Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless...
Transcript of Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless...
![Page 1: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/1.jpg)
Security Design Patterns– Overview
–Software Development Lifecycle
–Enterprise Software DesignProcess and Artifacts
–Pattern Format
–Aspect Oriented Programming
![Page 2: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/2.jpg)
Security Design Patterns– Focus of this presentation
– Architecture-centric (AOP)
– Enterprise Focus
– Technology Agnostic
– Collaboration between Security,Business, and Development
![Page 3: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/3.jpg)
Development Lifecycle
• Software Development Lifecycle– Analysis: focuses on requirements gathering
and high level definitions
– Design: drills down on technical issues,distributions, and refines requirements
– Construction: building and testing thesystem
– Transition: "going live!"
![Page 4: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/4.jpg)
SW Security Architect Role
• Provides Leadership
• Facilitate Collaboration betweendisparate stakeholders
• Focus on Design Process
Architect
Business
Security Dev Data Ops
![Page 5: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/5.jpg)
Analysis Phase
• "A problem, properly stated, is a problem on its way tobeing solved," Buckminster Fuller
• Concerned with the “what” not the “how”
• What is the business value of security?
• Artifacts– Functional & non-functional requirements
• Security requirements are often “negative”
– Use Cases
![Page 6: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/6.jpg)
Use Case
• A specific way to capture requirementsusing actors and actions to showstructure and relationships
• Defines both text document and diagramformats
• Use Cases drive the developmentprocess
![Page 7: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/7.jpg)
Use Case
• Use Case Example: user transferringmoney on bank website system
![Page 8: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/8.jpg)
Use Case
• Use Case Attributes– Goal/Context
– Boundaries
– Preconditions
– End Condition: Success/Fail
– Actor/Roles
– Actions
![Page 9: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/9.jpg)
Mis-Use Cases
• Look at the system from an attacker pointof view
• Useful to glean security requirements
• Discussed in paper by Guttorm Sindreand Andreas Opdahl.– More information at:
www.ifi.uib.no/conf/refsq2001/papers/p25.pdf
![Page 10: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/10.jpg)
Mis-Use Case Example
• Attacker View of Bank Website
![Page 11: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/11.jpg)
Mis-Use Case Benefit
• Defending Against Login Subversion
![Page 12: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/12.jpg)
Design Phase
• Goals of this phase include– System, object, component design
– Prototyping
• Design Artifacts– CRC Cards: Class, Responsibility,
Collaboration
– Class & Sequence Diagrams
– CommonServices:Logging/Security/Exception
![Page 13: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/13.jpg)
Threat Modeling
• Elaborates on threats in MisUse caseanalysis
• Focus on distilling:– Threat impact level
– Threat likelihood
– Mitigation, management, and containment
![Page 14: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/14.jpg)
Design Patterns
• Christopher Alexander– “Timeless Way of Building”& “Pattern
Language”
• Pattern definition– "Each pattern describes a problem which occurs
over and over again in our environment, and thendescribes the core of the solution to that problem, insuch a way that you can use this solution a milliontimes over, without ever doing it the same waytwice," Alexander
![Page 15: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/15.jpg)
Design Patterns
• Gang of Four “Design Patterns”– Defined three pattern types
• Creational
• Structural
• Behavioral
• Basic Pattern Template– Problem, Context, Solution
![Page 16: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/16.jpg)
Security Design Patterns
• Derived from Solutions to Mis-Use Casesand Threat models
• Encompass “prevention, detection, andresponse” (Schneier, “Secrets and Lies”)
• Context and pattern relationships equallyimportant as individual problems andsolutions
![Page 17: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/17.jpg)
Input Validator Pattern
• Context: distributed applications aretypically built to be client independent.
• Problem: a minimum of assumptions andcontrol of client interface createspossibility of malicious input. Maliciousinput can be used to gain unauthorizedaccess to system processes andresources
![Page 18: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/18.jpg)
Input Validator Pattern
• Solution: Do not trust input. Validateinput against acceptable value criteria.
![Page 19: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/19.jpg)
Improving The Solution withAOP
• Aspect Oriented Programming Basics– AOP and OOP collaborate
– Ability to address cross cutting concerns(like security!) in a modular way
– Component Relationships
– Tool Support: AspectJ, HyperJ (IBM),AspectWerks, Nanning (see www.aosd.net)
– Not Just Java
![Page 20: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/20.jpg)
AOP Concepts
• AspectJ Basics– Aspect
– Join Point• Location
– Pointcut• Context gathering/assembling
– Advice
– Introduction
![Page 21: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/21.jpg)
Refactoring with AspectJ
• Login Use Case
![Page 22: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/22.jpg)
Refactoring with AspectJ
• Additional Use Cases
![Page 23: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/23.jpg)
Refactoring with AspectJ
• Classes with Getters
![Page 24: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/24.jpg)
Refactoring with AspectJ
• AspectJ modularizes common behaviorbefore(): call(void Facade+.get*(..))
|| call(void Facade+.update*(..)){ InputValidator.validate();}
![Page 25: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/25.jpg)
Exception Manager Pattern
• “If I wanted you to understand I would have explainedit better,” Johan Cruyff
• Context: differentiate between exceptionhandling and exception management
–Java exception handling paradigm
• Problem: exceptions can write sensitivedata, i.e. Database connection info, tologs or to user screen.
![Page 26: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/26.jpg)
Exception Manager Pattern
• Solution: Use structured exception handling, wrapexceptions, and sanitize exception information fordisplay
![Page 27: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/27.jpg)
Secure Logger Pattern
• Context:balance between performanceand analytical purposes
• Problem:– Distributed Systems
– Centralize vs. decentralize
– Time
– Management
![Page 28: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/28.jpg)
Secure Logger Pattern
• Solution: remote logging host
![Page 29: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/29.jpg)
Secure Logger Pattern
• Solution: deployment diagram
![Page 30: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/30.jpg)
Secure Logger Pattern
• Logging in Java
![Page 31: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/31.jpg)
Secure Logger Pattern
• SloggerAspect.javabefore(): call(void Facade+.get*(..))
|| call(void Facade+.update*(..)){ //assemble context init logger methods;}
after(): call(void Facade+.get*(..)) || call(void Facade+.update*(..)){ //final logger methods;}
![Page 32: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/32.jpg)
Patterns
• Modular Behavior
![Page 33: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/33.jpg)
Construction Phase
• Concerned with building, integrating, andtesting code
• Iterate
• Use unit tests like Junit (www.junit.org)and Nunit to validate your designassumptions
![Page 34: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/34.jpg)
Build and Unit Test Process
• Separation of privileges– Developer Level
• Compile
• Unit test
– Integration Level• Build
• Configure
• Deploy
• Promote
![Page 35: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/35.jpg)
Transition Phase
• "There's nothing like bringing in a herd," City Slickers
• Moving to operational mode
• Where security usually begins
• Operational plans, monitoring processes& Incident response
![Page 36: Overview Software Development Lifecycle Enterprise ... · ¥ Christopher Alexander —ÒTimeless Way of BuildingÓ& ÒPattern LanguageÓ ¥ Pattern definition — "Each pattern describes](https://reader030.fdocuments.us/reader030/viewer/2022011807/5c4c095493f3c34c5509dc3d/html5/thumbnails/36.jpg)
Questions?
• More information and free, monthlyarchitecture newsletter at:www.arctecgroup.net/articles.htm