SlideShare a Scribd company logo

Security architecture design patterns iltam 2018 - ofer rivlin

Download as PPTX, PDF
Ofer Rivlin, CISSP
Ofer Rivlin, CISSP

Presented at 'the fifth Israeli conference on software architecture' http://www.sw-arch2018.iltam.org

Engineering
1 of 43
SECURITY DESIGN PATTERNS Ofer Rivlin Product Security Architecture Lead 1 5TH ISRAELI CONFERENCE ON SOFTWARE ARCHITECTURE
Product security architecture lead at CyberArk 10 years as a cybersecurity architect and researcher 10 years as a software & system architect & developer (not overlapping ) Passionate about innovative technology and cybersecurity OFER RIVLIN 2
Review of 4 security design patterns Covering description & standard, examples, threats and risks of fixing after the fact • Clear separation between layers • Segregate components • Centralized security controls • Fail securely • Minimize attack surface area • Separation of concerns (duties) • Principle of defense in depth AGENDA 3 • Avoid security by obscurity • Principle of least privilege • Zero trust • Establish secure defaults • Use a low-privilege account for app components • Keep sensitive data out of client-side code • Keep security simple • . . .
Review of 4 security design patterns Covering description & standard, examples, threats and risks of fixing after the fact • Clear separation between layers • Segregate components • Centralized security controls • Fail securely • Minimize attack surface area • Separation of concerns (duties) • Principle of defense in depth AGENDA 4 • Avoid security by obscurity • Principle of least privilege • Zero trust • Establish secure defaults • Use a low-privilege account for app components • Keep sensitive data out of client-side code • Keep security simple • . . .
• Security layer • Well designed architecture can prevent attacks even if there are vulnerabilities WHY DESIGN PATTERNS 5
• Security layer • Well designed architecture can prevent attacks even if there are vulnerabilities • Must be part of any architecture WHY DESIGN PATTERNS 6
• Security layer • Well designed architecture can prevent attacks even if there are vulnerabilities • Must be part of any architecture from day #1 WHY DESIGN PATTERNS 7
8 CLEAR SEPARATION BETWEEN LAYERS
Ensure there is a clear separation between the data - controller – display layers such that security decisions can be enforced on trusted systems CLEAR SEPARATION BETWEEN LAYERS 9
10
• Malicious code injected as ‘Data’ and executed by the Controller • Malicious code execution and affects Data Confidentiality and Integrity • Confidential data exposed by Presentation layer THREATS 11
12
• Very high effort • Redesign and re-implementing big parts of the solution RISKS OF FIXING AFTER THE FACT 13
14 SEGREGATE COMPONENTS
Ensure that components are segregated via a defined security control such as network segmentation firewall rules etc. SEGREGATE COMPONENTS WITH SECURITY CONTROLS 15
16
• Adversaries and malicious code travel between components • No authorization control between the different components THREATS 17
18 Server SK Server PK
• Potential for a very high effort • May require redesign and reimplementation due to dependencies • May require redesign of the authorization model RISKS OF FIXING AFTER THE FACT 19
20 CENTRALIZED SECURITY CONTROLS
Verify that all security controls (including libraries that call external security services) have a Centralized implementation CENTRALIZED IMPLEMENTATION FOR SECURITY CONTROLS 21
22
• Authentication • Authorization • Input validation • Output validation (XSS, errors, etc.) • Audit logging • APIs and pages • Anti CSRF EXAMPLES OF AFFECTED CONTROLS 23
• Missing Controls (forgotten) • Not updated Controls THREATS 24
• Very high effort • Rewiring of every object to this control, sometimes in several places. • Risk of forgetting to connect objects or different places • Similar to implementing non-centralized controls RISKS OF FIXING AFTER THE FACT 25
26 FAIL SECURELY
The solution should always stay secure also in a failure FAIL SECURELY 27
28
29 Android debug bridge daemon Android Host
30
31
32
33 Android Host Android debug bridge daemon
34 Android Host Android debug bridge daemon
35
36
37
38
39 SUMMARY
• Security layer • Must be part of any architecture from day #1 SUMMARY 40
SUMMARY 41 We reviewed these patterns • Clear separation between layers • Segregate components • Centralized security controls • Fail securely
We reviewed these patterns • Clear separation between layers • Segregate components • Centralized security controls • Fail securely SUMMARY 42 Not covered patterns in this talk • Minimize attack surface area • Separation of concerns (duties) • Principle of defense in depth • Avoid security by obscurity • Principle of least privilege • Zero trust • Establish secure defaults • Use a low-privilege account for app components • Keep sensitive data out of client-side code • Keep security simple • . . .
THANK YOU! Ofer Rivlin Product Security Architecture Lead ofer.rivlin@cyberark.com 43

