Chapter 16. Security

with  Ron  Lunde
System  Architect
Aladdin  Knowledge  Systems,  Inc.

Most of what you're trying to accomplish with your tarchitecture is making things easy. You want your products and systems to be easy for your usersto install, to configure, to use, and to learn. You want them to be easy for your developersto understand, to change, to extend, and to repurpose . If problems occur, you want them to be easy to detect, diagnose, and fix. And, you want them to be easy for the ecosystem that inevitably develops around a winning solutioneasy for solution providers to extend, easy for system integrators to integrate, and easy for operations to install, maintain, and extend as necessary.

The main difference with software security is that it's not about making things easy. It's about making things hard. You want your software to be hard to steal, hard to misuse, and hard to fool. You want to make certain that no one is cheating your business model or using your software against the terms of the license agreement.

Security is an essential part of a winning solution, yet it is often overlooked until the system is nearing completion. Just like an effective error- or exception-handling scheme, security must be taken into consideration during the design of tarchitecture. It isn't icing on a cake; it's eggs in the batter, and if it isn't in there at the start, you can't go back and add it when you take it out of the oven and serve it to your customers.

In this chapter we'll explore the ways in which software and the data that it manages can be misused and some of the techniques and technologies used to prevent misuse.

Keep in mind that security is a huge topic. Many excellent books have been written about security, and on specific aspects of security, such as cryptography. You should find this chapter useful even if you've read those books, since our focus is on how to create a winning solution using the technologies available to you rather than on the details of the technologies themselves .