High-Assurance Design: Architecting Secure and Reliable Enterprise Applications
暫譯: 高保證設計：架構安全可靠的企業應用程式

Description

How to Design for Software Reliability, Security, and Maintainability

Many enterprises unfortunately depend on software that is insecure, unreliable, and fragile. They compensate by investing heavily in workarounds and maintenance, and by employing hordes of "gurus" to manage their systems' flaws. This must change. And it can. In this book, respected software architect Clifford J. Berg shows how to design high-assurance applications—applications with proven, built-in reliability, security, manageability, and maintainability.

High-Assurance Design presents basic design principles and patterns that can be used in any contemporary development environment and satisfy the business demand for agility, responsiveness, and low cost. Berg draws on real-world experience, focusing heavily on the activities and relationships associated with building superior software in a mainstream business environment. Practicing architects, lead designers, and technical managers will benefit from the coverage of the entire software lifecycle, showing how to:

• Understand and avoid the problems that lead to unreliable, insecure software

• Refocus design and development resources to improve software

• Identify project risks and plan for assurable designs

• Obtain the requirements needed to deliver high assurance

• Design application systems that meet the identified requirements

• Verify that the design satisfies these requirements

• Plan and design tests for reliability and security

• Integrate security design, reliability design, and application design into one coherent set of processes

• Incorporate these concerns into any software development methodology

Table of Contents

Foreword.

Acknowledgments.

About the Author.

Preface.

1. Introduction.

2. Assurance Requirements.

3. Design Specification and Verification.

4. Planning for an Assurable Design.

5. Methods of Attack.

6. Realms of Trust.

7. Access Control Containers.

8. Compartmentalization and Classification.

9. Transport and Storage of Secrets.

10. Design Considerations for Secure Operation.

11. Compositional Integrity.

12. Concurrency.

13. Transactional Integrity.

14. Caching and Replication.

15. Distributed Services and Messaging.

16. Manageability.

17. Maintainability.

18. Failure Response Design.

19. Methodological Considerations.

20. Case Study: Transactional Integrity.

21. Case Study: Application Security.

22. Case Study: Manageability.

Appendix A: References.

Appendix B: Failure Response Conditions and Requirements.

Appendix C: List of Design Principles, by Chapter.

Appendix D: List of Design Patterns, Alphabetical.

Appendix E: List of Attack Patterns, by Section.

Index.