1

Architecture: DTAP - Generic Pattern

Applications

Infrastructure: SAS / DBMS / file transfer – Middleware

D T A P

D T A P

Infrastructure: OS / Network / Security - Base level

D T A P

D T A P

Every artifact has is own Life-cycle

So still not all, we end up with a very lot of D,T,AP’s

Segregation Application:Consequence of Security

• Business Logic • Business Data

ApplicationsMirrors

D T

D T A P

Segregation Infrastructure:• Middleware • Base LevelConsequence of Behavior

Time Lifecycle

IT DT AC PB

PF

IT

Configuration: DTAP Bu’s appl

Configuration: DTAP Infra Base

Logical Machines

Configuration

-

Business / IT Infrastructure

Configuration

Appv1n6

B

Infrastructure

SAS / DBMS / file transfer – Middleware

2

Appv1n6

MF

B

Infrastructure

OS / Network / Security - Base level

I1

S

Architecture: SAAS - Generic Pattern not just SAS

PBPF

Configuration: Vertical3

Configuration: Infra Base

Business / IT Infrastructure

Configuration

SAS & SAAS

-

Appv3n5

B

S

Appv3n4

B

S

Appv1n3

B

S

Appv1n2

B

S

Appv1n1

B

S S

Appv1n5

B

S

Appv1n4

B

S

Appv2n3

B

S

Appv2n2

B

S

Appv2n1

B

S

Appv2n6

B

S

Appv2n5

B

S

Appv2n4

B

S

Appv3n3

B

S

Appv3n2

B

S

Appv3n1

B

S

I2 I3 I4

Configuration: Vertical2Configuration: Vertical1

Logical Machines

Configuration

MD MSMJ MW

Middleware Base Level]

Supporting multiple verticals multiple business-clients

3

BU application DTAP policy

Business-logic ….So you have build a nice design

What will happen if the production versions has to be changed afterwards.

Beware the dependencies D depend to T

T depend to A

A depend to P

The setup of maintenance DTAP has to rebuild

Business-data ….DTAP environments are not strictly related

Just in case of automated processing you have to take

Applications

D T A P

D T A P

-

D

T

A

P

D

T

A

P

D

T

A

P

D

T

A

P

D T A P

D T A P

RW-(*)

R - -RW-

R - -RW-

R - -RW-

RWX(*)R-X

R-X

R-X

R-X

R-X

R-X

R-X

R-X R-X

4

BU application security

Business-logic ….Approved logic: may be read and executed,

but not updated.

To be able to regression testing higher level must be visible

Beware the requirements at development.

Maintenance BU-Logic (t,a,p visible)

The only environment to change BU logic

Business-data ….According to business needs, possible

actions are read and also update.

Fore testing (A , T) same rules as P

Beware the requirements at development.

Maintenance on DATA structure implies more open access.

Architecture: Securing Bu-application - Generic Pattern not just SAS

Applications

D T A P

D T A P

-

D

T

A

P

D

T

A

P

D

T

A

P

D

T

A

P

D T A P

D T A P

RW-(*)

R - -RW-

R - -RW-

R - -RW-

RWX(*)R-X

R-X

R-X

R-X

R-X

R-X

R-X

R-X R-X

5

BU application security

Securing Business Software: • Every Stage gets its dedicated owner/NPA: <applid>_s<dtap>• Every Stage gets its related group: <applid>_s<dtap>Every relevant BU user is member of the related group

Architecture: Securing Bu-application - Generic Pattern not just SAS

Securing Business Data: • Every Stage gets its dedicated owner/NPA: <applid>_b<dtap>• Every Stage gets its related group: <applid>_b<dtap>Every relevant BU user is member of the related group

Applications

D T A P

D T A P

Behavior security concept: • There is no relationship needed to machines. Segregation is guaranteed.• Accidental mixing of stages business-data is impossible at Server-side.• Can be controlled to detail (RBAC -Soll) in choosing the right Bu-groups.• Change Maintenance must be done by the owner NPA’s.

-

Software Library

6

BU Life Cycle Management

Business Logic SCM

D

D

T

A

P

T PA P

DT DT AC PB PF

-

We focus on how components between the stages and the machines:• are copied == Analyses develop changes required. • Are moved == Concatenation must be possible

Preferred is: concatenation as all analyses requirements are eliminated

Preferred is: shared development as all check’s who is working on something are eliminated

Z

Promote

Delete

Maint

Deploy

Software Library

7

BU Emergency fix / parallel development

E-fix - U V W

With more work parallel executing there is need to implements this.

This Life-Cycle figure just zooms in to the developers work.The goal emergency fix is fixing production as soon as possibleThe goal of U,V,W is bigger projects developing a new future

release

-

D

T

A

P

Z

8

BU DATA Segregation with DTAP

D T PA P

DT DT AC PB PF

-

D T A P

D T A P

General Company’s network - intranet

9

BU DATA Segregation with DTAP

Requirements Network Needed with SCM • Network must allow connections (Life Cycle Management)

-

Common design/architecture mistakes leading to failures:• Trying to indicate the iron-boxes into D,T,A,P • Not taking having noticed the possible networked interconnections• Supposing that different roles always are done by different people• No notice of the requirements with outsourcing contracts

Requirements Network Needed with Business data • Network must not allow connections of different stages

Solution: • The session/processes for an BU-application must be

DTAP aware. Both for BU-Logic and BU-Data.• With this awareness is must not be possible by the

users (business) to pass into forbidden areas.

Applications

D T A P

D T A P

10

Data Exchange, getting your data

-

D T PA P

DT DT AC PB PF

SAS Meta: Lev4 SASMeta Lev2 Meta Lev1 Meta Lev1 SAS Meta: Lev3

D T A P

D T A P

General Company’s network - intranet

Segregated Definitions

Segregated Keys access

An user (business) is not allowed to define his own connections. All is predefined

11

The SH team (SAS Hosting – middleware support) takes care of:

• Defining Physical locations of the Business data and logic It is implemented by a script.

• Defining the logical connections (libname filename) and other settings and options in favor of the businessIt is implemented by a variety of tasks.

• Helps the Business to get all the IT requirements organized.This requires al lot of time and effort because of the tremendous complexity with ING’s internal processes and procedures. To mention A_Soll Itram ABP LPAD CSD ITIM RBAC and all the service-partners Atos Logica KPN HP.

Define, Support & Configuration TI<->Business

To be able to do this, the administrator SH-team must be authorized to use the BU: NPA data-owner (SUDO) <applid>_b<dtap>. NPA logic-owner (SUDO) <applid>_s<dtap>.There are more situations like this where SH-team is using these BU NPA’sSegregation responsibility in DTAP is implied. Logging actions is implied by SUDO

-

12

Applications

Infrastructure: SAS / DBMS / file transfer – Middleware

D T A P

D T A P

Infrastructure: OS / Network / Security - Base level

D T A P

D T A P

The Middleware Configuration must be designed developed tested and evaluated.• At lower infrastructure level• To the business applications

Segregation Application:Consequence of Security

• Business Logic • Business Data

ApplicationsMirrors

D T

D T A P

Segregation Infrastructure:• Middleware • Base LevelConsequence of Behavior

Time Lifecycle

IT DT AC PB

PF

IT

Configuration: DTAP Bu’s appl

Configuration: DTAP Infra Base

Logical Machines

Configuration

-

Business / IT Infrastructure

Define, Support & Configuration TI<->Business

Configuration: DTAP Infra Base

13

Needed is an crash-dummy like the an business application. Naming edu rcr sec. To be able the configuration to:• Maintain related to configuration• Test behavior the whole chain• Monitor usage dedicated to tool SAS

Define, Support & Configuration TI<->Business

So the applications edu rcr sec are owned by the middleware SH team. They are not part of the middleware but are set up like a business application.

-

Applications

D T A P

D T A P

The security is set up with the 8 NPA’s / groups

There is no real business logic or business data involved

The business impact is that when this work can’t be done isolated, it will influence the business applications directly.