Architectural Patterns for Enabling Application Security


By: J. Yoder, J. Barcalow
Published in: PLoPD4
Pages: 301-336
Category: Architectural, Security

Summary: Early design decisions allow application security to be added later and enable system evolution to meet changing security requirements.

Url: http://www.joeyoder.com/papers/

Pattern: Single Access Point

Pages: 303-306

It's difficult to make an application secure when there are many entry points. Set up one and only one way to get into the system and, if necessary, create a mechanism for deciding which sub-applications to launch.

Pattern: Check Point

Pages: 307-312

You're using Single Access Point. To verify user information, create an object that encapsulates the algorithm for the security policy to handle all security checks. Use Session and Roles

Pattern: Roles

Pages: 312-316

Users have different security profiles. To manage different user-privilege relationships, create one or more role objects that define the permissions and access rights for different user groups.

Pattern: Session

Pages: 316-320

You're using Check Point. Many objects need access to shared variables. Create a Session object that holds all global information for a current user's interaction with the system.

Pattern: Full View with Errors

Pages: 320-323

You're using Roles. Applications may provide many ways to view data. Some operations may not be legal in a given state. When a user performs an illegal operation, display an error message.

Pattern: Limited View

Pages: 323-329

You're using Roles. Applications may provide many ways to view data. Some operations may not be legal in a given state. Allow users to see only what they have access to. Provide only the selections and menus their privileges permit.

Pattern: Secure Access Layer

Pages: 329-332

Most applications are integrated with other systems. No application can be secure if it is not properly integrated with the security of the systems it uses. Build your application's security around operating system, networking, and database security mechanisms. Build a secure access layer for communicating with the program on a secure lower-level.