InfoQ

News

Presentation: Patterns for securing architectures

Posted by Niclas Nilsson on May 09, 2008 03:02 PM

Community
Architecture
Topics
Security,
Design
Tags
Patterns,
Qcon London 2007,
Design Patterns,
QCon

According to security guru Bruce Schneier, security is all about trade-offs you make with respect to your always limited resources. Today, security is often a problem either when designing a system’s architecture or — in the worst case — as an after-thought. Only a few experts have knowledge to design good security and we can safely assume that there is no security expert in most development teams.

In this presentation given at QCon London 2007, professor Peter Sommerlad introduces Patterns for Securing Architectures. Before Design Patterns, OO-design and architecture was a similar black art only performed well by experts and the intention of Security Patterns is to provide such leverage for designing secure architectures. Since naming the concepts make discussions easier and because the patterns tell the truth about their trade-offs, security design decisions can thereby be taken more consciously.

In the talk, Peter Sommerlad focuses on patterns such as Role-based Access Control, Single Access Point, and Front Door.

Set aside 60 minutes to get a new perspective on how to secure your architecture.

No comments

Reply

Exclusive Content

VMware Infrastructure 3 Book Excerpt and Author Interview

VMware Infrastructure 3: Advanced Technical Design Guide and Advanced Operations Guide provides a wealth of practical insights into setting up virtualization in todays corporate environments.

Using Ruby Fibers for Async I/O: NeverBlock and Revactor

Ruby 1.9's Fibers and non-blocking I/O are getting more attention - we talked to Mohammad A. Ali of the NeverBlock project and Tony Arcieri of the Revactor project.

Agile and Beyond - The Power of Aspirational Teams

Tim Mackinnon talks about the aspirations behind the Agile principles and practices, the desire to become efficient, to write quality code which does not end up being thrown away.

Concurrency: Past and Present

Brian Goetz discusses the difficulties of creating multithreaded programs correctly, incorrect synchronization, race conditions, deadlock, STM, concurrency, alternatives to threads, Erlang, Scala.

ActionScript 3 for Java Programmers

Often the hardest part of changing technologies is language syntax differences. This new article provides Java developers with a transition guide to Actionscript which forms the foundation of Flex.

Neal Ford On Programming Languages and Platforms

Neal Ford talks about having multiple languages running on one of the two major platforms: Java and .NET. He also presents the advantages offered by Ruby compared to static languages like Java or C#.

Future Directions for Agile

David Anderson talks about the history of Agile, the current status of it and his vision for the future. The role of Agile consists in finding ways to implement its principles.

Nick Sieger on JRuby

Nick Sieger talks about the future of JRuby, Java Integration, and his work on JEE deployment tools for Ruby on Rails like Warbler.