Hans Karlsen. MDriven The book. Doing effective Business by taking control of Information. Hans Karlsen, Stockholm Sweden

Similar documents
shortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge

DER GOBBLE. Good Secure Crypto Wallet Practices. What is your wallet?

Vitheia IoT Services

DIRECTV Message Board

SECURITY AND DATA REDUNDANCY. A White Paper

Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Symbolic Links 4. Deploy A Firewall 5

Introduction to

Recipes. Marketing For Bloggers. List Building, Traffic, Money & More. A Free Guide by The Social Ms Page! 1 of! 24

ctio Computer Hygiene /R S E R ich

Make $400 Daily. With Only. 5 Minutes Of Work

IT & DATA SECURITY BREACH PREVENTION

10 Hidden IT Risks That Might Threaten Your Business

Attackers Process. Compromise the Root of the Domain Network: Active Directory

How to Build a Culture of Security

FAQ: Privacy, Security, and Data Protection at Libraries

Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at

A GUIDE TO CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING

Newcomer Finances Toolkit. Fraud. Worksheets

Taskbar: Working with Several Windows at Once

Reduce Your Network's Attack Surface

Operating systems and security - Overview

Operating systems and security - Overview

This chapter is intended to take you through the basic steps of using the Visual Basic

Main area: Security Additional areas: Digital Access, Information Literacy, Privacy and Reputation

Best Practices in Securing a Multicloud World

Security Awareness. Presented by OSU Institute of Technology

4 Hidden Budget-Killing PDF Software Pitfalls. And how to avoid them

To learn more about Stickley on Security visit You can contact Jim Stickley at

Top 10 Considerations for Securing Private Clouds

Introduction to SSL. Copyright 2005 by Sericon Technology Inc.

Protect Your Application with Secure Coding Practices. Barrie Dempster & Jason Foy JAM306 February 6, 2013

Your security on click Jobs

How Secured2 Uses Beyond Encryption Security to Protect Your Data

Excel Basics Rice Digital Media Commons Guide Written for Microsoft Excel 2010 Windows Edition by Eric Miller

Train employees to avoid inadvertent cyber security breaches

Hans Karlsen. MDriven The book. Doing effective Business by taking control of Information. Hans Karlsen, Stockholm, Sweden

6 counterintuitive strategies to put your list building efforts into overdrive

Getting Help...71 Getting help with ScreenSteps...72

Personal Internet Security Basics. Dan Ficker Twin Cities DrupalCamp 2018

Module 6. Campaign Layering

Cyber Security Guide. For Politicians and Political Parties

Rapid Software Testing Guide to Making Good Bug Reports

Value of Having Laptop - How valuable was it having your own laptop to use in class? % % % % %

Privileged Account Security: A Balanced Approach to Securing Unix Environments

10 Tips For Effective Content

Privacy and Security in Online Social Networks Department of Computer Science and Engineering Indian Institute of Technology, Madras

Outline More Security Protocols CS 239 Computer Security February 6, 2006

How to Stay Safe on Public Wi-Fi Networks

3.5 SECURITY. How can you reduce the risk of getting a virus?

THE 18 POINT CHECKLIST TO BUILDING THE PERFECT LANDING PAGE

User Guide. This user guide explains how to use and update Max Secure Anti Virus Enterprise Client.

Security and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web

Back to the Future Cyber Security

The First 12. An Hour-by-Hour Breakdown of a Threat Actor Inside Your Environment. Dr. Chase Cunningham ECSA,

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

The Quick And Easy Affiliate Setup List

Crypto-systems all around us ATM machines Remote logins using SSH Web browsers (https invokes Secure Socket Layer (SSL))

One of the fundamental kinds of websites that SharePoint 2010 allows

LeakDAS Version 4 The Complete Guide

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

Certificate-based authentication for data security

Top 10 Application Security Vulnerabilities in Web.config Files Part One

The Problem with Privileged Users

Kindle Books InfoPath With SharePoint 2010 How-To

Technical Solutions Novel Challenges to Privacy Privacy Enhancing Technologies Examples

POC Evaluation Guide May 09, 2017

Outline Key Management CS 239 Computer Security February 9, 2004

Unit 9 Tech savvy? Tech support. 1 I have no idea why... Lesson A. A Unscramble the questions. Do you know which battery I should buy?

