MODULE 4: SECURE APPLICATION

DESIGN & ARCHITECTURE

BE EXTC, SEM-VIII
Honours/ Minor degree Program in
CYBER SECURITY

Mrs. Arti Sawant

Avert disaster before it starts

● It refers to proactively identifying and mitigating potential

security risks, vulnerabilities, and weaknesses in the
design and architecture of an application before they can
be exploited by attackers

● It involves implementing security measures and best

practices during the early stages of development to
prevent security breaches and mitigate the impact of
security incidents
NEED TO Avert disaster
● Prevention is better than cure: Addressing security
vulnerabilities and weaknesses early in the development
process is more effective and less costly than trying to fix
security issues after they have been exploited by
attackers.
● Minimizing risk exposure: By proactively identifying and
mitigating security risks, organizations can reduce the
likelihood of security breaches and minimize the potential
impact on their systems, data, and reputation.
● Enhancing trust and confidence: Building secure
applications instils trust and confidence among users,
customers, and stakeholders, fostering long-term
relationships and maintaining a positive brand reputation.
● Meeting compliance requirements: Many regulatory
frameworks and industry standards require organizations
to implement security measures and safeguards to
protect sensitive information and comply with legal and
regulatory requirements
Some common strategies for averting disaster before
it starts in secure application design and architecture

● Threat modeling: Conducting threat modeling

exercises to identify potential security threats,
vulnerabilities, and attack vectors early in the
development process
● Secure architecture design: Designing the architecture
of the application with security in mind, incorporating
security controls, layers, and boundaries to protect
against common security risks.
● Secure coding practices: Following established coding
standards and best practices for writing secure,
resilient, and maintainable code, such as input
validation, parameterized queries, and secure error
handling.
● Security testing: Performing regular security testing
and code reviews to identify and address security
vulnerabilities and weaknesses in the application code
CONTINUE..
● Continuous monitoring and response: Implementing
monitoring tools and processes to detect security
incidents and anomalies in real-time, enabling
prompt response and mitigation actions.
● Security awareness and training: Providing training
and education to developers, architects, and other
stakeholders on security best practices, emerging
threats, and vulnerabilities to foster a security-
conscious culture.
● Secure deployment and configuration management:
Implementing secure deployment practices and
configuration management to ensure that the
application is deployed and configured securely in
production environments.
Team roles involved in security within the context
of secure application design and architecture

1. Security Architect: Responsible for designing and

implementing the security architecture of the application,
including defining security controls, mechanisms, and
strategies to mitigate security risks and threats effectively.
2. Security Engineer: Involved in implementing and
maintaining security features and controls within the
application, including encryption, authentication, access
control, and secure coding practices.
3. DevOps Engineer: Responsible for integrating security into
the development, deployment, and operations processes
through practices such as infrastructure as code (IaC),
automated security testing, and continuous security
monitoring.
4. Software Developer: Responsible for writing secure,
resilient, and maintainable code, following established
coding standards, best practices, and security guidelines to
CONTINUE..

5. Quality Assurance (QA) Engineer: Involved in testing the

application for security vulnerabilities and weaknesses
through techniques such as static code analysis, dynamic
application security testing (DAST), and penetration testing.
6. Security Analyst: Responsible for analyzing security threats
and vulnerabilities, conducting risk assessments, and
providing recommendations for improving the security
posture of the application.
7. Product Owner/Manager: Responsible for prioritizing
security requirements and features within the product
backlog, ensuring that security considerations are adequately
addressed throughout the development lifecycle.
RESPONSIBILITIES OF DIFFERENT ROLES