Recommended

CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami LaihoCSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami LaihoNCCOMMS
 
AWS Summit Singapore 2019 | Pragmatic Container Security
AWS Summit Singapore 2019 | Pragmatic Container SecurityAWS Summit Singapore 2019 | Pragmatic Container Security
AWS Summit Singapore 2019 | Pragmatic Container SecurityAWS Summits
 
CSF18 - How to Block Ransomware - Sami Laiho
CSF18 - How to Block Ransomware - Sami LaihoCSF18 - How to Block Ransomware - Sami Laiho
CSF18 - How to Block Ransomware - Sami LaihoNCCOMMS
 
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldJakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldCodiax
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i SecurityPrecisely
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best PracticesPrecisely
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 

Recommended

CSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami LaihoCSF18 - Moving from Reactive to Proactive Security - Sami Laiho
CSF18 - Moving from Reactive to Proactive Security - Sami LaihoNCCOMMS
 
AWS Summit Singapore 2019 | Pragmatic Container Security
AWS Summit Singapore 2019 | Pragmatic Container SecurityAWS Summit Singapore 2019 | Pragmatic Container Security
AWS Summit Singapore 2019 | Pragmatic Container SecurityAWS Summits
 
CSF18 - How to Block Ransomware - Sami Laiho
CSF18 - How to Block Ransomware - Sami LaihoCSF18 - How to Block Ransomware - Sami Laiho
CSF18 - How to Block Ransomware - Sami LaihoNCCOMMS
 
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldJakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldCodiax
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i SecurityPrecisely
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best PracticesPrecisely
 
Canadian Cyber Cecurity
Canadian Cyber CecurityCanadian Cyber Cecurity
Canadian Cyber CecurityPeter Scheffler
 
Building a Hacker Resistant Network
Building a Hacker Resistant Network Building a Hacker Resistant Network
Building a Hacker Resistant Network Sentry Global Technologies, LLC
 
운영체제론 Ch19
운영체제론 Ch19운영체제론 Ch19
운영체제론 Ch19Jongmyoung Kim
 
Security Framework for the IPv6 Era
Security Framework for the IPv6 EraSecurity Framework for the IPv6 Era
Security Framework for the IPv6 EraShinsuke SUZUKI
 
Ransomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondRansomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondAlgoSec
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1 Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1Tripwire
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
ANET SureLog International Edition Main Advantages
ANET SureLog International Edition Main AdvantagesANET SureLog International Edition Main Advantages
ANET SureLog International Edition Main AdvantagesMurat Korucu
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoNCCOMMS
 
Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC coreMona Arkhipova
 
QIWI SOC benchmarking: Blue Team story
QIWI SOC benchmarking: Blue Team storyQIWI SOC benchmarking: Blue Team story
QIWI SOC benchmarking: Blue Team storyMona Arkhipova
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Digital Bond
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
SteveNuccioResume2
SteveNuccioResume2SteveNuccioResume2
SteveNuccioResume2Steve Nuccio
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 PresentationAmy McMullin
 
Security challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasaraoSecurity challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasaraoCysinfo Cyber Security Community
 
Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Randy Lin
 
Genian NAC Datasheet
Genian NAC Datasheet Genian NAC Datasheet
Genian NAC Datasheet GENIANS, INC.
 
