to the second episode off Cyber Security, Architect of Fundamentals. Introduction to Cyber Security.
we would go true. What a cyber security,
confidentiality, integrity and availability
We'll put in contacts where cyber security architecture fits in the overall cybersecurity domains.
And I will end up by illustrating, Why is it so difficult to get security requirements and why security architecture requires some experience.
All right, now let's start with the cost proper.
We'll begin with an introduction to cyber Security. If you're taking this class, assume you know what a cybersecurity. But we'll just reiterate the definitions. Well, according to the fits and I s C standards there a tree call principles and security, which is
integrity and availability.
Our jobs a cybersecurity Architects are to ensure that systems are solutions. Bill
work, Meet this tree principles
As we begin our journey in cyber Scooby architecture. This chart just a reminder that cyber security architecture is but one domain off the cyber security area.
To be an effective architect,
you should try to learn as much as you can about all the other domains and how they are related.
Do visit the link below
to get the full size picture. To look at it clearly,
let me begin with an example to illustrate separate security architecture.
You might get a request. Is an architect
to say built me a secure storage? Well, if that's the only requirement,
I can just deliver a solid concrete block, which would be extremely secure
that your user, Mike, say, own. That's not very useful. I need a secure storage where I can put things in.
All right, we'll cut a slit and we put a lid on top so that you could retrieve it.
So this is what we deliver.
And when you get back, you're using Mike's ace. No, that's too small. I want to secure storage where I can put things in where I can walk in.
Okay, so the size was wrong. In this case, we built a concrete building with a doll way so the users can walk into the building
Now on seeing the building. Your user, Mike say's Well, that's nice and well, but I want the door to be protected. I don't want people getting in and out,
fine. So in this case, we put a gate in front of the door.
After seeing the gate, your user might say, Well,
it's too transparent. I don't want people to be able to see inside
a door behind the gate,
so make sure the protection it's appropriate for the trip.
Are you trying to keep out a man, a dog or a red?
So from this picture, you can see there is a gate
for a child used to block the dark, but
the dog could easily go true.
how do all these apply to architecture?
it's easy to secure something if there's no need for interaction.
But systems are there
to serve a business purpose, so it's inevitable that you need interaction and connectivity.
Now from the previous example,
if you see the entrance as the network interface, the gate could be seen as a firewall, and the dog was seen as a proxy server or a Worf.
Well, it's not just good enough to put a firewall without knowing the tread
s seen in the previous example.
And the size of the gate grid can be seen
as your firewall rules,
so architecture should not stop at the device of the products we need to consider the configurations to
and the key to know what you do not know and who can help you in designing a secure system
Let's take some time to think about your work environment
and list out the various way security is managing the organization.
What other controls in place? Why are they there,
who was thought of it, who was using it and so on? This would be useful as we go deeper into the next topic.
Yeah, thinking off the example in the exercise Previously,
think about the principles used to secure the design.
Some off the common principles in a secure design would be the right amount of security.
Contrary to public opinion,
there is such a thing as too much security,
the cost of security versus the asset you're protecting.
It's very much an important decision.
The completeness off the design is also important.
It is no point having the best lots in the wall for a door if your windows are completely open.
So think about completeness of solution.
Fail safe is a way to make sure that even when the system crashes there is no way to get the system
the best example of a fail safe. It's the windows blue screen of death. When your windows crash and you get a blue screen, there is no way you can get to the falls in it. That that's the best example off a fail safe system.
Lait defense. It's another very important principles. We should be defending a system remotely layers of excess. For example, you have a firewall that blocks the network traffic. You might have another I PS or reverse proxy
or a wolf on top of that.
Furthermore, you can have host I PS on your systems and, for example, if is a database, you can have another layer off database activity monitoring systems.
Having these multiple layers helped prevent a breach with a failure off one off the layers off defense
acceptability. It's another very important principle off secure design.
If the cost of security makes it so hot to use, your users will find ways to circumvent the defenses. And, for example, if you need a 20 character password,
people will start writing it on post it and put it on the screens that would make the defense useless
and separation of duties is another very important concept. We should have separation off maker and checkers in all the configurations off all the important defenses.
Over time in history, there were many approaches to security
one off the olders waas security, true obscurity
in the belief that if no one knows what you're using, they wouldn't be able to hack it.
Now that has been proven wrong in many cases.
Sometimes people do security, true obsolescence, using very old antiquated products. And hopefully no one knows what to do with it
and then that security to minority, using the least common products in the hope that there is very little skills in industry for that
security. True diversity is the believe in using as many systems as possible in the belief that single person may not know so many systems.
Now all these methods have been proven ineffective.
What? We're advocating its security by design
that is considering security in every step off the process, from requirements to designed to build to deployment.
We'll go through some of these in the rest of the class.
I will end off this model.
Bye. Just reiterating why it's difficult to be a security architect,
mainly because security requirements are really hard
in the paper Software Security Assurance State of Art report. The reference can be found below
the daughter's list out the main six reasons why this is so,
the first of which is people involved are not likely to know OK about non functional requirements. Most stakeholders just want to tell you what the system should do and not what it should not do.
And there is still the perception that security limits, functionality or interferes of visibility.
I won't go into all the details and you can read the paper to find the specifics.
But that said, it is very important for security architect to be able to articulate some off the reasons all identify some off the places where controls are needed.
And this is where we would focus on in the next model, which is trapped hunting.
So after this more d'oh,
please identify some common principles for a secure design that you can think off
And can you name some approaches to security? It was mentioned.
Think about these as you proceed to the next morning.
in this model, we learned what is cybersecurity, confidentiality,
We went briefly True. The domains of cyber security. Please remember to download the picture to get a clear of you.
And I went through What is security architecture wise, Important
and lastly, why it is not easy.
Here are some additional resource you can get your hands on. Unfortunately, the software security Assurance State of the Art Report. It's a hard copy book, so that's a link now to help you identify which library you can get it
and security by design document. It's also a pretty good place to start.
Yeah, if you have the time,
you can start the next chapter, which is what is trapped modeling, and I will go true of examples off abuse and misuse cases,
looking forward to meeting you in the next model.