Secure by design
This article contains instructions, advice, or how-to content. (June 2022) |
Secure by design, in software engineering, means that software products and capabilities have been designed to be foundationally secure.
Alternate security strategies, tactics and patterns are considered at the beginning of a software design, and the best are selected and enforced by the architecture, and they are used as guiding principles for
Secure by Design is increasingly becoming the mainstream development approach to ensure security and privacy of software systems. In this approach, security is considered and built into the system at every layer and starts with a robust architecture design. Security architectural design decisions are based on well-known security strategies, tactics, and patterns defined as reusable techniques for achieving specific quality concerns. Security tactics/patterns provide solutions for enforcing the necessary authentication, authorization, confidentiality, data integrity, privacy, accountability, availability, safety and non-repudiation requirements, even when the system is under attack.[3] In order to ensure the security of a software system, not only is it important to design a robust intended security architecture but it is also necessary to map updated security strategies, tactics and patterns to software development in order to maintain security persistence.
Expect attacks
Malicious attacks on software should be assumed to occur, and care is taken to minimize impact. Security vulnerabilities are anticipated, along with invalid
Avoid security through obscurity
Generally, designs that work well do not
Fewest privileges
Also, it is important that everything works with the fewest
Methodologies
Secure Design should be a consideration at all points in the development lifecycle (whichever development methodology is chosen). Some pre-built Secure By Design development methodologies exist (e.g. Microsoft Security Development Lifecycle).
Standards and legislation
Standards and Legislation exist to aide secure design by controlling the definition of "Secure", and providing concrete steps to testing and integrating secure systems.
Some examples of standards which cover or touch on Secure By Design principles:
- ETSI TS 103 645 [5] which is included in part in the UK Government "Proposals for regulating consumer smart product cyber security" [6]
- ISO/IEC 27000-series covers many aspects of secure design.
Server/client architectures
In server/client architectures, the program at the other side may not be an authorised client and the client's server may not be an authorised server. Even when they are, a man-in-the-middle attack could compromise communications.
Often the easiest way to break the security of a client/server system is not to go head on to the security mechanisms, but instead to go around them. A man in the middle attack is a simple example of this, because you can use it to collect details to impersonate a user. Which is why it is important to consider encryption, hashing, and other security mechanisms in your design to ensure that information collected from a potential attacker won't allow access.
Another key feature to client-server security design is
See also
- Computer security
- Cyber security standards
- Hardening
- Multiple Independent Levels of Security
- Secure by default
- Security through obscurity
- Software Security Assurance
References
- S2CID 19534342.
- ISBN 9781617294358.
- S2CID 17206801.
- )
- ^ "ETSI TS 103 645" (PDF).
- ^ "Policy paper: Proposals for regulating consumer smart product cyber security - call for views".