Version Copyright Feel free to distribute this guide at no charge...

(RAPID) Landing Page Building. A Practical Guide Presented by Thrive Themes

Usage Guide to Handling of Bayesian Class Data

Beyond the F.U.D. How to start securing your DCS network today.

Authentication. Katarina

Data Protection and Information Security. Presented by Emma Hawksworth Slater and Gordon

Contents. SSL-Based Services: HTTPS and FTPS 2. Generating A Certificate 2. Creating A Self-Signed Certificate 3. Obtaining A Signed Certificate 4

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Windows Script Host Fundamentals

Introduction... 3 Introduction... 4

The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Exercise 6 - Addressing a Message

Part 1: Understanding Windows XP Basics

And FlexCel is much more than just an API to read or write xls files. On a high level view, FlexCel contains:

Week - 01 Lecture - 04 Downloading and installing Python

Segmentation for Security

Introduction to Internet Applications

Taking Care. of B usiness. Why the time is now to give your employees the mobile devices they really want. And why the right partner matters.

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

ANDROID PRIVACY & SECURITY GUIDE ANDROID DEVICE SETTINGS

Helping the Compiler Help You. Thomas Dy

Publications Database

Cyber Hygiene Guide. Politicians and Political Parties

Threat analysis. Tuomas Aura CS-C3130 Information security. Aalto University, autumn 2017

QUIZ Friends class Y;

MANAGING ENDPOINTS WITH DEFENSE- IN-DEPTH

SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA

Outline. More Security Protocols CS 239 Security for System Software April 22, Needham-Schroeder Key Exchange

THE IMPACT OF SECURITY ON APPLICATION DEVELOPMENT. August prevoty.com. August 2015

Digital Safety and Digital Citizenship

Transcription:

Hans Karlsen MDriven The book Doing effective Business by taking control of Information Hans Karlsen, Stockholm Sweden 2016-07-28

Part xx MDriven Turnkey 1 Information Security IT-security covers security of your Information Technology. A natural subset of IT-security is Information security; secure your information in this context as part of an IT-system. I often argue that nothing is as easy to sell as fear. Fear of anything. Fear of lacking IT security and Information Security is no different. It is an easy sell. You just open with the line are you really sure your data is secure because I think it might not be? Deal! Show me! Help me! In my opinion these are the obvious IT-security hygienic must haves: make sure you really authenticate users have order in your authorization processes keep your computers clean from unwanted software But beyond the obvious IT-security must haves - the delivered Show me, Help me very seldom comes to any real practical effect other than you should not have data worth stealing and if you do you should not let anyone come near it not even your staff. Well Thank you Mr. IT-security expert. Really not helpful. I have experience from business, government and military the latter two take IT security painfully serious. That does not automatically equal that they are safe. But they spend a lot of effort aiming to be safe. There is a tradeoff between protecting data and making it easy for the trusted users to work with data. You must find a level in this tradeoff that reduce risk and does not come in the way of work. There is no such thing as eliminating risk. Trying to eliminate risk will paralyze you and then you will get nothing done. Decide what risk level that is acceptable and note that this level may be different for different types of data that you have. The risk level may also vary not only on data type and data value but also on data aggregation; you want to protect the whole of the data more than the individual parts. The basics of IT security It is pretty simple really think of a PC as a piece of luggage on the airport. Sir did you pack this bag yourself? Have you watched over it all the time since you closed it? Can you assure there is nothing in here you received from others? When it comes to your laptop or the laptop you got from work you must say No! So your computer is not to be trusted. Period. This does not mean that there is anything wrong with it but we cannot be sure. It is easy to sell this kind of fear. When it comes to the servers for your company that are placed under lock and key patched and maintained by educated personnel we might say well we sure hope we did not receive anything we did not want. So your servers might be safe and they are easier to trust than user-pc s. IT departments will try to toughen your PC up. Again with the luggage metaphor they might make it solid making it impossible to store anything inside. Safer but you are not helped by a solid piece of luggage or a computer you cannot store anything in. And anything in between fully functional and solid is possible but they can only do so much and almost anything they do limits the degrees of freedom you have with the computer.

