Syllabus Point
- Explore fundamental software design security concepts when developing programming code
Including:
- confidentiality
- integrity
- availability
- authentication
- authorisation
- accountability
Understanding the CIA Triad, authentication, authorisation, and accountability is essential for building secure systems that protect sensitive information and maintain trust.
About the CIA triad
An information security model that looks at confidentiality, integrity, and availability, as well as relationships between these principles. Prioritising one principle can mean a tradeoff for others.
Confidentiality
Confidentiality ensures that sensitive data and information is kept private, and is only accessible to authorised users. Can be strengthened with access-control methods (MFA), encryption, authentication, and data classification.
How to ensure confidentiality
- Encrypt sensitive data at rest and in transit
- Use secure communication protocols (eg HTTPS)
Integrity
Ensuring data can be trusted and hasn't been tampered with - accurate, consistent and trustworthy over its entire lifecycle. Maintained through access control, encryption and hashing. Prevents unauthorised modification of data, eg using hashing when sending data.
How to ensure integrity
- Checksums
- Digital signatures
- Hash functions
Availability
Authorised users have efficient access to the information they need when they need it. Designing systems that are resilient to downtime, and have regular maintenance.
Denial of Service (DoS) attacks aim to limit the availability of systems - have bot detection and other mitigations. The application should remain responsive even under heavy traffic or during attacks. Systems can still fail without intentional attack - eg power outages.
Redundancy is when a component is duplicated so if it fails, there will be a backup - so data can keep flowing even in the event of a failure.
How to ensure availability
- Design with redundancy, load balancing, and disaster recovery mechanisms
- Regularly monitor system performance
Authentication
Authentication is a process of verifying the identity of users. It provides access control for systems by checking to see if a user's credentials match the credentials in a database of authorised users or an authentication server. Asking 'Who are you?' - validates the identification of the user.
How to Ensure Strong Authentication
- Strong authentication mechanisms (passwords, MFA, biometrics)
Authorisation
Authorisation enforces access control mechanisms to determine permissions and restrict access based on roles. The system is asking 'What are you allowed to do?' - checks user's permissions to access data.
How to Ensure Proper Authorisation
- Use Role-Based Access Control (RBAC) or Attribute-Based Access Control (ABAC)
- Regularly review and update user permissions based on roles and responsibilities
Accountability
Accountability in secure software development is about traceability. It ensures that every action in the system is linked to a responsible party. It is achieved through audit trails and logging, which store a record of events, activities and transactions in a system.
Maintaining security - helps developers and administrators to detect suspicious behaviour, track potential breaches and ensure compliance with security policies.
Audit Trails
A detailed, chronological record of all events, activities and transactions within the system. They help to track who did what, when, and how, and are used for security troubleshooting, investigating security breaches, and understanding system failures.
Example: An audit trail records when a user logs into the system, creates or deletes a group, sends a message, etc.
Logging
Logging is a process that captures specific details of system operations (recording system events and user actions in a structured way). Logs are essential for identifying and understanding unusual or unauthorised activities, making it easier to detect potential breaches or policy violations.
Logging can include various types of data: timestamp, user ID, action, outcome.
Importance of Logging
- Security monitoring - can monitor for suspicious activity like unauthorised access or failed login attempts
- Accountability - users can be held accountable for their actions
- Troubleshooting - logs can help identify what triggered an issue and when it occurred
- Compliance - many industries have strict regulations requiring audit trails to ensure sensitive data is handled appropriately
Best Practices
- Log important system events like login attempts, user creation, account deletion, password resets, file access
- Log sensitive data safely - avoid logging sensitive data (passwords) but instead log actions related to security like password changes and failed login attempts
- Log retention policies - how long will logs be stored?
- Regular review - check for unusual activity like multiple failed login attempts or actions performed at unusual times
STRIDE threat modelling
STRIDE is a threat modelling methodology developed by Microsoft to analyse a system, and classify threats on a prioritised list, based on the likelihood of them happening and the scale of the impact.
The six categories of STRIDE are:
- Spoofing (Authentication) - Impersonating something or someone else
- Tampering (Integrity) - Modifying data or code
- Repudiation (Non-repudiation) - Claiming to have not performed the action
- Information Disclosure (Confidentiality) - Exposing information to someone not authorised to see it
- Denial of Service (Availability) - Deny or degrade service to users
- Elevation of Privilege (Authorisation) - Gain capabilities without proper authorisation
Related Resources
Keep Progressing
Use the lesson navigation below to move through the module sequence.
