Download presentation
Presentation is loading. Please wait.
Published byGriffin Barrett Modified over 9 years ago
1
Security Architecture and Design Chapter 4 Part 1 Pages 297 to 319
2
Bugs and Flaws Security Bug – Vulnerability in the software Security Flaw – Vulnerability in the architecture or design About 50%-50%
3
Today’s Environment Security bug and flaws account for the majority of compromises We are better at protecting the perimeter with Firewalls, IPS, etc. More demands for functionality has made software more complex As complexity increases security decreases
4
Approaches Bake Security In from the start – From Architecture to Design to Implementation to Testing – Correct approach Bolt Security on at the end – Often not enough time – Much harder to do
5
Security “The security that a product provides must be evaluated based upon the availability, integrity, and confidentiality that it claims to provide.” Need to really understand how technology works to determine the proper level of security that is truly in place.
6
Waterfall Model Architect the system Write Specification Requirements Design Implement = code Test Deploy
7
System Architecture Conceptually understand the system structure and behavior and its relationship to its environment Outline the main goals the system must achieve Big picture
8
System Architecture Architectural Description for a software intensive system – ISO/IEC/IEEEE 42010 Security needs to be considered while architecting the system
9
Stakeholder Stakeholder – Individual, team, or organization with interest in the system View – representation of the system from a particular perspective “The architect needs to capture the goals that the system is supposed to accomplish for each stakeholder.”
10
Computer Architecture Computer hardware Operating system Network
11
Computers
12
Buses Most systems today have 64-bit address and data buses
13
CPU
14
Registers PC (Program Counter) – address of next instruction General Registers – Hold data Special Registers – SP (Stack pointer) – PSW (Program Status Word) Bit of negative result Bit for Zero result
15
PSW Bit for mode – User mode (where applications run) – Privileged (Kernel, Supervisor) mode for Operating System I/O
16
Stack Pointer Local Variables Return Address Parameters Local Variable Return Address Parameters
17
Multicore Processor
18
Multiprocessing (See page 311)
19
Process Program loaded in memory Multiprogramming OS – more than one process (program) can be loaded in memory (See page 319) Preemptive multitasking – time sharing
20
Figure 4-6 on Page 314
21
Process Table
22
Interrupts Timer Device – When a device needs to communicate with the CPU – Disk completed I/O operation
23
Interrupts
24
Threads Instructions generated by a process when it has a specific activity that needs to be carried out by the operating system. Microsoft Word – Open a file – Print a document – Save a file
25
Mulithreading
26
Code Injection Attack Attacker injects instructions into a running process. Keylogger, send out malware, If running at privilege mode OWASP Top Ten – https://www.owasp.org/index.php/Top_10_2013- Top_10 https://www.owasp.org/index.php/Top_10_2013- Top_10 – A9 Using Components with Known Vulnerabilities
27
Process Scheduling Responsibility of the operating system Process priorities – Low priority background process – High priority process hogging the system resources Denial of Services attack
28
Software Deadlock A has resources 1 and requests 2 B has resource 2 and requests 1
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.