Part xx MDriven Turnkey 2 The IT department is most afraid that your computer contains Trojan software that infects others at work and increase the threat against the servers. Trojans can act as beach-heads inside your company from were hackers have a line of sight to your servers. Trojans may also be a nuance or even hold your computer for ransom but a professional attacking Trojan says nothing - it just steal your data for weeks or years. Once infected it is really hard to trust a complex IT environment again because there are so many places where the Trojans may hide during cleaning. The cleaning will be really expensive and this motivates high precautions to avoid infection. But this text will not deal with that kind of IT-security. I just had to state the facts to make sure we are on the same page. This text is how we should build systems in this corrosive and hostile environment in order to control the risk as we expose our data for authorized users. Building safer software systems The thing with building protected software systems is that part of the software will implement the lock that protects it. I will call the lock the AccessControlSystem. If the AccessControlSystem protects the data from being exposed to the wrong user then who protects the AccessControlSystem from being bypassed? This is the heart of the matter. Did someone tell you that your system is protected by the ActiveDirectory in your company? Wrong the ActiveDirectory may be the one handing out the keys to the lock but the system itself is responsible for implementing the lock. An AccessControlSystem is almost always part of the system itself (true for all nontrivial access control), just like the lock on your front door is mounted as a part of the door. So how do we protect the lock best? Let the lock stay on the server! This is the conclusion that most software architects has reached. Since the lock is a part of the system the system must stay on the server as well. I think that this is the main reason for moving away from rich fat clients on windows to typically a worse user experience with web-technology like MVC even for in-house systems. Another way to keep the system on the server is to use terminal server solutions. The important thing is that it is the AccessControlSystem that filters out the slice of data that we are ok with showing to an individual authenticated user. Filtering out means that you have a bigger volume to filter from a volume to reduce to a subset. It is this larger volume that the AccessControlSystem protects. If the AccessControlSystem is going to protect this volume and filter ok data from it then it must have access to the whole simple logic. Having stated these facts we have a clear view of our goal: deliver approved slices of data to authenticated users our users are not physically on the servers they are at their laptops. Sure MVC-web-approach does just this but as many have found the reduced user experience is not ideal for prolonged use in an office. Bulky postbacks and tendency to reduce the amount of data on a single screen to avoid lag often make web based systems click intensive filled with stressful waiting. To mitigate this many software architects has started to use ajax and javascript to build a richer user experience to replace the plain data presentation offered by MVC. When doing so they might start to hold data locally in the browser and ever so slightly they may start to lose track of our simple goal maybe implementing filtering in the browser maybe keeping data between screen navigations

