The Security Reference Model (SRM) is one of the Reference Models of the IndEA Framework (#IndEASRM) and the Federal Enterprise Architecture Framework (#FEAFSRM).

The SRM delineates the overall framework for providing information security to the entire gamut of IT systems in the enterprise. Integrity, privacy, confidentiality, and availability of information / IT systems are the key concerns addressed by SRM.

SRM adopts a layered approach to identifying and meeting the information security needs of the enterprise. The model identifies the security controls to be applied at 6 layers, namely, the Business Layer, Data Layer, Application Layer, Perimeter Layer, Network Layer and the End Point Layer. SRM also touches upon the manner of designing Security Policies and Standard Operating Procedures.

srm.png

Source: The IndEA document at the India Enterprise Architecture (IndEA) website.