Software Secure Architecture and Design

Encerrado Postado há 2 meses Pago na entrega
Encerrado Pago na entrega

Architecture overview, how the system interaction with external systems puts it at risk.

Variation of the boundaries of the system vary from deployment

In your opinion, are there locations in the architecture where too many assets reside?

Analysis of your threat Model. More explanation about boundaries of the system.

The purpose of this deliverable is to come up with the architecture and design of your

product

Your deliverable must include:

● Architecture Overview. Describe the architecture of the system. Please answer the

following questions:

o What are the subsystems? What does each subsystem do?

o Are there subsystems that are expressly security features? (e.g. encryption,

authentication) Describe these in more depth.

o Consider the cost of developer mistakes in terms of subsystems. For example

"if a developer makes a mistake in this subsystem, what happens?"

o Do some subsystems appear to be more susceptible to code-level

vulnerabilities?

o Do you see security built into system at this architectural level? (e.g. distrustful

decomposition)

o How might compromising one subsystem affect the security (integrity,

reliability, etc.) of the others or of the system as a whole?

o How does the system interaction with external systems put it at risk?

o Consider how the architecture might change over time.

● Threat Model. Build a threat model diagram and conduct an analysis using the

Microsoft tool. Write up your analysis.

o What are the machine boundaries of the system? Does this vary from

deployment to deployment?

o What are the trust boundaries of the system? Are there any trust boundaries

more important than others?

Please make this diagram legible - I would rather you show the riskiest parts of the

threat model than enumerate every possibility. As a guide, threat models get pretty

confusing after about 12 primitives per diagram. If you feel your diagram must be more

complex, feel free to break it up into multiple diagrams.

● Assets to Threat Model Tracing Provide a mapping from your assets in deliverable 1

to the elements in your threat model. Discuss this mapping:

o Does the location in the architecture affect the p(exploit) of an asset? Why or

why not?

o Are there locations in the architecture where no assets reside? Did you miss

any assets there?

o In your opinion, are there locations in the architecture where too many assets

reside?

● Detailed Design show class diagrams of your detailed design. Please show and discuss

any secure design pattern, guideline, principle that you built in your design.

Segurança de computadores Arquitetura de software Segurança na rede Desenvolvimento de Software

ID do Projeto: #37501387

Sobre o projeto

6 propostas Projeto remoto Ativo em 1 mês atrás

6 freelancers estão ofertando em média $49 nesse trabalho

ExpertNetworkEng

Hello Dear, I am an Expert Network Engineer and I am working as Professor and Expert Consultant Network Engineer in a Multinational ISP. I have great hands-on experience for more than 10 years in various network tech Mais

$20 USD em 1 dia
(90 Comentários)
5.8
ahmed4499

Hello sir I am computer engineer and I have master degree in cryptography so may I can help you thanks

$100 USD in 7 dias
(23 Comentários)
5.2
rainbow

I am a software architecture designer I can work on projects of Software Secure Architecture and Design PLease share details of work

$20 USD in 7 dias
(32 Comentários)
5.3
waltawil

Hello, I worked in the banking field for more than 25 years covering security for 15 years, I am certified ( CISSP - CISA - CEH - ecppt - IBM analyst i2 - SANS 504 & 503 ) I worked in developing many standards and I th Mais

$30 USD in 7 dias
(3 Comentários)
2.9
varadharajanmano

Greetings! This is Varadharajan. I assure you that I have carefully considered all the necessary components for this project and have taken the appropriate measures to address any potential risks. I have provided a de Mais

$99 USD in 15 dias
(0 Comentários)
0.0
solarisshiva

As a Certified Information Systems Security Professional (CISSP) with an extensive background in security architecture, I bring a wealth of knowledge and skills to the table, making me the ideal candidate for your proj Mais

$25 USD in 7 dias
(0 Comentários)
0.0