Part xx MDriven Turnkey 3 maybe doing some work that really was part of the AccessControlSystem. But who really knows because it is really difficult to see what a software system actually does without high effort reviewing of actual code. How MDriven Turnkey does it every time To avoid the risk to muddle the definition of the AccessControlSystem but still offer a rich user experience MDriven Turnkey does 4 things: 1. Let the ViewModel define the slice of data we are ok with showing an authenticated user with authorization for a specific use case. The user cannot see more by definition in the framework 2. Let the ViewModel reduction of data from the complete model happen on the server and since each ViewModel is fully implemented with the declarative Object Contraints Language (OCL) you also have an exact an easily understood definition of the information subset it contains 3. Define the rules that build up the AccessControlSystems in the model declaratively with static verification and ability to make the rules depend on any data in your model 4. Stream the resulting slice of data and changes to it to a client to produce a rich client experience without slow roundtrips. Expose nothing else MDriven Turnkey comes with the AccessControlSystem already in place on the server you just need to define your keys depending on your rules based on your model. Even if you build a WPF, AngularJS or Android client the AccessControlSystem is on the server adhering to your rules. Since the platform has the AccessControlSystem built in the number of mistakes a developer can do are fewer. The verification of the rules can now be done statically in the model and we do not need to review code to detect tendencies of muddling the simple goal of ensuring information filtering is happening on the server only. MDriven Turnkey user authentication is done with standard OAuth2 allowing for implementations with optional social login or Single sign on (SSO) with OpenId. Multifactor authentication can easily be made part of your AccessControlSystem. All communication is done over SSL and if you have stronger crypto needs any tunnel can be used to protect traffic between user and server. We claim two important things: Building software systems with MDriven Turnkey will make them intrinsically safe meaning that even the lowest effort expose only what you intend to expose Using MDriven Turnkey will make your complete AccessControlSystem possible to inspect even for non-coders meaning that security officers can understand what risk level individual screens pose even in an evolving system

Part xx MDriven Turnkey 4 Both these properties are highly sought after for organizations striving to minimize risk of unwanted information leakage be it from coding mistakes, architectural mistakes, misinterpreted requirements or just plain laziness of either developers or reviewers. How the access control system is constructed in MDriven First we need oblige that the reasons for restricting access can be manifold. It may be as simple as to avoid confusing a user with too many options at the wrong time in the process or it may be as crucial as to protect highly secretive information getting in the wrong hands. Any practical Access control is probably based on static information as users belonging to group Fishermen should not have access to view Treasury, but also dynamic information as if a Fisherman has been granted payment but not collected it yet then he should be able to open the view Treasury. Another aspect is that we sometimes want to show that actions are available but not enabled to you in this particular moment. And at other times we do not even want to show you that a given action exist in the system. These are all common requirements when dealing with access control. Since MDriven solves all user interaction through ViewModels and Actions it is natural that these are our targets for Access Control. As further explained in part4 Actions we can set any expression in the Enable expression of an action so this is one way to make actions disabled. But if we have a rule that is the same for many actions we may consolidate the rule to an AccessGroup;

Part xx MDriven Turnkey 5 The accessgroups are good for the static rules like to check is the logged in user is part of the fisherman group: SysSingleton.oclSingleton.CurrentUser.SysRoles->exists(name= fisherman ) For actions we can set the Enable expression for more precision:

Part xx MDriven Turnkey 6 And we may also want to give the user a hint to why the action is disabled this abilityhas reduced the support requests a lot in all the projects we have done: For views we refine the access control per placed widget by setting the ReadOnly expression or/and the Visible expression: But in views we also have the possibility to work on the whole view:

Part xx MDriven Turnkey 7 Setting the Readonly expression on this level effects all the widgets in the view. Setting the access expression will control if the view is shown at all. If the view s Access expression evaluates to false the system will look for a ViewModel named AccessDenied and if found will show this instead. If no AccessDenied view is found then a blank screen will show. In order to allow for you to disable an action that would bring up a view that has an access expression that will evaluate to false given a certain root object you may check the result of the Access expression prior to bringing up the view. You do this with the ocl operator canaccess(vmname):bool. This enables you to disable actions that will end up showing AccessDenied. This also enables you to stop reports from being created based on a ViewModel and a rootobject that is not allowed based in the Access expression of the ViewModel. Working with the described levels of expression you will be able to tailor a perfect fit access control system that evaluates in the safe realm of your server. All the ocl rules use a few ocl-operators but mostly names from your model that probably is an ubiquitous language shared with the security officers of your domain. The transparency and fine grained control of this access control system is precisely what many organizations need in order to protect their information and still allow for a fast paced development.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback