We are coming towards the end of our discussion on the security aspects of software architecture. It is a good time to summarize the strategies that one should try and impart to a software development team from a security architect's point of view. The following is a table summarizing the top 10 of these.
|
SL |
Strategy |
How it helps |
|---|---|---|
|
1 |
Validate inputs |
Validate inputs from all untrusted data sources. Proper input validation can eliminate a vast majority of software vulnerabilities. |
|
2 |
Keep it simple |
Keep program design as simple as possible. Complex designs increase the chances of security errors being made in their implementation, configuration, and deployment. |
|
3 |
Principle of least privilege |
Every process should execute with the least set of system privileges necessary to complete the work. For example, to read data from |
|
4 |
Sanitize data |
Sanitize data read from and sent to all third-party systems such as databases, command shells, COTs components, third-party middlewares, and so on. This lessens the chances of SQL injection, shell exploit, or other similar attacks. |
|
5 |
Authorize access |
Separate parts of your application by roles that need specific authentication via login or other privileges. Don't mix different parts of applications together in the same code that requires different levels of access. Employ proper routing to make sure that no sensitive data is exposed via unprotected routes. |
|
6 |
Perform effective QA |
Good security testing techniques are effective in identifying and eliminating vulnerabilities. Fuzz testing, penetration testing, and source code audits should be performed as part of the program. |
|
7 |
Practice defense in layers |
Mitigate risks with multiple layers of security. For example, combining secure programming techniques with secure runtime configuration will reduce the chances of any remaining code vulnerabilities being exposed in the runtime environment. |
|
8 |
Define security requirements |
Identify and document the security constraints in the early lifecycle of the system, and keep updating them, making sure that any further features down the line keep up with these requirements. |
|
9 |
Model threats |
Use threat modeling to anticipate the threats to which the software will be subjected. |
|
10 |
Architect and design for security policies |
Create and maintain a software architecture that enforces a pattern of consistent security policies across your system and its subsystems. |