In a time where systems are constantly at risk, it is essential that you arm yourself with the knowledge of different security measures. This pioneering title breaks down security at various levels of the system: the enterprise, architectural and operational layers. It acts as an extension to the larger enterprise contexts and shows you how to integrate security in the broader engineering process.
Essential security topics include:
• Enterprise level security – security management, principles, institutional policies (such as need-to-know) and enterprise needs (including confidentiality, integrity, availability, accountability, I&A, access control and audit).
• Architectural level security – system level solutions responding to enterprise level policies – and the most important level for facilitating building security into a system.
• User level security – concerned with achieving security in operational contexts.
A pattern system provides, on one level, a pool of proven solutions to many recurring design problems. On another it shows how to combine individual patterns into heterogeneous structures and as such it can be used to facilitate a constructive development of software systems.
Uniquely, the patterns that are presented in this book span several levels of abstraction, from high-level architectural frameworks and medium-level design patterns to low-level idioms.
The intention of, and motivation for, this book is to support both novices and experts in software development. Novices will gain from the experience inherent in pattern descriptions and experts will hopefully make use of, add to, extend and modify patterns to tailor them to their own needs. None of the pattern descriptions are cast in stone and, just as they are borne from experience, it is expected that further use will feed in and refine individual patterns and produce an evolving system of patterns.