Presentation is loading. Please wait.

Presentation is loading. Please wait.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.

Published byKira Madron Modified over 9 years ago

Similar presentations

Presentation on theme: "©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2."— Presentation transcript:

1 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2

2 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 2 Design for security l Architectural design - how do architectural design decisions affect the security of a system? l Good practice - what is accepted good practice when designing secure systems? l Design for deployment - what support should be designed into a system to avoid the introduction of vulnerabilities when a system is deployed for use?

3 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 3 Architectural design l Protection How should the system be organised so that critical assets can be protected against external attack? l Distribution How should system assets be distributed so that the effects of a successful attack are minimised? l Potentially conflicting If assets are distributed, then they are more expensive to protect.

4 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 4 Protection l Platform-level protection l Application-level protection l Record-level protection

5 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 5 Layered protection

6 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 6 A distributed equity system

7 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 7 Design guidelines l Design guidelines encapsulate good practice in secure systems design l Design guidelines serve two purposes: They raise awareness of security issues in a software engineering team. They can be used as the basis of a review checklist that is applied during the system validation process.

8 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 8 Design guidelines 1 l Base security decisions on an explicit security policy l Avoid a single point of failure l Fail securely l Balance security and usability l Be aware of the possibilities of social engineering

9 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 9 Design guidelines 2 l Use redundancy and diversity to reduce risk l Validate all inputs l Compartmentalise your assets l Design for deployment l Design for recoverability

10 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 10 Design for deployment l Deployment involves configuring software to operate in its working environment, installing the system and configuring it for the operational platform. l Vulnerabilities may be introduced at this stage as a result of configuration mistakes. l Designing deployment support into the system can reduce the probability that vulnerabilities will be introduced.

11 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 11 System deployment

12 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 12 Deployment support l Include support for viewing and analysing configurations l Minimise default privileges and thus limit the damage that might be caused l Localise configuration settings l Provide easy ways to fix security vulnerabilities

13 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 13 System survivability l Survivability is an emergent system property that reflects the systems ability to deliver essential services whilst it is under attack or after part of the system has been damaged l Survivability analysis and design should be part of the security engineering process

14 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 14 Service availability l Which system services are the most critical for a business? l How might these services be compromised? l What is the minimal quality of service that must be maintained? l How can these services be protected? l If a service becomes unavailable, how quickly can it be recovered?

15 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 15 Survivability strategies l Resistance Avoiding problems by building capabilities into the system to resist attacks l Recognition Detecting problems by building capabilities into the system to detect attacks and failures and assess the resultant damage l Recovery Tolerating problems by building capabilities into the system to deliver services whilst under attack

16 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 16 System survivability method

17 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 17 Key activities l System understanding Review golas, requirements and architecture l Critical service identification Identify services that must be maintained l Attack simulation Devise attack scenarios and identify components affected l Survivability analysis Identify survivability strategies to be applied

18 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 18 Equity trading system

19 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 19 Trading system survivability l User accounts and equity prices replicated across servers so some provision for survivability made l Key capability to be maintained is the ability to place orders for stock l Orders must be accurate and reflect the actual sales/purchases made by a trader

20 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 20 Survivability analysis

21 ©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 21 Key points l Design for security involves architectural design, following good design practice and minimising the introduction of system vulnerabilities l Key issues when designing a secure architecture include organising the structure to protect assets and distributing assets to minimise losses l General security guidelines sensitise designers to security issues and serve as review checklists l System survivability reflects the ability of a system to deliver services whilst under attack or after part of the system has been damaged.

Download ppt "©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2."

Similar presentations

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Requirements Engineering Process

Requirements Engineering Process
Chapter 27 Software Change.

Chapter 27 Software Change.
Chapter 26 Legacy Systems.

Chapter 26 Legacy Systems.
Critical Systems Specification

Critical Systems Specification
Distributed Systems Architectures

Distributed Systems Architectures
Chapter 10 Architectural Design.

Chapter 10 Architectural Design.
Software Re-engineering

Software Re-engineering
Chapter 26 Legacy Systems.

Chapter 26 Legacy Systems.
Chapter 7 System Models.

Chapter 7 System Models.
Requirements Engineering Process

Requirements Engineering Process
Chapter 24 Quality Management.

Chapter 24 Quality Management.
Software Re-engineering

Software Re-engineering
Chapter 8 Software Prototyping.

Chapter 8 Software Prototyping.
Chapter 27 Software Change.

Chapter 27 Software Change.
Chapter 24 Quality Management.

Chapter 24 Quality Management.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.

1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.

By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.

ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.
1 Introduction to Safety Management April 2006. 2 Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.

1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.

Similar presentations

Ads by Google