1 / 8

Design for Security

Design for Security. Pepper. Types of Security Threats. Confidentiality of the system and data Integrity of system and data Availability of system and data. Common Workplace Holes. Easy to guess passwords Not installing protection software. Ways to Protect. Vulnerability avoidance

bolin
Download Presentation

Design for Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Design for Security Pepper

  2. Types of Security Threats • Confidentiality of the system and data • Integrity of system and data • Availability of system and data

  3. Common Workplace Holes • Easy to guess passwords • Not installing protection software

  4. Ways to Protect • Vulnerability avoidance • Don't connect to internet • Password changes (but not so often that people write them down) • Encryption • Attack detection and neutralization • Monitor operation • Alert unusual patterns of activity • Shut down a a part of the system or deny access to certain users • Exposure limitation and recovery • Automated backup or mirror • Insurance policies

  5. Firesmith: 10 types of security requirements • Identification - Whether a system should identify its users (for inquiry and/or change) • Authentication - how to identify users • Authorization - who can do what • Immunity - how to protect against malware • Integrity - How data corruption can be avoided • Intrusion detection - what mechanisms should be used to detect attacks • Non-repudiation requirements - ensure every party in the transaction must admit its involvement • Privacy - keep data private if it should not be shared • Security auditing - how to audit and check that the system is secure • System maintenance - prevent unauthorized changes to production systems

  6. Assessment • Can decide what to invest based upon • likelihood of problem occurring • level of problem a security break would cause. • There are mathematical models to help you assess and compare the likelihood and level of problems.

  7. Secure System Design Guidelines • Base security decisions on explicit security policy - write it if it does not exist • Avoid a single point of failure • Fail securely • Balance security and usability • Log user actions • Use redundancy and diversity to reduce risk • Validate all inputs (buffer overflow, sql injection …) • Compartmentalize your assets • Design for deployment • Design for recoverability

  8. Summary • Types of Security Threats - confidentiality, integrity, availability • Protection - avoid vulnerability; detect and neutralize attacks, ensure recovery • 10 security requirements to consider • Weigh risk and level of issue a break would cause

More Related