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...North Texas Chapter of the ISSA
 
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon
 
Started In Security Now I'm Here
Started In Security Now I'm HereStarted In Security Now I'm Here
Started In Security Now I'm HereChristopher Grayson
 

More Related Content

What's hot

Security Framework for the IPv6 Era
Security Framework for the IPv6 EraSecurity Framework for the IPv6 Era
Security Framework for the IPv6 EraShinsuke SUZUKI
 
Ransomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondRansomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondAlgoSec
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1 Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1Tripwire
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
ANET SureLog International Edition Main Advantages
ANET SureLog International Edition Main AdvantagesANET SureLog International Edition Main Advantages
ANET SureLog International Edition Main AdvantagesMurat Korucu
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoNCCOMMS
 
QIWI SOC benchmarking: Blue Team story
QIWI SOC benchmarking: Blue Team storyQIWI SOC benchmarking: Blue Team story
QIWI SOC benchmarking: Blue Team storyMona Arkhipova
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Digital Bond
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
SteveNuccioResume2
SteveNuccioResume2SteveNuccioResume2
SteveNuccioResume2Steve Nuccio
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 PresentationAmy McMullin
 
Security challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasaraoSecurity challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasaraoCysinfo Cyber Security Community
 
Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Randy Lin
 
Genian NAC Datasheet
Genian NAC Datasheet Genian NAC Datasheet
Genian NAC Datasheet GENIANS, INC.
 
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...North Texas Chapter of the ISSA
 

What's hot (20)

Building a Hacker Resistant Network
Building a Hacker Resistant Network Building a Hacker Resistant Network
Building a Hacker Resistant Network
 
운영체제론 Ch19
운영체제론 Ch19운영체제론 Ch19
운영체제론 Ch19
 
Security Framework for the IPv6 Era
Security Framework for the IPv6 EraSecurity Framework for the IPv6 Era
Security Framework for the IPv6 Era
 
Ransomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respondRansomware Attack: Best Practices to proactively prevent contain and respond
Ransomware Attack: Best Practices to proactively prevent contain and respond
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. Control
 
Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1 Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’ts
 
ANET SureLog International Edition Main Advantages
ANET SureLog International Edition Main AdvantagesANET SureLog International Edition Main Advantages
ANET SureLog International Edition Main Advantages
 
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami LaihoCSF18 - The Night is Dark and Full of Hackers - Sami Laiho
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
 
Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC core
 
QIWI SOC benchmarking: Blue Team story
QIWI SOC benchmarking: Blue Team storyQIWI SOC benchmarking: Blue Team story
QIWI SOC benchmarking: Blue Team story
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05
 
SteveNuccioResume2
SteveNuccioResume2SteveNuccioResume2
SteveNuccioResume2
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
 
Chapter 11 Presentation
Chapter 11 PresentationChapter 11 Presentation
Chapter 11 Presentation
 
Security challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasaraoSecurity challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasarao
 
Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議Symantec 賽門鐵克產線機台防護方案建議
Symantec 賽門鐵克產線機台防護方案建議
 
Genian NAC Datasheet
Genian NAC Datasheet Genian NAC Datasheet
Genian NAC Datasheet
 
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
NTXISSACSC3 - Beyond ISO 27034 - Intel's Product Security Maturity Model (PSM...
 

Similar to Security architecture design patterns iltam 2018 - ofer rivlin

DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon
 
Started In Security Now I'm Here
Started In Security Now I'm HereStarted In Security Now I'm Here
Started In Security Now I'm HereChristopher Grayson
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Chicago
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...John M. Willis
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCJohn M. Willis
 
7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptx7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptxroongrus
 
Cloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate OnCloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate OnSamuel Reed
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyAmazon Web Services
 
Introducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesIntroducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesCodefresh
 
Owasp Proactive Controls for Web developer
Owasp Proactive Controls for Web developerOwasp Proactive Controls for Web developer
Owasp Proactive Controls for Web developerSameer Paradia
 
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...VMworld
 
The New Security Practitioner
The New Security PractitionerThe New Security Practitioner
The New Security PractitionerAdrian Sanabria
 
Key Findings from the 2019 State of DevOps Report
Key Findings from the 2019 State of DevOps ReportKey Findings from the 2019 State of DevOps Report
Key Findings from the 2019 State of DevOps ReportPuppet
 
Application Security from the Inside Out
Application Security from the Inside OutApplication Security from the Inside Out
Application Security from the Inside OutUlisses Albuquerque
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 

Similar to Security architecture design patterns iltam 2018 - ofer rivlin (20)

DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
 
Started In Security Now I'm Here
Started In Security Now I'm HereStarted In Security Now I'm Here
Started In Security Now I'm Here
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLC
 
Lecture 10.pptx
Lecture 10.pptxLecture 10.pptx
Lecture 10.pptx
 
7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptx7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptx
 
Cloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate OnCloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate On
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
 
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
 
Introducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI PipelinesIntroducing a Security Feedback Loop to your CI Pipelines
Introducing a Security Feedback Loop to your CI Pipelines
 
Owasp Proactive Controls for Web developer
Owasp Proactive Controls for Web developerOwasp Proactive Controls for Web developer
Owasp Proactive Controls for Web developer
 
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
VMworld 2016: Migrating from a hardware based firewall to NSX to improve perf...
 
W982 05092004
W982 05092004W982 05092004
W982 05092004
 
The New Security Practitioner
The New Security PractitionerThe New Security Practitioner
The New Security Practitioner
 
Key Findings from the 2019 State of DevOps Report
Key Findings from the 2019 State of DevOps ReportKey Findings from the 2019 State of DevOps Report
Key Findings from the 2019 State of DevOps Report
 
Software Security
Software SecuritySoftware Security
Software Security
 
Application Security from the Inside Out
Application Security from the Inside OutApplication Security from the Inside Out
Application Security from the Inside Out
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
 

More from Ofer Rivlin, CISSP

Ofer rivlin BGU - department seminar
Ofer rivlin BGU - department seminarOfer rivlin BGU - department seminar
Ofer rivlin BGU - department seminarOfer Rivlin, CISSP
 
Android's security architecture
Android's security architectureAndroid's security architecture
Android's security architectureOfer Rivlin, CISSP
 
Connected cars - the security challenge: Vehicles, Networks & Protocols
Connected cars - the security challenge: Vehicles, Networks & ProtocolsConnected cars - the security challenge: Vehicles, Networks & Protocols
Connected cars - the security challenge: Vehicles, Networks & ProtocolsOfer Rivlin, CISSP
 
How to hack cryptographic protocols with Formal Methods
How to hack cryptographic protocols with Formal MethodsHow to hack cryptographic protocols with Formal Methods
How to hack cryptographic protocols with Formal MethodsOfer Rivlin, CISSP
 

More from Ofer Rivlin, CISSP (6)

Zk bug bounty
Zk bug bountyZk bug bounty
Zk bug bounty
 
Ofer rivlin BGU - department seminar
Ofer rivlin BGU - department seminarOfer rivlin BGU - department seminar
Ofer rivlin BGU - department seminar
 
Android's security architecture
Android's security architectureAndroid's security architecture
Android's security architecture
 
Connected cars - the security challenge: Vehicles, Networks & Protocols
Connected cars - the security challenge: Vehicles, Networks & ProtocolsConnected cars - the security challenge: Vehicles, Networks & Protocols
Connected cars - the security challenge: Vehicles, Networks & Protocols
 
Bleeding secrets
Bleeding secretsBleeding secrets
Bleeding secrets
 
How to hack cryptographic protocols with Formal Methods
How to hack cryptographic protocols with Formal MethodsHow to hack cryptographic protocols with Formal Methods
How to hack cryptographic protocols with Formal Methods
 

Recently uploaded

FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoordharasingh5698
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueBhangaleSonal
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfKamal Acharya
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfSuman Jyoti
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfJiananWang21
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptDineshKumar4165
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfRagavanV2
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startQuintin Balsdon
 

Recently uploaded (20)

FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 

Security architecture design patterns iltam 2018 - ofer rivlin

  • 1. SECURITY DESIGN PATTERNS Ofer Rivlin Product Security Architecture Lead 1 5TH ISRAELI CONFERENCE ON SOFTWARE ARCHITECTURE
  • 2. Product security architecture lead at CyberArk 10 years as a cybersecurity architect and researcher 10 years as a software & system architect & developer (not overlapping ) Passionate about innovative technology and cybersecurity OFER RIVLIN 2
  • 3. Review of 4 security design patterns Covering description & standard, examples, threats and risks of fixing after the fact • Clear separation between layers • Segregate components • Centralized security controls • Fail securely • Minimize attack surface area • Separation of concerns (duties) • Principle of defense in depth AGENDA 3 • Avoid security by obscurity • Principle of least privilege • Zero trust • Establish secure defaults • Use a low-privilege account for app components • Keep sensitive data out of client-side code • Keep security simple • . . .
  • 4. Review of 4 security design patterns Covering description & standard, examples, threats and risks of fixing after the fact • Clear separation between layers • Segregate components • Centralized security controls • Fail securely • Minimize attack surface area • Separation of concerns (duties) • Principle of defense in depth AGENDA 4 • Avoid security by obscurity • Principle of least privilege • Zero trust • Establish secure defaults • Use a low-privilege account for app components • Keep sensitive data out of client-side code • Keep security simple • . . .
  • 5. • Security layer • Well designed architecture can prevent attacks even if there are vulnerabilities WHY DESIGN PATTERNS 5
  • 6. • Security layer • Well designed architecture can prevent attacks even if there are vulnerabilities • Must be part of any architecture WHY DESIGN PATTERNS 6
  • 7. • Security layer • Well designed architecture can prevent attacks even if there are vulnerabilities • Must be part of any architecture from day #1 WHY DESIGN PATTERNS 7
  • 9. Ensure there is a clear separation between the data - controller – display layers such that security decisions can be enforced on trusted systems CLEAR SEPARATION BETWEEN LAYERS 9
  • 10. 10
  • 11. • Malicious code injected as ‘Data’ and executed by the Controller • Malicious code execution and affects Data Confidentiality and Integrity • Confidential data exposed by Presentation layer THREATS 11
  • 12. 12
  • 13. • Very high effort • Redesign and re-implementing big parts of the solution RISKS OF FIXING AFTER THE FACT 13
  • 15. Ensure that components are segregated via a defined security control such as network segmentation firewall rules etc. SEGREGATE COMPONENTS WITH SECURITY CONTROLS 15
  • 16. 16
  • 17. • Adversaries and malicious code travel between components • No authorization control between the different components THREATS 17
  • 19. • Potential for a very high effort • May require redesign and reimplementation due to dependencies • May require redesign of the authorization model RISKS OF FIXING AFTER THE FACT 19
  • 21. Verify that all security controls (including libraries that call external security services) have a Centralized implementation CENTRALIZED IMPLEMENTATION FOR SECURITY CONTROLS 21
  • 22. 22
  • 23. • Authentication • Authorization • Input validation • Output validation (XSS, errors, etc.) • Audit logging • APIs and pages • Anti CSRF EXAMPLES OF AFFECTED CONTROLS 23
  • 24. • Missing Controls (forgotten) • Not updated Controls THREATS 24
  • 25. • Very high effort • Rewiring of every object to this control, sometimes in several places. • Risk of forgetting to connect objects or different places • Similar to implementing non-centralized controls RISKS OF FIXING AFTER THE FACT 25
  • 27. The solution should always stay secure also in a failure FAIL SECURELY 27
  • 28. 28
  • 29. 29 Android debug bridge daemon Android Host
  • 30. 30
  • 31. 31
  • 32. 32
  • 35. 35
  • 36. 36
  • 37. 37
  • 38. 38
  • 40. • Security layer • Must be part of any architecture from day #1 SUMMARY 40
  • 41. SUMMARY 41 We reviewed these patterns • Clear separation between layers • Segregate components • Centralized security controls • Fail securely
  • 42. We reviewed these patterns • Clear separation between layers • Segregate components • Centralized security controls • Fail securely SUMMARY 42 Not covered patterns in this talk • Minimize attack surface area • Separation of concerns (duties) • Principle of defense in depth • Avoid security by obscurity • Principle of least privilege • Zero trust • Establish secure defaults • Use a low-privilege account for app components • Keep sensitive data out of client-side code • Keep security simple • . . .
  • 43. THANK YOU! Ofer Rivlin Product Security Architecture Lead ofer.rivlin@cyberark.com 43