21_Security_and_Trust

21_Security_and_Trust - SecurityandTrust Lecture21...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture Lecture 21
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Foundations, Theory, and Practice Software Architecture Software Architecture Outline Security Design Principles Architectural Access Control Access Control Models Connector-Centric Architectural Access Control Trust Trust Model Reputation-based Systems Architectural Approach to Decentralized Trust  Management
Background image of page 2
3 Foundations, Theory, and Practice Software Architecture Software Architecture Security “The protection afforded to an automated information  system in order to attain the applicable objectives of  preserving the  integrity availability  and  confidentiality   of information system resources (includes hardware,  software, firmware, information/data, and  telecommunications).”  National Institute of Standards and Technology
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Foundations, Theory, and Practice Software Architecture Software Architecture Confidentiality, Integrity, and Availability  Confidentiality Preserving the  confidentiality  of information means  preventing unauthorized parties from accessing the  information or perhaps even being aware of the existence  of the information. I.e., secrecy. Integrity Maintaining the  integrity  of information means that only  authorized parties can manipulate the information and do  so only in authorized ways. Availability Resources are  available  if they are accessible by  authorized parties on all appropriate occasions. 
Background image of page 4
5 Foundations, Theory, and Practice Software Architecture Software Architecture Design Principles for Computer Security Least Privilege : give each component only the  privileges it requires Fail-safe Defaults : deny access if explicit permission is  absent Economy of Mechanism : adopt simple security  mechanisms Complete Mediation : ensure every access is permitted Design : do not rely on secrecy for security
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Foundations, Theory, and Practice Software Architecture Software Architecture Design Principles for Computer Security  (cont’d) Separation of Privilege : introduce multiple parties to  avoid exploitation of privileges Least Common Mechanism : limit critical resource  sharing to only a few mechanisms Psychological Acceptability : make security  mechanisms usable Defense in Depth : have multiple layers of  countermeasures
Background image of page 6
7 Foundations, Theory, and Practice Software Architecture Software Architecture Security for Microsoft IIS --from [Wing, 2003]
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Foundations, Theory, and Practice Software Architecture Software Architecture Architectural Access Control Models Decide whether access to a protected resource should  be granted or denied Discretionary access control
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 08/24/2010 for the course CS 578 taught by Professor Staff during the Spring '08 term at USC.

Page1 / 35

21_Security_and_Trust - SecurityandTrust Lecture21...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online