Learn about the Zachman approach to enterprise architecture.
- [Narrator] There are few, if any, simple enterprises these days. Enterprises are complex affairs, with many parts working together. An enterprise architecture provides a complete view of the enterprise, from strategic goals, to routine tasks on the shop floor. Decomposing a complex system down to its more manageable parts, but at the same time, understanding the trade-offs required across each of those parts, to ensure the enterprise as a whole achieves maximum success. An enterprise architecture brings together all the components of an enterprise in a way that shows the relationship of each component to the others, and its contribution to the whole.
At a business level, an enterprise has its goals and objectives. Its business processes. The set of business risks it manages. A range of people including shareholders, staff, service providers, and customers who are affected by it. And they may be spread across many physical occasions, and have many teams. An enterprise has its technology and processes which support it, and the data which feed into them to provide information for reporting and decision making.
It also has performance monitoring and management systems to keep the enterprise running day-to-day, and to provide the means of detecting and reacting to issues, which might affect the business outcomes. One of the most popular ways of describing all of these issues is through what is known as a Zachman diagram. This is an approach developed by John Zachman to provide a comprehensive view of an enterprise. It has two fundamental concepts. The first is the rhetorical approach to problem-solving. Defined by the rhetor Hermagoras of Temnos in 1 BC, which provides the seven circumstances which fully describe the problem, quis, quid, quando, ubi, cur, quem ad modem, and quibus adminiculis.
Nowadays, we've simplified this slightly to the six questions. What, how, who, where, when and why. John Zachman has adopted these six questions to form one access, who presents prize architecture matrix. The second concept is that of a layered description of the business, from a business level to the operational day to day activities. This also comes from early Greek thinking of how to break an abstract idea down into a natural real life instance.
This concept has six components, known nowadays as the contextual, conceptual, logical, physical component, and operation layers. At each level, the business is described in more granularity, so that at the operations layer, it can be seen in operation. The layers can be described in more tangible terms. The contextual layer is about the business. Conceptual layer is an architect's view of how the business can be represented in an abstract form.
The logical layer, is about the systems that exist within the business, and the top level information flows through them. The physical layer is the data, networks, and ICT systems which are used to manage the information systems of the business. And the component layer represents the actual products and process manuals used by the enterprise staff. The operational layers consists of the running instances of the management processes, which have been put in place to enable people to do their business. These two concepts come together in the Zachman diagram, or 6X6 matrix, which contains cells to describe every aspect of an enterprise.
This is also known as the enterprise ontology. Using this ontology, an enterprise architect has the map and the tools to describe every part of the enterprise, and how all the parts aggregate to form the enterprise. For example, under the how column, we started the business level with the process identification. At the conceptual layer, this is described in more granularity as the process definition. This is still a business level representation. At the logical layer, the process is described in still more granularity as the process representation in terms of systems processing, also known as transformation and system input outputs.
At the physical layer, the process specification considers technology processing and inputs outputs. At the component layer, the process is described at the level of tools and system configurations. At the operations or implementation layer, the instantiation of the process specification into a running process is described. The final columns on the right, while motivation, is the one which interests us most as security professionals.
It covers the two major motivations, compliance to legislative and regulatory obligations, and risks to business outcomes. From a Zachman approach, security is just another set of tools which appear in the motivation column. However, there's an extension of the Zachman model which provides a much richer view of security architecture.
- Designing an enterprise architecture
- Architecting security
- Designing IoT security
- Domain specific architectures
- Proximity network services
- IoT application services
- Revised conceptual architecture