From the course: CSSLP Cert Prep: 3 Secure Software Design
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Secure design principles and patterns
From the course: CSSLP Cert Prep: 3 Secure Software Design
Secure design principles and patterns
- [Instructor] Once you understand which environmental components and layered security controls are available, you can leverage existing design principles in repeatable patterns to enhance the security of your app. We covered these principles conceptually in Domain 1, "Secure Software Concepts", but now it's time to apply those concepts as you review your security design. Start by reviewing your design from the end user's perspective. You want to make sure it's easy for them to be secure while making it difficult for them to stray from the beaten path. Embrace the principle of least privilege. Make sure users have enough access to do what they need to do and nothing more. At the same time, enforce separation of duties. If there are toxic combinations of access that might enable a user to commit fraud or to bypass security, build controls into the app to account for these scenarios. Design the app with psychological…
Contents
-
-
-
-
-
(Locked)
Components of a secure environment6m 39s
-
(Locked)
Designing network and server controls4m
-
(Locked)
Designing data controls5m 32s
-
(Locked)
Secure design principles and patterns4m 40s
-
(Locked)
Secure interface design6m 6s
-
(Locked)
Design security review2m 51s
-
(Locked)
Secure operational architecture3m 16s
-
(Locked)
-
-