security as a architectural concern
play

Security as a Architectural Concern Reid Holmes [TAILOR ET AL.] - PowerPoint PPT Presentation

Aug 31, 2022 •101 likes •160 views

Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice - Krzysztof Czarnecki Security as a Architectural Concern Reid Holmes [TAILOR ET AL.] NFP: Security Security: The protection a ff orded a

  1. Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice - Krzysztof Czarnecki Security as a Architectural Concern Reid Holmes

  2. [TAILOR ET AL.] NFP: Security ‣ Security: “The protection a ff orded a system to preserve its integrity, availability, and confidentiality if its resources.” ‣ Confidentiality ‣ Preserving the confidentiality of information means preventing unauthorized parties from accessing the information or perhaps even being aware of the existence of the information. ‣ Integrity ‣ Maintaining the integrity of information means that only authorized parties can manipulate the information and do so only in authorized ways. ‣ Availability ‣ Resources are available if they are accessible by authorized parties on all appropriate occasions. REID HOLMES - SE2: SOFTWARE DESIGN & ARCHITECTURE

  3. [TAILOR ET AL.] Security arch. principles ‣ Least privilege: ‣ Give each component only the privileges it requires. ‣ Fail-safe defaults ‣ Deny access if explicit permission is absent. ‣ Economy of mechanism ‣ Adopt simple security mechanisms. ‣ Open design ‣ Secrecy != security. REID HOLMES - SE2: SOFTWARE DESIGN & ARCHITECTURE

  4. [TAILOR ET AL.] Security arch. principles ‣ Separation of privilege ‣ Introduce multiple parties to avoid exploitation of privileges. ‣ Least common mechanism ‣ Limit critical resource sharing to only a few mechanisms. ‣ Psychological acceptability ‣ Make security mechanisms usable. ‣ Defence in depth ‣ Have multiple layers of countermeasures. REID HOLMES - SE2: SOFTWARE DESIGN & ARCHITECTURE

Recommend

NES Architectural Ltd http://www.nes-solutions.co.uk/architectural Who Are we? NES Architectural

NES Architectural Ltd http://www.nes-solutions.co.uk/architectural Who Are we? NES Architectural

NES Architectural Ltd http://www.nes-solutions.co.uk/architectural Who Are we? NES Architectural is a family owned business, based in Colchester. The manufacturing facility is 70,000 sq. ft with a staff of over 50. What do we do? NES

274 views • 16 slides
Seminar Series IT and OT, Information Security Architectural and Operational Divides in the

Seminar Series IT and OT, Information Security Architectural and Operational Divides in the

Seminar Series IT and OT, Information Security Architectural and Operational Divides in the Energy Sector Cyber Resilient Energy Delivery Consortium (CREDC) Mark Guth Manager Corporate Security Critical Infrastructure Compliance March 13,

230 views • 22 slides
impact of Security. I SPEAKER'S BIOGRAPHY The Speaker is the former Chairman, Technical Committee

impact of Security. I SPEAKER'S BIOGRAPHY The Speaker is the former Chairman, Technical Committee

GSX 1201s PRESENTATION TITLE: ORGANIZATIONAL SECURITY CULTURE:A NEW BUSINESS PARADIGM ABSTRACT "Security is everybody's Concern" is the most frequently expressed among the basic principles of Security; but how it's done is just as

223 views • 9 slides
Design and Architectural Principles Internet Security [1] VU Engin Kirda

Design and Architectural Principles Internet Security [1] VU Engin Kirda

Design and Architectural Principles Internet Security [1] VU Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at News from the Lab Challenge 4 will be announced today (16:00) after the lecture E-Mail

384 views • 34 slides
Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security

Chapter 9 Cloud Security Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security, a major concern for cloud users. Privacy. Trust. Operating systems

661 views • 38 slides
Micro-architectural Attacks Chester Rebeiro IIT Madras 1 Things we thought gave us security!

Micro-architectural Attacks Chester Rebeiro IIT Madras 1 Things we thought gave us security!

Micro-architectural Attacks Chester Rebeiro IIT Madras 1 Things we thought gave us security! Cryptography Passwords Information Flow Policies Privileged Rings ASLR Virtual Machines and confinement Javascript

891 views • 59 slides
Architectural Requirements for Intransitive Trust and Fault-and-Intrusion Tolerance Marcus Vlp

Architectural Requirements for Intransitive Trust and Fault-and-Intrusion Tolerance Marcus Vlp

Architectural Requirements for Intransitive Trust and Fault-and-Intrusion Tolerance Marcus Vlp University of Luxembourg Interdisciplinary Centre for Security, Reliability and Trust CritiX Critical and Extreme Security and Dependability

266 views • 12 slides
Architectural Principles for Secure Multi-Tenancy John Linn, Office of the CTO, RSA, The Security

Architectural Principles for Secure Multi-Tenancy John Linn, Office of the CTO, RSA, The Security

Architectural Principles for Secure Multi-Tenancy John Linn, Office of the CTO, RSA, The Security Division of EMC John Field, Office of the CTO, EMC Also adapting prior content by Burt Kaliski DIMACS Workshop in Systems and Networking Advances

508 views • 18 slides
RIFLE: An Architectural Framework for User-Centric Information-Flow Security Neil Vachharajani

RIFLE: An Architectural Framework for User-Centric Information-Flow Security Neil Vachharajani

RIFLE: An Architectural Framework for User-Centric Information-Flow Security Neil Vachharajani Matthew J. Bridges Jonathan Chang Ram Rangan Guilherme Ottoni Jason A. Blome George A. Reis Manish Vachharajani David I. August

426 views • 19 slides
Caring f ring for Aging ing Adults ults CONCERN CONCERN: EMPLOYE : EMPLOYEE ASSISTA E

Caring f ring for Aging ing Adults ults CONCERN CONCERN: EMPLOYE : EMPLOYEE ASSISTA E

Caring f ring for Aging ing Adults ults CONCERN CONCERN: EMPLOYE : EMPLOYEE ASSISTA E ASSISTANC NCE E PROGRAM PROGRAM A Benefit for Employees and Families 2 CONCERN: E CERN: EAP Services vices Work/Life Benefits Parenting and

554 views • 19 slides
RIFLE An Architectural Framework for User-Centric Information-Flow Security Vachharajani, N. and

RIFLE An Architectural Framework for User-Centric Information-Flow Security Vachharajani, N. and

RIFLE An Architectural Framework for User-Centric Information-Flow Security Vachharajani, N. and Bridges, M.J. and Chang, J. and Rangan, R. and Ottoni, G. and Blome, J.A. and Reis, G.A. and Vachharajani, M. and August, D.I. Information Flow

977 views • 19 slides
WELCOME COMMUNITY MEETING 13 JUNE 2018 ARCHITECTURAL DESIGN NEW ARCHITECTURAL DESIGN JULY

WELCOME COMMUNITY MEETING 13 JUNE 2018 ARCHITECTURAL DESIGN NEW ARCHITECTURAL DESIGN JULY

WELCOME COMMUNITY MEETING 13 JUNE 2018 ARCHITECTURAL DESIGN NEW ARCHITECTURAL DESIGN JULY 2018 AUGUST 2019 OVERVIEW SITE UPDATE SITE UPDATE SITE UPDATE SITE UPDATE SECURITY & SAFETY Student Safety is Our #1 Priority

331 views • 15 slides
Rapid Assessment key findings Key contributors in alphabetical order: ACF, Concern Aid

Rapid Assessment key findings Key contributors in alphabetical order: ACF, Concern Aid

Rapid Assessment key findings Key contributors in alphabetical order: ACF, Concern Aid International, FAO, Liberia, Food Security Cluster, LISGIS, Mercy Corps, MOA, UNDP, WFP, WeltHungerHilfe Fighting Hunger Worldwide Key informants:

713 views • 24 slides
3 Areas of Concern Almuth Ernsting, Biofuelwatch, 25 th May 2017 www.biofuelwatch.org.uk Concern

3 Areas of Concern Almuth Ernsting, Biofuelwatch, 25 th May 2017 www.biofuelwatch.org.uk Concern

Glenrothes Biomass Energys proposal for a biomass gasifier at Southfield Industrial Estate: 3 Areas of Concern Almuth Ernsting, Biofuelwatch, 25 th May 2017 www.biofuelwatch.org.uk Concern 1: Impacts on Climate and Forests + In 2016, UK

