TR173 Security Management Use Cases v0.7

This report is organized around three Use Cases in which Security Management processes play a key role: (1) Denial of Service Attack (DoS), (2) Penetration Attack, (3) Application Misuse/Abuse. These Use Cases were identified by Defense and Service Provider Security Management community members, because of the risk that they pose to their respective organizations.

Each of these Security-themed Use Cases is presented as a set of business process flows. These flows are captured from existing processes from the Business Process Framework (eTOM) – down to Level 3 process decomposition, and proposed L4 and L5 processes. (Please note: The processes designated as “proposed‚¬ have been captured within this document for completeness. When they have been factored into a future eTOM release, this document will be synched with the model so that the names and process decomposition levels are in agreement.) The intent is not to document the entirety of the complex process flow for each Use Case, but rather to exercise the eTOM for Security Management Use Cases in an effort to demonstrate its effectiveness and validate its completeness.

Please note that while Security Management is specifically captured as Level 2 process in the Enterprise Risk Management area of the eTOM, the Security Management Use Cases span Enterprise Management, Strategy, Infrastructure Lifecycle Management, and Product Lifecycle Management (SIP), and Operations as well.

It is expected that additional Security Management Use Cases will be added over time, and that further eTOM decomposition (to Level 4 or 5) will be needed to support more specialized Security Management processes.