lecture: Secure Design Principles
What they mean today
Software security needs to be addressed throughout the whole software development lifecycle to ensure that the software has a reasonable level of protection. Apart from securing the perimeter with network security tools, writing secure code and performing security testing, it is essential to address security issues at the design level, by creating a secure component architecture and avoiding vulnerable design constructs. An insecure design is hard or even impossible to mitigate through "good" code or "bolted-on" security tools. Constructing a secure software design entails the application of security design patterns, as well as adherence to secure design principles. This talk will focus on the latter.
We start the session by defining what security design principles are and how they fit into secure software engineering.
The majority of the session is dedicated to examining different secure design principles, some applied at the level of code design of a single application, and others at the level of enterprise architecture, where the interactions of multiple applications and services are examined.
The first and most crucial principle is Defense in depth, where we examine how layers of security controls help us in thwarting attackers and limiting their power over our system even when they bypass a control.
Next, we examine attack surface analysis, where we discuss how to map and reduce the attack surface, to limit the available targets for our attackers.
We then go over several general sound design principles, such as economy of mechanisms, least common mechanism, and secure failure and defaults, which help us construct a secure software system.
We put particular emphasis on access control secure design principles, as this is a central security control which is often misconfigured.
Finally, we discuss how to secure our security controls and examine the process of adequately integrating security into our design.
We conclude the talk by examining ways in which secure design principles can be integrated into contemporary development methodologies.
Start time: 14:15
- So, is Android a Linux?
- Hacker Area