Design Tactics - Security

Design tactics, based on the book 'Software Architecture in Practice' by Len Bass et al.

= 12 items (filtered by ) / show notes

Resisting Attacks
Nonrepudiation, confidentiality, integrity, and assurance.

Authenticate Users
Ensure that a user or remote computer is actually who it purports to be.

Authorize Users
Ensure that an authenticated user has the rights to access and modify either data or services.

Maintain Data Confidentiality
Apply encryption to data and to communication links.

Maintain Integrity
Use redundant information, such as checksums or hash results, to ensure that data are delivered as intended.

Limit Exposure
Design systesm sot that limited services are available on each host.

Limit Access
Restrict access based on message source or destination port.

Detecting Attacks
Detect attacks and act.

Intrusion Detection
Use an intrusion detection system to detect an attack.

Recovering From Attacks
Restore state and identify attacks.

Restoration: Availability
Maintain redundant copies of system administrative data such as passwords, access control lists, domain name services, and user profile data.

Identification: Audit Trail
Use audit information to trace the actions of an attacker, support nonrepudiation, and support system recovery.