InfoQ

News

Presentation: Patterns for securing architectures

Posted by Niclas Nilsson on May 09, 2008 03:02 PM

Community
Architecture
Topics
Design ,
Security
Tags
Patterns ,
Design Patterns ,
Qcon London 2007 ,
QCon

According to security guru Bruce Schneier, security is all about trade-offs you make with respect to your always limited resources. Today, security is often a problem either when designing a system’s architecture or — in the worst case — as an after-thought. Only a few experts have knowledge to design good security and we can safely assume that there is no security expert in most development teams.

In this presentation given at QCon London 2007, professor Peter Sommerlad introduces Patterns for Securing Architectures. Before Design Patterns, OO-design and architecture was a similar black art only performed well by experts and the intention of Security Patterns is to provide such leverage for designing secure architectures. Since naming the concepts make discussions easier and because the patterns tell the truth about their trade-offs, security design decisions can thereby be taken more consciously.

In the talk, Peter Sommerlad focuses on patterns such as Role-based Access Control, Single Access Point, and Front Door.

Set aside 60 minutes to get a new perspective on how to secure your architecture.

RelatedVendorContent

Server Gated Cryptography

Comprehensive Threat Protection for REST, SOA, and Web 2.0 Applications

Usage Landscape: Enterprise Open Source Data Integration

The Agile Business Analyst: Skills and Techniques needed for Agile

Adobe® Rich Internet Application Project Portal

No comments

Watch Thread Reply

Educational Content

Bindings, Platforms, and Innovation

This presentation focuses on the Internet and separating myth from fact, history from the future, and the mundane from the imaginative. Bob Frankston presents a vision of what could and should be.

  •  Jul 02, 2009,
  •  

Orchestrating Long Running Activities with JBoss / JBPM

This article explores the use of JBoss and jBPM to implement design solutions that effectively address the issue of orchestrating long running activities.

  •  Jul 01, 2009,
  •  

Neo4j - The Benefits of Graph Databases

This presentation covers the use of graph databases as an optimal solution for data that is difficult to fit in static tables, rapidly evolving data or data that has a lot of optional attributes.

Realistic about Risk: Software development with Real Options

This session introduces Real Options and shows how it can help in running your project. Real Options is a decision-making process that can be used to manage risk.

  •  Jun 30, 2009,
  •  

Communication Flexibility Using Bindings

This article discusses the use of bindings on services and references (including the instance of non-configured bindings) as the means to implement SCA communications in a Web and SOA environment.

  •  Jun 30, 2009,
  •  

Writing DSLs in Groovy

After a short introduction to DSLs, Scott Davis plays with the keyboard showing how to approach the creation of a DSL by typing working snippets of Groovy code that get executed.

Scaling Agile with C/ALM (Collaborative Application Lifecycle Management)

IBM Rational and InfoQ present, Scaling Agile with C/ALM, an eBook showing organizations how to become “finely tuned software delivery machines” by enabling team integration and scaling.

Concurrent Programming with Microsoft F#

Amanda Laucher presents a real life enterprise application written in F#. She shows actual code snippets, explaining design decisions and suggesting how to use some of the F# constructs.