Building in Security at Agile Speed by James Ransome;Brook S.E. Schoenfield;

Author:James Ransome;Brook S.E. Schoenfield; [Неизв.]
Language: eng
Format: epub
ISBN: 9781000392784
Publisher: CRC Press (Unlimited)
Published: 2021-10-25T21:00:00+00:00

__________________

*

Wahe, S. (2011). The Open Group. Open Enterprise Security Architecture (0-ESA): A Framework and Template for Policy-Driven Security. Zaltbommel (The Netherlands): Van Haren, p. 5.

As architecting the system proceeds in earnest, the security requirements will begin to take on specificity. A particular authentication system will be chosen: For a major server farm, for instance, a system may be chosen which can handle millions of authentications per minute, can handle millions of user identities, can interface with the appropriate runtime and execution environments, and so forth. Or, if the authentication system will be very modest, perhaps there is an integral library, or another module which will suffice. Using the former implies tremendous growth and heavy user traffic, perhaps even heterogeneous systems. When using the latter authentication system, the smaller library may preclude major server farm growth. In considering the intended use (say, an authentication system for a customer-deployable appliance), a relatively constrained mechanism may be warranted. In any event, a particular choice will be made based on the requirements of the system in the intended deployment and with respect to the expected growth. The architecture will grow more specific and particular. The output of the security architecture process is specific components providing particular services and communicating using known protocols. (Core Software Security, pp. 294-295)

Please see Chapter 4 for greater detail on attack and defense analysis, that is, threat modeling.

For systems within an existing architecture, any change to that architecture may have security implications, so the security of each architectural change should be considered. For instance, the addition of a third party partner to whom finance data may flow will engender the addition of mechanisms to protect that finance data in transit. Further, protections will need to be put into place such that only the intended partner will be able to interact. In other words, the security needs of an existing architecture will change in the face of new components, or new communication flows, or new data types. Changes to any part of the architecture must be considered in light of the whole architecture, of all the existing security services. This work is very similar if not identical to the design work when building an entirely new architecture. Hence, we specify architectural assessment of the security of the system after the security strategy for the system has been considered or when any architectural changes are being made to an existing system. This set of SDL task flows presumes that the existing architecture has been through a holistic, thorough security assessment as required for an entirely new system. If there has been no previous security assessment, then the existing architecture should be treated as entirely new. (Core Software Security, pp. 295-296)

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.