521 views • 22 slides
IAB IAB Architectural Consideration for Architectural Consideration for OPES OPES Abbie

IAB IAB Architectural Consideration for Architectural Consideration for OPES OPES Abbie

IAB IAB Architectural Consideration for Architectural Consideration for OPES OPES Abbie Barbir abbieb@nortelnetworks.com Design Team IAB consideration (RFC 3238) Brief Review of Some Issue IP-layer communications (2.2) For an OPES

216 views • 8 slides
Architectural Patterns Architectural Patterns The fundamental problem to be solved with a large

Architectural Patterns Architectural Patterns The fundamental problem to be solved with a large

Architectural Patterns Architectural Patterns The fundamental problem to be solved with a large system is how to break it into chunks manageable for human programmers to understand, implement, and maintain. Dr. James A. Bednar Large-scale

893 views • 12 slides
Going Reactive An architectural journey Going Reactive An architectural journey Matthias

Going Reactive An architectural journey Going Reactive An architectural journey Matthias

Going Reactive An architectural journey Going Reactive An architectural journey Matthias Kppler October 2015 commit 24c61b35754ff5ca153ce37c5886279153f0d16f Author: Matthias Kaeppler <mk@soundcloud.com> Date: Wed Mar 13

700 views • 41 slides
Are External Deficits Are External Deficits A Concern ? A Concern ? Professor Tony Makin

Are External Deficits Are External Deficits A Concern ? A Concern ? Professor Tony Makin

Are External Deficits Are External Deficits A Concern ? A Concern ? Professor Tony Makin Griffith Business School Gold Coast Australia 2 May 2006 Main Themes International Developments Major Concerns About External Deficits

398 views • 25 slides
Architectural Patterns The fundamental problem to be solved with a large system Architectural

Architectural Patterns The fundamental problem to be solved with a large system Architectural

Architectural Patterns The fundamental problem to be solved with a large system Architectural Patterns is how to break it into chunks manageable for human programmers to understand, implement, and maintain. Dr. James A. Bednar Large-scale

354 views • 12 slides
A Mor A More Resi sili lien ent Y t You CONCERN: CONCERN: EMPLOYEE EMPLOYEE ASSISTANCE

A Mor A More Resi sili lien ent Y t You CONCERN: CONCERN: EMPLOYEE EMPLOYEE ASSISTANCE

A Mor A More Resi sili lien ent Y t You CONCERN: CONCERN: EMPLOYEE EMPLOYEE ASSISTANCE ASSISTANCE PROGRAM PROGRAM A Benefit for Employees and Families 3 CONC NCER ERN: N: E EAP S AP Servi ervice ces Work/Life Benefits

253 views • 21 slides
concerns do you see associated with extreme weather events? For each identified concern, identify

concerns do you see associated with extreme weather events? For each identified concern, identify

What are the 3-5 most significant concerns do you see associated with extreme weather events? For each identified concern, identify 2-3 pieces of concrete evidence demonstrating why the concern is real and significant. Concern #1 - Severe WX

419 views • 9 slides
concerns do you see associated with extreme weather events? For each identified concern, identify

concerns do you see associated with extreme weather events? For each identified concern, identify

What are the 3-5 most significant concerns do you see associated with extreme weather events? For each identified concern, identify 2-3 pieces of concrete evidence demonstrating why the concern is real and significant. Concern #1 Public

481 views • 13 slides
Miller Career & Technology Center Architectural Design II Practicum in Architectural Design

Miller Career & Technology Center Architectural Design II Practicum in Architectural Design

Miller Career & Technology Center Architectural Design II Practicum in Architectural Design Practicum of STEM John Dombrowski johnmdombrowski@katyisd.org Born in Chicago, Illinois Instructor Graduated from the University of

274 views • 12 slides
Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste Orange Labs SEC2 ComPAS15 Workshop on Cloud Security Lille, June 30, 2015 Cloud Security Today Security = key concern in cloud adoption for the

2.73k views • 33 slides

More recommend