Security of software applications (or lack of it) has been attracting a lot of importance in the past few years in the industry and the media. It seems that every other day, we hear about an instance or two of malicious hackers causing massive data breaches in software systems in different parts of the world, and causing millions of dollars worth of losses. The victims are either government departments, financial institutions, firms handling sensitive customer data such as passwords, credit cards, and so on.
Software security and secure coding has assumed more importance than ever due to the unprecedented amounts of data being shared across software and hardware systems—the explosion of smart personal technologies such as smart phones, smart watches, smart music players, and other smart systems has aided this immense traffic of data across the Internet in a big way. With the advent of IPv6 and expected large scale adoption of IoT devices (Internet of Things) in the next few years, the amount of data is only going to increase exponentially.
As we discussed in the first chapter, security is an important aspect of software architecture. Apart from architecting systems with secure principles, architects should also try to imbibe their team with secure coding principles to minimize security pitfalls in the code written by them.
In this chapter, we will look at the principles of architecting secure systems, and also look at tips and techniques for writing secure code in Python.
The topics we will be discussing can be summed up in the following list:
A secure architecture involves creating a system that is able to provide access to data and information to authorized people and systems while preventing any unauthorized access. Creating an architecture for information security for your systems involves the following aspects:
The three aspects of confidentiality, integrity, and availability, often called the CIA triad form the corner stones of building an information security architecture for your system.
These aspects are aided by other characteristics, such as the following:
3.141.37.10