Work with data flow diagrams to plan security requirements.
- [Instructor] When you're determining your security requirements, there are some common terms and types of drawings and I'm going to go over those in this and the next few movies. So these are used both for yourself and particularly if you work with external security consultants. They're going to expect you have these kind of pieces of documentation. So the first one is a DFD, or a data flow diagram. And so this would be a single page drawing that shows for an application the following things.
First, the external entities. So any methods or actors, people that would connect into your application that are outside the application boundaries. So for an Amazon situation, this would be outside of an Amazon region or possibly a BPC or even an availability zone. And then it's going to show processes and you can think of these as applications or pieces of application logic, single and multiple processes. Again, the idea here is for the people who are determining the best security strategy to see the flow of data between storage areas across locations and through processes.
So they can understand where they need to protect the data. So along those lines, data stores, which we think of as file stores or databases. Data flows are the paths that the data flows into, within, and out of your system and of course a key aspect of this is privilege boundaries. Now there are various ways to draw this and I just actually pulled up a reference diagram because it's just sort of the most common way to draw it and has the most common aspects shown, but there are different ways that DFDs will be drawn depending on the type of tool you're using to create one.
So this is an example of a DFD for a simple application. It's for a college library application and the things that you want to pay attention to here are the types of shapes and lines and labels. So the first thing that you want to see are the red dashes. These are application boundaries, so what's inside and outside. So one the left side you can see that we have users that are going to send information via a log in request in this case, across an application boundary. So from their mobile phone, from their local computer across the public internet to a process and the process is represented by a circle.
The first process is a web servlet. Then the data will go and call the AuthenticateUser method, that's indicated by the next line, and that will call a log in process. With a log in process, we'll then send a call across another boundary, you can see it across the bottom the red dotted line into, in this case, a SQL database. There are two circles in the College Library Database because there's two levels of calls or processes or this would be two queries and then College Library Database would actually retrieve the particular data by calling out to database files on the drive of a machine at some location.
The data would then be returned to the library database, the result of the query. Then the authentication would be returned to the log in process. The result of the authentication would be returned to the web servlet and the log in response would be returned to the user. The only thing I didn't really mention here is how the web servlet renders and that comes from webpages. So you can see we have sort of a standard set of diagram types that are used in DFD so that security professionals can follow the flow of the data and they can understand the areas where data needs to be protected.
- Core AWS security design concepts
- Designing using a data flow diagram
- Using negative use cases
- Working with IAM user and role objects
- Design concepts for encryption
- Design encryption with AWS Key Management Service
- Third-party data security tools
- Designing for disaster recovery services