABLE OF CONTENTS

1. Project Information...............................................................................61.1 SUMMARY DETAILS................................................................................................................................... 61.2 KEY PROJECT CONTACTS......................................................................................................................... 61.3 KEY DATES.............................................................................................................................................. 6

2. Project Information Assessments...........................................................72.1 INFORMATION........................................................................................................................................... 7

2.1.1 Public Facing...................................................................................................................................... 72.1.2 Corporate Services & Projects...........................................................................................................7

2.2 INFORMATION SECURITY CLASSIFICATION..................................................................................................72.2.1 Availability.......................................................................................................................................... 72.2.2 Solution Location................................................................................................................................ 8

2.3 RESULTS................................................................................................................................................. 82.3.1 Pre-Threat Risk Assessment..............................................................................................................8

3. Design and Technology Details..............................................................93.1 SYSTEM PROFILE..................................................................................................................................... 9

3.1.1 Solution Type..................................................................................................................................... 93.1.2 Project Type....................................................................................................................................... 9

3.2 SOLUTION DETAILS................................................................................................................................... 93.2.1 COTS Customization (NOT Configurations).......................................................................................9

3.3 VIRTUALIZATION....................................................................................................................................... 93.4 GUIDELINES AND BEST PRACTICES...........................................................................................................9

3.4.1 Deviations........................................................................................................................................ 103.4.2 Reason for Deviation(s)....................................................................................................................103.4.3 Deviation Approval........................................................................................................................... 10

4. User Community..................................................................................114.1 USER COMMUNITY PROFILE.................................................................................................................... 11

5. Application Architecture......................................................................125.1 APPLICATION ARCHITECTURE DIAGRAM...................................................................................................125.2 DESCRIPTION......................................................................................................................................... 13

6. Network Architecture..........................................................................136.1 NETWORK ARCHITECTURE AND DESIGN DESCRIPTION..............................................................................13

6.1.1 Network / Technical Architecture Diagram.......................................................................................136.1.2 Network Enhancements / Changes..................................................................................................15

6.2 COMMUNICATIONS AND PERFORMANCE...................................................................................................156.2.1 Data Flows and Network Protocols..................................................................................................156.2.2 Network Traffic................................................................................................................................. 16

7. Database Architecture.........................................................................187.1 INITIAL SIZE OF DATABASE...................................................................................................................... 187.2 ANTICIPATED ANNUAL GROWTH..............................................................................................................187.3 DATABASE FEATURES............................................................................................................................. 18

7.3.1 Database Environment..................................................................................................................... 187.3.2 Database Connection Account Type................................................................................................18

7.4 STORED PROCEDURES........................................................................................................................... 187.5 CLUSTERING.......................................................................................................................................... 197.6 DATABASE NORMALIZATION....................................................................................................................19




8. Security Architecture...........................................................................198.1 THREAT MITIGATION PLAN...................................................................................................................... 198.2 APPLICATION SECURITY..........................................................................................................................19

8.2.1 Roles................................................................................................................................................ 198.2.2 Authentication Authorization and Access Control.............................................................................208.2.3 Account and Password Management...............................................................................................208.2.4 Session Management....................................................................................................................... 208.2.5 Cached Data / Temporary Files........................................................................................................218.2.6 Application Logging..........................................................................................................................21

8.3 INFRASTRUCTURE AND NETWORK SECURITY............................................................................................218.3.1 Separation of Administrative and User Traffic..................................................................................218.3.2 Operating System Accounts and Privileges.....................................................................................228.3.3 Server Hardening............................................................................................................................. 22

8.4 DATABASE SECURITY............................................................................................................................. 228.4.1 Description....................................................................................................................................... 228.4.2 Local User Management.................................................................................................................. 228.4.3 Database Logging............................................................................................................................ 238.4.4 Database Link Privileges..................................................................................................................23

8.5 CRYPTOGRAPHY AND KEY MANAGEMENT................................................................................................238.5.1 Appropriate Use of Encryption..........................................................................................................238.5.2 Digital Certificate Management........................................................................................................24

9. Enterprise Backup and Recovery..........................................................249.1 BACKUPS............................................................................................................................................... 24

TABLE OF TABLESTable 1 - Project Summary.................................................................................................................................... 6Table 2 - Key Project Contacts.............................................................................................................................. 6Table 3 - Key Dates............................................................................................................................................... 6Table 4 - Information Security Classification..........................................................................................................7Table 5 - Deviation Approval Contact Information..................................................................................................9Table 6 - User Community Profile........................................................................................................................ 10Table 8 - Data Flow Inbound and Outbound, Network Protocols.........................................................................14Table 9 - User Locations...................................................................................................................................... 15Table 10 - Sample Data Object List..................................................................................................................... 15Table 11 - Data Object List.................................................................................................................................. 15

TABLE OF FIGURESFigure 1 - Application Architecture Diagram.........................................................................................................11Figure 2 – Network / Technical Architecture Diagram Template..........................................................................13




1. Project Information

1.1 Summary Details

Name Description

Project Number <<Please provide the project DTC.>>

Project Name <<Please provide the name of the project.>>

Project Description <<Provide a short description of the project, including any planned phases.>>

Table 1 - Project Summary

1.2 Key Project Contacts

Role Name Email Phone

Project Manager

Delivery Manager

Enterprise Architecture (EA) Prime

Manager of Operations & Security – Server / Storage

Manager of Operations & Security – Network / Security

Manager of Operations & Security – Service Delivery

Manager of Application & Information Management Services

Table 2 - Key Project Contacts

1.3 Key Dates

Event Date (YYYY-MM-DD)

Estimated Date for Beginning of Execute Phase

Anticipated Implementation DateTable 3 - Key Dates




2. Project Information Assessments

2.1 Information

2.1.1 Public Facing

a. Will any component of this system be Public Facing? Yes No

b. Has the Project Team held a consultation with the Web Development Team to ensure compliance with the Web Development Standards? Yes No

2.1.2 Corporate Services & Projects

Will any component of this system be delivered via the Internet as part of its solution delivery (not applicable to remote access for technical support only purposes)? Yes No

Please refer to the following section(s) in the Guidelines and Best Practices document for specific guidance:

Section 3.5: Architectural PatternsSection 4.4.4: Web SecuritySection 6.2: Architecture Components

2.2 Information Security Classification

High Medium Low Unclassified

ConfidentialityIntegrityAvailability

Table 4 - Information Security Classification (Provided by Information Management & Protection)


Section 6.1: Information Security ClassificationSection 6.2: Security Functional ControlsSection 6.3: Security Physical ArchitectureSection 6.4: Use Of Cryptography

2.2.1 Availability

<< Explain how your solution is architected to meet availability requirements.>>




2.2.2 Solution Location

Based on IM classification, can the proposed solution reside with other applications of same classification? Yes No

2.3 Results

2.3.1 Pre-Threat Risk Assessment

Insert the results of the Pre-TRA performed on this solution.

Note: To insert the Pre-TRA, follow the instructions found in the “Important Notes for Completing this Document” section at the beginning of the template.




3. Design and Technology Details

3.1 System Profile

3.1.1 Solution Type

Select one: Commercial off The Shelf (COTS) Custom Developed Software


Section 2.1: Principle of Solution Acquisition

3.1.2 Project Type

Select one: Primarily an Infrastructure Project Primarily an Application Project

3.2 Solution Details

3.2.1 COTS Customization (NOT Configurations)

<<Identify level of customization within COTS solution, if applicable.>>


Section 2.7.3: Vendors Supported

3.3 Virtualization

Does this system support virtualization? Yes No

<<If no, please explain.>>


Section 2.6: Principle of VirtualizationSection 3.3: Virtualization of Information Systems

3.4 Guidelines and Best Practices

Note - All projects are expected to follow the Guidelines and Best Practices for Government Technology Solutions document and the Enterprise Architecture (EA) Web Development Standards document. (http://www.ocio.gov.nl.ca/ocio/itresources/index.html)


http://www.ocio.gov.nl.ca/ocio/itresources/index.html




Section 4.4.3: Web Standards

3.4.1 Deviations

Are there any deviations from Guidelines and Best Practices for Government Technology Solutions? Yes No

<<If yes, identify all deviations.>>

3.4.2 Reason for Deviation(s)

<<Identify the reason(s) for the deviations.>>

3.4.3 Deviation Approval

All deviations must be approved by the EA Division. Embed the email approval for the deviation into this document.

