Lessons Learned

There were several lessons learned as we worked our way through the case study. Overall, we learned that there are no silver bullets when it comes to security. Security is a holistic process that must begin at the start of the software development process and continue through the life cycle until the application is finally retired. It must be addressed at every stage and by a number of different roles.

We also learned that there are a number of factors that go into determining the patterns and strategies for securing an application. A good security design takes all the factors into account and derives the necessary security requirements from the business needs and other nonfunctional system requirements. Decisions and trade-offs must be made at every step of the process. We do this as part of the risk analysis and mitigation. The security design also holds true across the tiers of the system by verifying through factor analysis and tier analysis. Often, as is the case in our scenario, different patterns or strategies are used in different tiers, depending on external factors. In the Web tier, we chose to implement our own form-based authentication mechanism using the Authentication Enforcer pattern. In the Web Services tier, we chose to use authentication and authorization using SAML assertions for message-level security and SSL-based mutual client certificate authentication for ensuring transport-level security.