Security Architect:
- Designing the security architecture
- defining security requirements
- conducting threat modeling
- providing guidance on security best practices and
standards.
Security Engineer:
- Implementing security controls and mechanisms
- configuring security tools and technologies
- conducting security assessments, and performing security
code reviews.
DevOps Engineer:
- Automating security processes
- integrating security into CI/CD pipelines
- managing security configurations
- monitoring security metrics and alerts
Software Developer:
- Writing secure code
- adhering to secure coding practices
- participating in security reviews and testing
- ddressing security vulnerabilities identified during development.
QA Engineer:
- Testing the application for security vulnerabilities
- performing security testing and validation
- analyzing security test results
- reporting security findings to the development team.
Security Analyst:
- Conducting security assessments and audits
- analyzing security incidents and breaches
- providing security advisories and recommendations
- contributing to incident response and remediation efforts.
Product Owner/Manager:
- Prioritizing security requirements and user stories
- collaborating with stakeholders to define security objectives and
goals
- ensuring that security considerations are integrated into the
Collaboration between team roles enhance security in
secure application design and architecture
Collaboration between team roles can enhance security in
secure application design and architecture by,
● Facilitating the exchange of security-related knowledge,
expertise, and best practices across different disciplines and
domains.
● Encouraging cross-functional communication and alignment
of security goals and priorities with business objectives and
user needs.
● Promoting shared ownership and accountability for security
within the development team, fostering a culture of security
awareness and responsibility.
● Leveraging diverse perspectives and insights from different
team roles to identify and address security risks and
vulnerabilities more comprehensively and effectively.
● Streamlining security processes and workflows through
integrated tools, automation, and DevSecOps practices,
enabling faster feedback and response to security issues
● Enhancing the overall security posture of the application by
integrating security considerations into every stage of the
development lifecycle, from design and implementation to
testing and deployment.
SECURITY IN SOFTWARE DEVELOPMENT
LIFECYCLE

Security plays a critical role in every phase of the software

development lifecycle (SDLC). It involves identifying,
assessing, and mitigating security risks and vulnerabilities
from the initial planning and requirements gathering stages
through design, development, testing, deployment, and
maintenance of the software application.
Security integration into the SDLC involves:
● Planning and Requirements: Identifying security
requirements, conducting risk assessments, and defining
security objectives and goals.
● Design: Architecting the software with security in mind,
incorporating security controls, mechanisms, and best
practices
● Development: Writing secure code, following coding
standards, implementing security features, and
conducting security code reviews.
● Testing: Performing security testing, including static and
dynamic analysis, penetration testing, and vulnerability
scanning.
● Deployment: Ensuring secure configuration, implementing
secure deployment practices, and monitoring security
controls.
● Maintenance: Patching vulnerabilities, updating security
controls, and addressing security incidents and breaches.
NEED OF INTEGRATING SECURITY IN
SDLC

● Helps identify and mitigate security risks and

vulnerabilities early in the development process.
● Reduces the cost and effort of addressing security
issues later in the lifecycle
● Enhances the resilience and trustworthiness of the
software application.
● Facilitates compliance with legal, regulatory, and
industry security requirements.
● Promotes a culture of security awareness and
responsibility among development teams.
Organizations can ensure effective security in the SDLC
by,

● Establishing a formalized and documented security

program and policies.Providing security training and
awareness programs for development teams.
● Integrating security tools and automation into
development workflows.
● Conducting regular security assessments and audits
throughout the SDLC.Collaborating with security
experts and stakeholders to address security
concerns. Continuously monitoring and improving
security practices and processes based on lessons
learned and industry best practices.
 DESIGN FLAWS VS SECURITY BUGS
Design Flaws Security Bugs

It refers to a fundamental It refers to a coding error,

architectural or structural weakness implementation flaw, or
in the design of the application that configuration mistake in the
can lead to security vulnerabilities application that introduces security
or compromises. vulnerabilities or weaknesses.

It is typically a result of inadequate It is typically a result of

threat modeling, poor architectural programming errors, incorrect use
decisions, or incomplete of security controls, or oversight
understanding of security during development.
requirements
e.g the absence of proper e.g. SQL injection vulnerability in
authentication and authorization the application's code, where user
mechanisms in the application's input is not properly sanitized
architecture. This could lead to before being included in SQL
unauthorized access to sensitive queries. This could allow attackers
data or functionalities. to execute arbitrary SQL commands
and manipulate the database
CONTINUE..
Design Flaws Security Bugs