Note: To embed the email, follow the instructions found in the “Important Notes for Completing this Document” section at the beginning of the template.

Deviation Approval ContactName Email Phone

Table 5 - Deviation Approval Contact Information




4. User Community

4.1 User Community Profile

User Number of Users Who Distinct User Groups

Connection

Internal <<Identify estimated number of internal users.>>

<<Identify who the users are.>>

<<Identify estimated number of departments.>>

<<How do they connect (e.g. VPN, Intranet, etc.).>>

External <<Identify estimated number of external users.>>


<<Identify estimated number of distinct external organizations.>>


Extranet Partners <<Identify estimated number of users from extranet partners.>>


<<Identify estimated number of distinct extranet partners.>>


Remote Access <<Identify estimated number of Remote Access users.>>


<<Identify estimated number of distinct Remote Access groups.>>


Table 6 - User Community Profile




5. Application Architecture


Section 4: Application Architecture

5.1 Application Architecture Diagram

<<Insert an application architecture diagram for this section. The following template is included as a guide.>>

Figure 1 - Application Architecture Diagram

Note: Ensure the diagram is labeled appropriately, including all application components, and integration of internal and external components / applications.Detailed Architecture Design (DAD) of 23Template Version 7.0, 2015-03-31



5.2 Description

<<For Custom Applications: Describe the solution’s application architecture in terms of technologies used, logical layers and where they reside within the physical architecture, and the method of inter-layer/inter-tier communication.>>

6. Network Architecture


Section 6.1: Network Best PracticesSection 6.2: Architecture ComponentsSection 6.3: Network Topologies

6.1 Network Architecture and Design Description

<<Provide a detailed description of the network architecture, including:

An overview of how the proposed solution aligns with the Networking Section of the Guidelines and Best Practices for Government Technology Solutions;A description of the potential impacts on the following areas:

Enterprise-Wide network infrastructure and architecture; andOperational management.

An outline of how the solution is expected to interface with the government network infrastructure and/or systems, including:

System tier segmentation/separation across perimeter and production firewalls; andLegacy systems, servers, firewalls, security zones, ports, protocols, and traffic management devices (e.g. load balancers).>>

6.1.1 Network / Technical Architecture Diagram

<<Provide a network / technical architecture diagram of the production environment proposed for this solution. The following template is provided for your reference. To edit the Technical Architecture Design Template within Microsoft Visio, right click the image below and select Visio Object Open.




Figure 2 – Network / Technical Architecture Diagram Template

Note: The following conventions should be used when submitting diagrams:

All physical and logical components of the system (servers, firewalls, zones, etc.) and how they are interconnected must be represented in a network/technical architecture diagram for solution’s production environment proposal;

Where complexity of the solution or system requires multiple instances of environments or structures, additional diagrams may be included when they provide details about interfaces with other systems;

Diagrams must include the components required for the production application and data environments;

Components of the diagram(s) must be organized by the tiers of the n-tier architecture; and

Details of the n-tier architecture must include hardware and software that comprises the detailed architecture design proposed.

Communication between components must be indicated, including ports and/or protocols, as well as directionality of communication




Indicate which of the following environments are being deployed to the OCIO infrastructure: Production Staging Test Development

6.1.2 Network Enhancements / Changes

Are network enhancements / changes required? Yes No

<<These changes could include but are not limited to any of the following:Implementing Quality of Service on WAN links that are at capacity; andNew networking devices such as routers, switches, firewalls, or load balancers that are required for the new solution.

If yes, outline and describe any network enhancements or changes required.>>

6.2 Communications and Performance

6.2.1 Data Flows and Network Protocols

<<Outline the required communication requirements for the intended solution including the expected security rules that will be configured in the table below. Refer to the Sample DAD for assistance.>>

Source Destination Port(s) / Protocols

Encrypted or Not Encrypted

DescriptionEstimated Number of Connections

Between Untrusted Zone (Internet) and Public Access Zone (DMZ)

Within Public Access Zone (DMZ)

Between Public Access Zone (DMZ) and Production Zone (Restricted)

Within Production Zone (Restricted)

Between VPN and Production Zone (Restricted) [1][1]

Table 7 - Data Flow Inbound and Outbound, Network Protocols

6.2.2 Network Traffic

[1][1] This access is controlled by Government SSL VPN RSA functionality based on the user’s login ID and not directly through firewall rules.Detailed Architecture Design (DAD) of 23Template Version 7.0, 2015-03-31



Identify the location of the users of the application the network access required.

Site Number of Usersat Location

Local AreaNetwork

Wide AreaNetwork

Internet

Table 8 - User Locations

Identify the types of data objects that will be passed between the user and the application, and the anticipated size.

The table below offers a sample list of data objects. For more information, consult the EA Prime assigned to your project.

Type of Object Size in KbytesTerminal Screen 4

E-Mail Message 10

Web Page 50

Spreadsheet 100

Word Document 200

Graphical Terminal 500

Presentation Document 2000

High-Resolution Image 50,000

Multimedia Object 100,000Table 9 - Sample Data Object List

Type of Object Size in Kbytes

Table 10 - Data Object List

7. Database Architecture





Section 5.3: Database Security

Note: For Database Security considerations refer to the Security Model section of this document.

7.1 Initial Size of Database

<<Identify the estimated size of the database in gigabytes.>> ____ GB

7.2 Anticipated Annual Growth

<<Identify the anticipated annual growth in gigabytes.>> ____ GB

7.3 Database Features

Select all that apply:

Primary Keys (all tables) Triggers Indices (including foreign keys) Views Foreign Key Constraints Private Database Links Stored Procedures Public Database Links Transactions Global Database Links

7.3.1 Database Environment

Must the database server run in a physical environment? Yes No

<<If yes, please explain.>>

7.3.2 Database Connection Account Type

Individual user accounts Shared user accounts


Section 3.5: Architecture Patterns for Information SystemsSection 7.5: Application Level Security Requirements

7.4 Stored Procedures

Are stored procedures used? Yes No

<<If yes, please explain.>>





Section 3.5: Architecture Patterns for Information Systems

7.5 Clustering

Is database clustering being used? Yes No

7.6 Database Normalization

Does the database conform to third normal form or above? Yes No

<<For custom application: If no, please explain. >> 8. Security Architecture

8.1 Threat Mitigation Plan

<<Describe any controls in the application that would address vulnerabilities such as those identified in the “Open Web Application Security Project (OWASP) Top Ten Vulnerabilities”, and the following:

Input validation: Describe the level of validation used when implementing precautions against malicious input at each tier;Security of interfaces to the Internet and/or other systems: Describe the security methodologies used to interface with the Internet and/or other systems (e.g. ePayment System);Use of Mobile Code: Describe the use of secure mobile coding practices (e.g. ActiveX, Javascript, etc.); andException handling: Indicate security strategy for handling application errors in order to prevent Denial of Service attacks and information disclosure to unauthorized users such as displaying stack trace to users, etc.>>


Section 3.5: Architecture Patterns for Information SystemsSection 5.3: Database SecuritySection 6.5: Application Level Security RequirementsSection 4.5.4: Web Security

8.2 Application Security

8.2.1 Roles

<<List roles with elevated privileges such as:Administrative privileges to system objects such as user account create, modify, and delete of user;




System privileges such as starting or stopping services or view/modify rights to audit and logging files; andRoles should support the principle of least privilege and segregation of duties.>>


Section 5.3.1 Roles

8.2.2 Authentication Authorization and Access Control

<<Identify how the application authenticates and stores user credentials and implements authorization and access control (e.g. passwords are hashed in the database, authorization is carried out by the application checking for a specific group membership, and access controls are in place to enforce authorization such as file permissions, IP restrictions, or time of day restrictions).>>


Section 5.3.1 RolesSection 6.2: Security Functional ControlsSection 6.3: Security Physical Architecture

8.2.3 Account and Password Management

Are OCIO “Password Management” and “Application Account Management” standards being followed?

