The document discusses designing highly available and secure systems. It covers security concepts like threats, vulnerabilities, and controls. Common security threats like OWASP top 10 vulnerabilities are explained. Symmetric and asymmetric encryption techniques are described along with digital certificates and SSL. Web security best practices are provided. For availability, concepts like MTBF, MTTR and downtime calculations are covered. Tactics to improve availability like embracing failures, bulkheading and circuit breakers are presented.

1. DESIGN HIGHLY AVAILABLE
AND SECURE SYSTEM

2. I’M ANDI PANGERAN
@ANDI_PANGERAN
CYBERCODING.WORDPRESS.COM
SOFTWARE CRAFTMANSHIP @ JURNAL.ID

3. AGENDA
 Security Concepts and Principles
 Common Security Threats and Vulnerabilities
 Security Tactics
 Availability Concept & Principles
 Availability Tactics

4. SECURITY CONCEPT & PRINCIPLES

5. SECURITY OVERVIEW
Protecting the
secrecy and
privacy of
information
Ensuring that
system and
data can be
accessed when
Protecting the “accuracy”
of information and data
from improper modification

6. SECURITY CONCEPT AND PRINCIPLES
Threats Vulnerability
Exploit
Risk
Leads to
Asset
Remaining Risk
Control
Mitigate
Remaining Risk

7. THREATS AND VULNERABILITIES
OWASP top 10 for 2013

8. THREATS AND VULNERABILITIES
OWASP top 10 for 2013

9. THREATS AND VULNERABILITIES
OWASP top 10 for 2013

10. THREATS AND VULNERABILITIES
Other common threats
• Improper Error Handling
• Environments mismatch problems (ex : dev vs prod)
• Denial Of Service (DOS) and DDOS
• Man-In-The-Middle (MITM)
• Policy, Audit, and Logging Failures

11. SECURITY CONTROLS
• Authentication
• Something you know
• Something you have
• Something you are
• Authorization & Access Control
• Separation of duties & Limit exposure
• Least Privilege (non root account)
• Maintain data confidentiality at transit, storage and archival
• Maintain data and process integrity
• Secure the weakest link

12. CRYPTOGRAPHIC TECHNIQUES
• Encoding
• Encryption
• Hashing
• Obfuscation

13. SYMMETRIC ENCRYPTION
• Stream cipher :
encrypt all stream bit / bit, ex: RC4
• Block cipher
Encrypt block per block, ex: AES, Blowfish, Twofish, DES
Type of block cipher modes : ECB, CBC, CFB OFB, CTR

14. SYMMETRIC ENCRYPTION

15. SYMMETRIC ENCRYPTION

16. ASYMMETRIC ENCRYPTION
Diffie–Hellman key
exchange

17. DIGITAL CERTIFICATES
Electronic identification and/or encryption system developed for use
over internet.
Typically they contain:
• Certificate holder public key
• Information about the organization to which certificate was issued
• Information about the Certificate Authority (CA), including CA
digital signature
• Date of certificate issued or expired
• Serial number of certificate

18. OVERVIEW OF SECURE SOCKET LAYER

19. WEB SECURITY BEST PRACTICES
• Use stateful firewalls
• Keep track of all web tier transmission and protocol sessions.
• Put webservers in a demilitarized zone (DMZ)
• Drop non-HTTP packets
• Configure to allow HTTP and HTTPS only
• Use HTTP POST rather than HTTP GET
• Destroy HTTP sessions upon logout and set timeout
• Validate request data
• Good error reporting
• Do not expose remote system level and naming service specific
exceptions.

20. WEB SECURITY BEST PRACTICES
• Secure the pipe
• Make sure that the session and data exchanged between server –
client are confidential and tamper proof
• Secure administrative communications
• Make sure all admin task are done using encrypted communication
ex: SSH

21. WANT MORE ABOUT SECURITY ?
O'Reilly - Introduction to Secure Software

22. AVAILABILITY CONCEPT & PRINCIPLES

23. NOT AVAILABLE YET

24. AVAILABILITY OVERVIEW
Business
Production
Availability

25. AVAILABILITY OVERVIEW
System
down
System
up
System
downMEAN TIME TO RECOVER
(MTTR)
MEAN TIME
TOFAILURE
(MTTF)
MEAN TIME BETWEEN FAILURE (MTBF)
A = MTBF / (MTBF + MTTR)
TO CALCULATE DOWNTIME :
Downtime per year (min) = (1 – Uptime Ratio) x 365 x 24 x 60

26. AVAILABILITY OVERVIEW

27. HOW CAN I MAXIMIZE AVAILIBILITY ?
Maximize MTTF

28. HOW CAN I MAXIMIZE AVAILIBILITY ?
https://www.slideshare.net/ufried/resilience-reloaded-more-resilience-patterns

29. WHATS THE PROBLEM ?
Software will fail..
Hardware will fail..
Human will fail..
Time is failure to (low network) :p

30. DON’T TRY TO AVOID FAILURE,
EMBRACE THEM

31. AVAILABILITY TACTICS
https://www.slideshare.net/ufried/resilience-reloaded-more-resilience-patterns

32. https://www.slideshare.net/ufried/resilience-reloaded-more-resilience-patterns

33. BULKHEADING
Don’t put all your eggs in one basket, and protect your basket from one to another.
Image : Taken from reactive design pattern book – Rolland kuhn

34. CIRCUIT BREAKER
Image : Taken from reactive design pattern book – Rolland kuhn

35. WANT MORE ABOUT AVAILIBILITY ?
https://www.slideshare.net/ufried/resilience-reloaded-more-
resilience-patterns
https://www.slideshare.net/ufried/resilient-functional-service-
design
https://www.slideshare.net/ufried/watch-your-communication

36. PIZZA ?