Addressing design flaws Addressing security bugs

involves revisiting the involves identifying and fixing
application's architecture, coding errors, implementing
conducting thorough threat secure coding practices, and
modeling and risk performing thorough code
assessments, and making reviews and security testing.
necessary architectural
changes to mitigate identified
security risks
It involve redesigning It include applying input
components, implementing validation, parameterized
proper access controls, and queries, and proper error
incorporating security handling to prevent common
mechanisms at the security vulnerabilities like SQL
architectural level. injection, Cross-Site Scripting
(XSS), and authentication
bypass
SECURE DESIGN CONCEPT
It encompass principles, strategies, and best practices used
to develop software architectures that prioritize security.
● Used to mitigate potential vulnerabilities and threats by
incorporating security measures into the design and
architecture of the application from the outset.
● Some key secure design concepts that developers should
consider when designing secure applications:
- Defense in Depth
- Least Privilege
- Separation of Duties
- Secure by Default
- Fail-Safe Defaults
- Secure Communication
- Input Validation and Sanitization
CONTINUE..
● Defense in Depth: This concept involves implementing multiple
layers of security controls and mechanisms to protect against
diverse threats and vulnerabilities. Each layer reinforces the
security of the system, creating a comprehensive defense
strategy.
● Least Privilege: The principle of least privilege dictates that
users and processes should only be granted the minimum level of
access or permissions necessary to perform their tasks. By limiting
privileges, the potential impact of security breaches or misuse is
minimized.
● Separation of Duties: This concept involves distributing tasks
and responsibilities among different roles or components within
the system to prevent single points of failure or compromise. It
helps enforce checks and balances, reducing the risk of insider
threats and unauthorized access.
● Secure by Default: Secure by default means that security features and
settings are enabled by default, minimizing the need for manual
configuration and reducing the risk of misconfiguration-related security
CONTINUE..
● Fail-Safe Defaults: Fail-safe defaults ensure that, in the event
of an error or failure, the system defaults to a secure state
rather than exposing sensitive data or functionalities. This helps
prevent attackers from exploiting system failures to compromise
security.
● Secure Communication: This concept emphasizes using
secure communication protocols (e.g., HTTPS) and encryption
mechanisms to protect data transmitted between clients and
servers. It ensures data confidentiality, integrity, and
authenticity during transit.
● Input Validation and Sanitization: Input validation and
sanitization involve validating and cleansing user inputs to
prevent injection attacks such as SQL injection, Cross-Site
Scripting (XSS), and command injection. By validating input at
the entry point, vulnerabilities can be mitigated before they
reach the application logic.
Secure Design Concept- Contribution to building
secure applications

● Proactively addressing security concerns at the

architectural level, reducing the likelihood of vulnerabilities
being introduced during development.
● Establishing a foundation of security that permeates
throughout the entire software development lifecycle, from
design and development to testing and deployment.
● Providing a framework for developers to implement security
measures consistently and systematically, regardless of the
specific technologies or frameworks used.
● Enabling organizations to meet regulatory requirements
and compliance standards by incorporating security best
practices into their application architectures.
● Enhancing the overall resilience and trustworthiness of the
application, fostering confidence among users, customers,
and stakeholders
Segregation of Production Data

● Segregation of production data refers to the practice of

logically or physically partitioning different types of
data within a production environment to minimize the
risk of unauthorized access, data leakage, or data
corruption.
● It involves separating sensitive data from less sensitive
data and enforcing access controls to ensure that only
authorized users or processes can access each type of
data.
NEED OF SEGREGATION OF PRODUCTION
DATA
● Data Protection: It helps protect sensitive or confidential
data from unauthorized access or disclosure by limiting
access to only those individuals or processes that have a
legitimate need.
● Compliance Requirements: Many regulatory frameworks
and industry standards mandate the segregation of certain
types of data (e.g., Personally Identifiable Information - PII,
payment card data) to comply with data protection and
privacy regulations.
● Risk Reduction: By segregating data based on sensitivity
or criticality, the impact of a security breach or data loss can
be minimized, as attackers may only gain access to a subset
of the overall data.
● Operational Efficiency: Segregation of data can also
improve operational efficiency by allowing for more targeted
backup and disaster recovery processes, as well as easier
 Common strategies for segregating production data
in secure application design and architecture

● Logical Segregation: Using access controls, role-based

permissions, and encryption to partition data within a shared
environment, such as a database or file system. This can involve
creating separate user accounts or roles with different levels of
access to specific data sets.