Yes No

<<If no, explain why.>>


Section 6.3: Security Physical Architecture

8.2.4 Session Management

<<Describe how user sessions are managed, including:

How the user session object is stored and linked to user session ID;How the user session ID is generated randomly to prevent session hijacking;Whether session timeout can be set; and the duration; and Whether multiple user sessions are limited.>>






Section 6.3: Security Physical ArchitectureSection 6.5: Application Level Security Requirements

8.2.5 Cached Data / Temporary Files

<<Describe any cached data and/or temporary files either within the system or at the endpoint, and describe the lifetime of this data and how it is secured.>>


Section 6.3: Security Physical Architecture

8.2.6 Application Logging

<<Identify application / product log files generated, their location(s) and which role(s) have access to them. Events to log may include, but not limited to:

Start-up and shutdown;Successful / failed login;Use of privileges;Change of rights / privileges;Addition / removal of user accounts;Access (read and write) to ‘sensitive’ information (e.g. configuration information, registry keys, ‘classified’ information, etc.);Administrative activity;Backup and restore;Data imports and exports;Password changes; andExceptions.>>

Note: All logged events must be accompanied by event ID, user ID, timestamp, application generating event and resource reference at a minimum.


Section 5.3.1.3: Logging and AuditingSection 6.2: Security Functional Controls

8.3 Infrastructure and Network Security

8.3.1 Separation of Administrative and User Traffic

<<Describe how administrative and user traffic are separated (e.g., the application user and administrative modules are deployed on separate hosts).>>






8.3.2 Operating System Accounts and Privileges

<<Identify the operating system service accounts used to manage the infrastructure and the associated privileges of those accounts. For sensitivity reasons, do not include actual system usernames and passwords.>>


Section 6.2: Security Functional ControlsSection 6.3: Security Physical Architecture

8.3.3 Server Hardening

Will the servers be built and hardened by Corporate Services & Project’s Project Support Team?

Yes No

<<If not, identify how server hardening was applied throughout the n-tier architecture and what hardening standards were applied.>>


Section 6.3: Security Physical ArchitectureTable 6 - Minimal Security Physical Control Requirements for the OCIO

8.4 Database Security

8.4.1 Description

<<Describe the type of database security implemented (e.g. role based security).>>


Section 5.3.1: Roles

8.4.2 Local User Management

<<Describe how user credentials that are stored locally in the database are protected.>>


Section 5.3.2: Logins




8.4.3 Database Logging

<<Identify database log files generated, their location(s) and which role(s) have access to them. Events to log may include, but not limited to:

Access to specific tables;Creation of data files external to the database;Execution of DDL statements that affect objects;Create, Drop or Alter statements for the following:

Tables;Database links;Directories;Indexes;Stored procedures;Profiles;Roles;Tablespace;Triggers;Users; andViews.

Note: All logged events must be accompanied by event id, user id, timestamp, application generating event and resource reference at a minimum.>>


Section 5.3.1.3: Logging and Auditing

8.4.4 Database Link Privileges

<<Describe the privileges associated with any database links. For example, can the database link be used to update, insert, or delete data into the target database?>>

8.5 Cryptography and Key Management

8.5.1 Appropriate Use of Encryption

Is encryption used within application? Yes No

<<If yes, describe the encryption.>>

Is database encryption used? Yes No





Is network encryption used? Yes No

<<If yes, describe the encryption (e.g., SSL, IPSec, SSH, SFTP/FTPS, etc.>>

Is data-at-rest encryption used? Yes No

<<If yes, describe the encryption (e.g., file/folder/disk/USB drive encryption etc.>>

Is backup encryption used? Yes No



Section 6.4: Use of Cryptography

8.5.2 Digital Certificate Management

Are X.509 certificates being used?

Internal External

<<If external, explain the requirement.>>

9. Enterprise Backup and Recovery

9.1 Backups

Does the backup strategy adhere to the processes defined in the Guidelines and Best Practices for Government Technology Solutions? Yes No

<<If no, describe and justify the variations in the backup strategy.>>


Appendix B: Backup and Recovery


Project Architecture Review Board Response · Web view2017-11-30 · Office of the Chief...

Documents

Transcript of Project Architecture Review Board Response · Web view2017-11-30 · Office of the Chief...