From the course: Developing Secure Software

Unlock the full course today

Join today to access over 24,500 courses taught by industry experts.

Case Study: Tactic-Oriented Architectural Analysis

Case Study: Tactic-Oriented Architectural Analysis

From the course: Developing Secure Software

Case Study: Tactic-Oriented Architectural Analysis

- [Instructor] To apply the tactic oriented architectural analysis or 12 phase of architectural analysis for security or ops to open EMR. It's important to have access to a person who is deeply knowledgeable about the software. Most probably this person is one of the software architects of open EMR. You'll be interviewing the software architect using the security tactics as your checklist as shown in the table here. One such interview question could be on the security tactics of verifying message integrity. Does the software do anything about the verification of message integrity? The answer may be mixed. In the case of open EMR, the architect said that message integrity verification is supported by means of standardized library function calls specializing in user input sanitization. Next, you need to think about what this answer truly means in terms of security design, rationale, and assumptions. The pattern oriented architectural analysis or PoAA phase is an aid that helps with this…

Contents