An effort to establish a Secure Software Design
Fighting fire in software systems
- Prevention: In most of the cases, this technique is feasible along with one of the techniques used for it is called sandboxing. Sandboxing is an application which is initially executed to determine its consequence and is second time run to for the actual purpose. However, it requires processing power along with memory space.
- Avoidance: As the name corresponds, avoidance indicates that we protect our system from getting attacked from malicious attacks. Coding in a defensive manner is one way of going about avoidance. Limiting the points of entry and restricting access into the system is one way of going for avoidance.
- Detection: One way of carrying out detection is by handling an exception in code. When a computer is attacked, it is not able to carry out its functions properly. This clearly implies that something is wrong in the system. Checkpoints in code can be used for this purpose.
- Recovery: Here the focus is not on stopping or preventing the attack, instead on recovering from its effects. An example of this type of response is to ‘roll back’ the system to where it was before the attack occurred and the system was in good working order. But this is not failsafe, as an effective attack will disable the system from using this option.
- According to various practitioners, the most cost effective option here is avoidance. Prevention is not considered as an ideal option for the reason that it utilizes extra resources. Likewise, recovery and detection are reactive approaches instead of being proactive ones. Therefore, avoidance is considered as the most cost-effective option among the four.
Security Flaws which cannot be prevented by Cryptography
Below are two samples of security defects which cryptography can’t forestall. There are two approaches to split scrambled information. One is to discover an opening and utilization it to break the figure. The other path is to figure the right key code. Since it is a huge number it is extremely hard to get it to break the encryption. As computers are becoming more and more powerful, it is becoming practical to do so. Another sample is that cryptography secures just what it is intended to ensure. Case in point, when clients send their charge card information over the net, the exchange is ensured by a blend encryption. But once it is received, someone can download the transferred data. Both can be prevented by making the encryption as complex as possible. This will ensure that the code is as difficult as possible to be figured out.
Click Order Now link to buy a custom written term paper on similar topic