Security and application life cycles
April 17, 2011There are a number of distinct security-related activities that should be an integral part of your application life cycle. These are:
Security Objectives. Define security objectives and requirements early in the process. Security objectives are goals and constraints that affect the confidentiality, integrity, and availability of your data and application.
Design Guidelines for Security. To avoid many of the vulnerabilities introduced by poor design choices, your design activity should use proven design practices, patterns, and principles. By organizing these design patterns and practices into common vulnerability categories, you can focus on those areas where security mistakes are most often made.
Threat Modeling. Threat modeling helps you to understand and identify the threats and vulnerabilities relevant to your specific application scenario.
Architecture and Design for Security. The architecture and design review process analyzes the architecture and design from a security perspective. It examines a number of aspects including deployment and infrastructure, overall application architecture and design, and each tier in the application.
Code Review for Security. All code should be subject to code inspections where the emphasis is on identifying security vulnerabilities. This should be a continuous activity during the development and test phases of the application life cycle.
Security Testing. Use a risk-based approach and use the output from the threat modeling activity to help establish the scope of your testing activities and define your test plans.
Deployment Review for Security. When your application is deployed, you need to be sure that weak or inappropriate configuration settings do not introduce security vulnerabilities.
Activity Summary
The threat modeling activity shows input and output for each step.
|
Input |
Step | Output |
| Business Requirements | Identify security objectives | Key Security Objectives |
| Security Policies | ||
| Compliances Requirements | ||
| Deployment Diagrams | Create an Application Overview | Whiteboard-style diagram with end-to-end deployment scenario |
| Use Cases | Key Scenarios | |
| Functional Specifications | Roles | |
| Technologies | ||
| Application Security Mechanism | ||
| Deployment Diagrams | Decompose Known Existing Applications | Create / Document Trust Boundaries |
| Use Cases | Entry Points | |
| Functional Specifications | Decompose Future Applications (pre-production) | Exit Points |
| Data Flows | ||
| Common Threats | Indentify Threats | Threat List |
| Common Vulnerabilities | Indentify Vulnerabilities | Vulnerability List |
Application-Specific Guidelines
Depending on the application being designed, the types of issues that must be addressed vary. The categories defined in each application-specific security frame were defined by security experts who have examined and analyzed the top security issues across many applications.
For example, when you design a secure Web application, it is important that you follow guidelines to ensure effective user authentication and authorization, to protect sensitive data as it is transmitted over public networks, and to prevent attacks such as session hijacking. Some of the important Web application issues that must be addressed with secure design practices are shown below.
When you design a secure, smart client application, the set of guidelines changes to address the most important threats for this application type. For example, authentication and authorization are no longer such important concerns; however, input / data validation and exception handling are.
www.bestitdocuments.com