We are coming towards the end of our discussion on the security aspects of software architecture. It is a good time to summarize the strategies that one should try and impart to a software development team from a security architect's point of view. The following is a table summarizing the top 10 of these. Some of these may seem repeated from our earlier discussions, as we have seen them before.
SL |
Strategy |
How it helps |
---|---|---|
1 |
Validate inputs |
Validate inputs from all untrusted data sources. Proper input validation can eliminate a vast majority of software vulnerabilities. |
2 |
Keep it simple |
Keep program design as simple as possible. Complex designs increase the chances of security errors being made in their implementation, configuration, and deployment. |
3 |
Principle of least privilege |
Every process should execute with the least set of system privileges necessary to complete the work. For example, to read data from /tmp, one doesn't need root permission, but any... |