InfoQ

InfoQ

InfoQ

En | 中文 | 日本語 | Br

562,907 Jan unique visitors

News

My Bookmarks

Login or Register to enable bookmarks for unlimited time.

The content has been bookmarked!

There was an error bookmarking this content! Please retry.

Presentation: Patterns for securing architectures

Posted by Niclas Nilsson on May 09, 2008

Sections
Development,
Architecture & Design
Topics
Architecture ,
Design ,
Security
Tags
Qcon London 2007 ,
Design Patterns ,
QCon ,
Patterns

According to security guru Bruce Schneier, security is all about trade-offs you make with respect to your always limited resources. Today, security is often a problem either when designing a system’s architecture or — in the worst case — as an after-thought. Only a few experts have knowledge to design good security and we can safely assume that there is no security expert in most development teams.

In this presentation given at QCon London 2007, professor Peter Sommerlad introduces Patterns for Securing Architectures. Before Design Patterns, OO-design and architecture was a similar black art only performed well by experts and the intention of Security Patterns is to provide such leverage for designing secure architectures. Since naming the concepts make discussions easier and because the patterns tell the truth about their trade-offs, security design decisions can thereby be taken more consciously.

In the talk, Peter Sommerlad focuses on patterns such as Role-based Access Control, Single Access Point, and Front Door.

Set aside 60 minutes to get a new perspective on how to secure your architecture.

RelatedVendorContent

A Guide to Branching and Merging Patterns

Getting Started with Stratos - an Open Source Cloud Platform

18 agile and lean practices for effective software development governance

Agile Practices to Improve Project Management Organization (PMO) Effectiveness

Agile Development: A Manager's Roadmap for Success

No comments

Watch Thread Reply

Educational Content

Jesper Boeg on Priming Kanban

In this interview, Jesper Boeg, author of the new InfoQ book – Priming Kanban, discusses the keys to using Kanban effectively, and how to get started if you are currently using other approaches.

New-age Transactional Systems - Not Your Grandpa's OLTP

John Hugg discusses high volume transaction processing applications with high and low frequency profiles, and how VoltDB can be used for that purpose.

Cool Code

Kevlin Henney examines code samples to see what can be learned from them starting from the premise that one won’t write great code unless he knows how to read it.

Collaboration: At the Extremities of Extreme

Jason Ayers share the observations he made watching a team of developers collaborating in real time on the same code base, pushing XP, pair programming and continuous integration to their extremes.

Yesod Web Framework

Michael Snoyman presents Yesod, a web framework written in Haskell and containing a web server, templating, ORM, libraries (templating, gravatar, etc.).

Transactions without Transactions

Richard Kreuter and Kyle Banker on how to avoid classical RDBMS transactional systems by using compensation mechanisms, transactional messaging or transactional procedures.

Attila Szegedi on JVM and GC Performance Tuning at Twitter

Attila Szegedi talks about performance tuning Java and Scala programs at Twitter: how to approach GC problems, the importance of asynchronous I/O, when to use MySQL/Cassandra/Redis, and much more.

10 tips on how to prevent business value risk

One category of risk that project teams need to ensure they address is business value failure – delivering a product that fails to provide value for the business investor.