10 Commandments of Secure Engineering

Écrit par

Aug 11, 2014

3 minute read

eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

10 Commandments of Secure Engineering
Separation of Data
Defense in Depth
Create Flood Barriers
Build a Kill Switch
Plan for Functionality
Ubiquitous Data Acquisition
Accessibility of Telemetry
Track Baselines, Detect Anomalies
Prioritize Messages
Alternate Perspectives

10 Commandments of Secure Engineering

By Darryl K. Taft

Separation of Data

When engineering secure systems, you must follow the fundamental principles of data separation and separate data by mission, objective and trust level so that only approved individuals have access to different types of data as well as different parts of your system.

Defense in Depth

When designing systems, sometimes we focus so much on perimeter security that we forget to pay the same attention to building an in-depth defense posture. It is important to build sensible gates or privilege barriers throughout your systems—not just along the perimeter.

Create Flood Barriers

The saying “You’re only as secure as your weakest link” is absolutely true, which is why it’s important to isolate each part of the system, or mission, from failures and compromises in others. If one part of the system goes down, you don’t want this to affect other parts of your system, eventually taking down your entire IT infrastructure.

Build a Kill Switch

Engineer a secure way to shut down parts of your system that may be under compromise. This ensures that if a hacker does infiltrate one particular part of your system, you are able to stop him or her in their tracks before the consequences become widespread.

Plan for Functionality

Oftentimes, security requirements can become a barrier to system functionality—but they don’t have to be. Find new, creative ways to create functional systems that are also secure.

Ubiquitous Data Acquisition

The work for creating trustworthy, resilient systems isn’t done once a system is engineered. It is equally as important to maintain a strong defense posture over time, which heavily relies on continuously monitoring as many aspects of your system as feasible and storing this data for possible forensic analysis. You must monitor multiple points within your system, and keep the data around for weeks or even months, in the event that you need to investigate historical patterns as part of a larger security analysis further down the road.

Accessibility of Telemetry

Often it is difficult to obtain or understand the internal state of a system, so it’s important to make it easy to get to the telemetry and make it intuitive to understand. Only then will an operator be able to quickly understand the difference between a failure and a compromise.

Track Baselines, Detect Anomalies

Develop a set of baselines within your systems so that you can uncover deviations from normal patterns in volumes, identities, timestamps and messages within your data analysis. The ability to detect suspicious data movement is key to uncovering threats and vulnerabilities before they affect your system, and this is only accomplished when building into your system a sense of what is normal and what is abnormal.

Prioritize Messages

Assign priorities to alerts, anomalies and telemetry data and align these with possible impact on your systems. For example, if you have set up alerts to show when a particular part of your system is accessed at an irregular hour by an unauthorized user three days in a row, this should trigger a high-priority alert indicating a possible breach.

Alternate Perspectives

Create multiple views of the same system or component, allowing a multi-perspective view. This adds an extra layer of visibility in systems or system components to improve security analysis and help you develop the proactive measures you need to ensure a fully secured system.