● Physical Segregation: Physically isolating sensitive data on

separate servers, networks, or storage devices to prevent
unauthorized access. This can involve deploying separate
infrastructure for different types of data, such as using
dedicated databases or cloud instances.
CONTINUE..

● Data Masking and Anonymization: Masking or

anonymizing sensitive data before storing or transmitting
it, to reduce the risk of exposure in non-production
environments or during data processing tasks. This
ensures that only authorized users can access the original
data.

● Encryption: Encrypting sensitive data at rest and in

transit to protect it from unauthorized access or
interception. This helps ensure that even if data is
accessed by unauthorized parties, it remains unreadable
without the proper decryption keys
APPLICATION SECURITY ACTIVITIES

Application security activities refer to the various

processes, practices, and measures undertaken to
identify, mitigate, and manage security risks and
vulnerabilities throughout the lifecycle of an application.
These activities are integral to ensuring that the
application is designed, developed, deployed, and
maintained with security in mind.
 NEED OF APPLICATION SECURITY ACTIVITIES

● Risk Mitigation: They help identify and mitigate security risks

and vulnerabilities early in the development process, reducing
the likelihood of security breaches and data compromises.
● Compliance Requirements: Many regulatory frameworks and
industry standards require organizations to implement specific
security measures and practices to protect sensitive data and
ensure compliance with legal and regulatory requirements.
● Trust and Reputation: Building secure applications instills
trust and confidence among users, customers, and
stakeholders, enhancing the reputation of the organization and
its products.
● Cost Savings: Addressing security issues early in the
development lifecycle is often more cost-effective than fixing
them after deployment. Application security activities help
minimize the potential impact of security incidents and reduce
Some common Application Security Activities that
should be incorporated into Secure Application Design
and Architecture

● Threat Modeling: Identifying potential security threats and

vulnerabilities, assessing their impact and likelihood, and prioritizing
them based on risk to inform security decisions.
● Secure Design and Architecture Review: Evaluating the design and
architecture of the application to ensure that security requirements are
adequately addressed and that security best practices are followed.
● Secure Coding Practices: Following established coding standards and
best practices for writing secure, resilient, and maintainable code,
including input validation, parameterized queries, and secure error
handling.
● Security Testing: Conducting various types of security testing, such as
static code analysis, dynamic application security testing (DAST),
penetration testing, and vulnerability scanning, to identify and address
security vulnerabilities and weaknesses
CONTINUE..

● Secure Deployment and Configuration

Management: Implementing secure deployment
practices and configuration management to ensure that
the application is deployed and configured securely in
production environments.
● Incident Response and Remediation: Developing and
implementing incident response plans and procedures to
detect, respond to, and recover from security incidents
and breaches in a timely and effective manner.
● Security Awareness and Training: Providing training
and education to developers, architects, and other
stakeholders on security best practices, emerging
threats, and vulnerabilities to foster a culture of security
awareness and responsibility.
Ensuring effective implementation of application
security activities in Organizations

● Establishing Security Policies and Standards:

Defining and documenting security policies, standards,
and guidelines to govern application security practices
and ensure consistency across development teams.
● Integrating Security into Development Processes:
Incorporating security activities into the software
development lifecycle (SDLC) and development
workflows, such as through secure coding practices,
security testing, and security reviews.
● Automating Security Processes: Leveraging
automation tools and technologies to streamline security
activities, such as static code analysis, continuous
integration/continuous deployment (CI/CD) pipelines, and
automated vulnerability scanning.
CONTINUE..

● Collaborating with Security Experts: Engaging with

security professionals, consultants, or third-party vendors
to provide expertise, guidance, and support for
implementing and managing application security
activities.
● Monitoring and Continuous Improvement: Monitoring
security metrics, tracking security incidents and trends,
and continuously evaluating and improving application
security practices based on lessons learned and industry
best practices.
THANK YOU!