Viruses, Hackers, and Pirates

There are four main types of security you need to consider.

  • Digital identity management. Most enterprise systems provide services to either humans or other systems in fulfillment of a larger transaction. If you're building an enterprise application, some of the things you're going to be doing include defining different capabilities for different users and the roles that they assume, formally tracking their actions, and verifying that a given user is who he claims to be.

  • Transaction security . Communication between the various parts of your system must be secure, so that those parts cannot be replaced by unauthorized components , and so that messages cannot be intercepted, altered , or hijacked. Hackers can exploit holes in transaction security or simply prevent your transactions using denial-of-service attacks. You'll also need to protect against these.

  • Software security . You have to protect your software from viruses or hackers. Nobody should be able to alter your software except those you specifically authorize, and nobody should be able to exploit holes in your security to gain unauthorized access to one of your customers' systems. Software security protects your work from viruses, software pirates, and some hacking. One aspect of software security, software piracy (the illegal copying of software), was covered in Chapter 4.

  • Information security . The databases and information repositories used by your system need to be secured against unauthorized access or use. In many circumstances, the real target isn't the software that manages the Web site but the detailed transaction history, including such things as credit card numbers , that the software has stored in a database. Unless you take explicit steps to prevent unauthorized access, these data may be at risk.

Each type of security requires its own tools and techniques, which we'll cover in greater detail later in this chapter. Some techniques, such as maintaining confidentiality through encryption, can achieve higher security in more than one area. For example, to maintain confidentiality of messages or database records you can encrypt them.

Sometimes you may pay very little attention to one type of security and focus all of your attention elsewhere. At other times, you're going to have to explicitly account for all types of security. While information security may not be a strong requirement for a family financial management application running on a personal computer, it is likely to be of paramount importance to an enterprise application that maintains payroll records. While digital identity management isn't needed for a game that you play by yourself, it is critical when playing a multiplayer game for a monthly fee over the Internet! Getting clear on elements of security that are important for your application is key to creating a winning solution.

Managing Risk

The first thing most security experts will tell you is that there is no such thing as a secure system. You can increase the level of security, but you can never be 100 percent sure that your system is safe from all types of attack. For example, firewalls and intrusion detection tools are commonly used to prevent unauthorized access, but hackers are not the only concern. Disgruntled employees and others with physical access to your computers can create serious problems while completely bypassing the firewalls that are meant to keep hackers out. In fact, the risk management consulting firm Kroll estimates that 80% of all attacks happen from inside the firewall (you did perform a full background check of the temporary secretary before you let him borrow your corporate ID, didn't you?). Just as it is physically impossible to cool matter to absolute zero, it is also exponentially harder to make your system more secure. And you'll never be able to say that you're absolutely secure: You can't prevent every element of crazy human behavior.

You can't eliminate risk, but you can manage it. Usually, it isn't difficult to make hacking your system prohibitively expensive so that no real hacker will have the time or money to succeed. Consider software piracy. When large programs were first distributed on CD-ROM, piracy wasn't that bad. You couldn't copy a CD-ROM, and no one wanted to download 100Mb on a 56Kb modem. Those times are long gone, and copying software onto a variety of media or downloading it on high-speed Internet connections has led to a piracy explosion.

Just like anything else, it's possible to go too far with security. Storing all of your data in an encrypted format might make your system more secure, but will certainly prevent reasonable integrations with other systems. Security is an area where the marketect and the tarchitect must work together. The marketect must lead the assessments of risk by determining what harm will befall the customer, the company, or other entities if one or more elements of security are compromised. The tarchitect must inform the marketect of ways to handle these problems, as well as make her own assessment of risk (not too many marketects are going to worry about transaction security). Once the perceived risks and mechanisms to handle them are known, the marketect and the tarchitect can make the tough calls on how to deal with potential problems.

See No Evil, Speak No Evil

How big a problem is security? After all, it's fairly rare to hear of a large corporation having a major security problem. Maybe security is not a wise investment, and everyone would be better off putting their time and efforts in improving other aspects of the system.

According to the seventh annual joint FBI/Computer Security Institute (CSI) Computer Crime and Security Survey, 75% of the companies surveyed do not report security problems to law enforcement agencies because of negative publicity or fear of giving their competitors an advantage as a result. The same report showed that of the 500 corporations surveyed 40% reported denial-of-service attacks, 20% reported theft of proprietary information, 12% reported financial fraud, and 8% reported sabotage . In fact, security lapses result in hundreds of millions of dollars lost annually. The time to start considering security is right at the start, when you're designing the tarchitecture .

If you're working in an environment that doesn't worry about security, start shouting.

Beyond Software Architecture[c] Creating and Sustaining Winning Solutions
Beyond Software Architecture[c] Creating and Sustaining Winning Solutions
ISBN: 201775948
Year: 2005
Pages: 202 © 2008-2017.
If you may any questions please contact us: