Security Architecture and Design
Security Architecture is one component of a products/systems overall architecture and is developed to provide guidance during the design of the product/system.
Security Architecture is the design artifacts that describe how the security controls (= security countermeasures) are positioned and how they relate to the overall systems architecture. These controls serve the purpose to maintain the system’s quality attributes such as confidentiality, integrity and availability.
A security policy is a statement that outlines how entities access each other, what operations different entities can carry out, what level of protection is required for a system or software product, and what actions should be taken when these requirements are not met.
A security model outlines the requirements necessary to properly support and implement a certain security policy.