Solution Architecture Foundations by Lovatt Mark;
Author:Lovatt, Mark; [Lovatt, Mark]
Language: eng
Format: epub
Publisher: BCS Learning & Development Limited
Published: 2021-12-15T00:00:00+00:00
Activity 4.3
What aspects of the Fallowdale Hospital patient communications solution require accessible design? Can you distinguish between direct and indirect access for any of these design considerations?
4.6.7 Security
Security features can be specified as functional requirements of a solution where security activities need to be carried out by users or actors who interact with the solution. As an NFR, security can be quite difficult to pin down. However, one area that should be quite clear is access and authorisation control. This is a specification of which people and systems should have the ability to perform tasks and access resources. Conversely, any person or system not in the specification for a task or resource must be prevented from gaining access.
A security specification in its simplest form is a cross-reference grid where permission is indicated at the intersection of a resource or task on one axis, and a person or system on the other. Note that âperson or systemâ is often generalised to âentityâ and may include groups, roles and other multi-entity constructs.
There are a few additional details that need to be specified for a solution such as the type of access allowed. Read access may be permitted for some entities and write access reserved for only those where it is absolutely essential to complete a task. Tasks themselves may be complex with multiple parts and some entities may be given access to perform only part of a task. There may also be conditions that need to be satisfied for access to be provided.
On the negative, preventative side of security, it is necessary to specify the level of protection that is required to stop unauthorised access to resources and functionality. This can only be done as part of an NFR by giving each resource and task a security level (low, medium, or high, for example) based on an assessment of the severity of any breach. The implementation of such a security specification needs the expertise of security and infrastructure specialists.
Apart from gaining unauthorised access to resources and functionality in the form of tasks, security attacks can target non-functional aspects of a solution such as availability and performance. These are sometimes known as denial-of-service attacks. Again, the implementation of protection measures will be done by specialists in the field, but solution architecture needs to specify the requirement in terms of the seriousness of the impact on the solution were such an attack to be successful. This needs to be done for every NFR.
Some measures that can be put in place as SLAs include:
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Zero to IPO: Over $1 Trillion of Actionable Advice from the World's Most Successful Entrepreneurs by Frederic Kerrest(4051)
Machine Learning at Scale with H2O by Gregory Keys | David Whiting(3621)
Harry Potter and the Goblet Of Fire by J.K. Rowling(3608)
Never by Ken Follett(3524)
Ogilvy on Advertising by David Ogilvy(3328)
Shadow of Night by Deborah Harkness(3174)
The Man Who Died Twice by Richard Osman(2807)
Book of Life by Deborah Harkness(2717)
My Brilliant Friend by Elena Ferrante(2698)
How Proust Can Change Your Life by Alain De Botton(2613)
0041152001443424520 .pdf by Unknown(2593)
Will by Will Smith(2579)
The Tipping Point by Malcolm Gladwell(2559)
How to Pay Zero Taxes, 2018 by Jeff A. Schnepper(2500)
Purple Hibiscus by Chimamanda Ngozi Adichie(2483)
Hooked: A Dark, Contemporary Romance (Never After Series) by Emily McIntire(2420)
Rationality by Steven Pinker(2148)
Borders by unknow(2117)
Daughter of Smoke and Bone by Laini Taylor(2078)
