From the course: Developing Secure Software
Unlock the full course today
Join today to access over 24,500 courses taught by industry experts.
Case Study: Tactic-Oriented Architectural Analysis
From the course: Developing Secure Software
Case Study: Tactic-Oriented Architectural Analysis
- [Instructor] To apply the tactic oriented architectural analysis or 12 phase of architectural analysis for security or ops to open EMR. It's important to have access to a person who is deeply knowledgeable about the software. Most probably this person is one of the software architects of open EMR. You'll be interviewing the software architect using the security tactics as your checklist as shown in the table here. One such interview question could be on the security tactics of verifying message integrity. Does the software do anything about the verification of message integrity? The answer may be mixed. In the case of open EMR, the architect said that message integrity verification is supported by means of standardized library function calls specializing in user input sanitization. Next, you need to think about what this answer truly means in terms of security design, rationale, and assumptions. The pattern oriented architectural analysis or PoAA phase is an aid that helps with this…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
Introduction to secure design1m 42s
-
(Locked)
Security tactics1m 50s
-
(Locked)
Security patterns1m 45s
-
(Locked)
Security vulnerabilities2m 7s
-
(Locked)
Architectural analysis for security1m 53s
-
(Locked)
Software security anti-patterns2m 33s
-
(Locked)
Case Study: Setting the Stage30s
-
(Locked)
Case Study: Tactic-Oriented Architectural Analysis1m 42s
-
(Locked)
Case Study: Pattern-Oriented Architectural Analysis2m 37s
-
(Locked)
Case Study: Vulnerability-Oriented Architectural Analysis1m 43s
-
-
-
-
-