Design Security Architecture

Security is one of the last aspects that needs to be considered for application design and consists of 3 main capabilities:

 

Authentication & Identification

Authentication and Identification ensures that a user can log into a system and verify that the person is really the person he/she pretends to be. This could be through a username and password verification, a provided token by third party (e.g. facebook) or a physical device presence (e.g. mobile phone, wristband etc.).

Authorization

In addition to knowing who the person, authorization is required for the application to determine the person’s access level to read, write and delete data in the application. This could be set at a very basic level or articulated more granular for certain persons or roles that can be assigned to people that provides them proper access to certain functionalities and data. 

Encryption

An extra level of security is data encryption, either storing data with a specific encryption key or sending data to another location in an encrypted way. A data encryption capability typically needs processing power and needs to be determined based on the security and protection needs and regulations.

To build these security controls, a security authentication and authorization component is required and a repository with people’s IDs  and authentication codes and authorization levels. In most cases these security mechanisms are already being used in a company for other applications and can be re-used any new applications. Good examples here are Microsoft Windows Domain Controller and Active Directory or LDAP Directory. In other cases, if not existent, the application can use a platform module to do authentication and authorization. To develop something from zero is not recommendable as this involves a building something on top of many security best practices and guidance. 

Perimeter

These security mechanisms mentioned above are to build application security within the application. There is another element that need to be considered from a security point of view and that is the perimetral security of the application (outside of the application) to avoid any outsiders trying to access the application through ways other than the authentication and authorization mechanism. If the application is exposed to outside world, typically the first server that has connects to the outside is located in a demilitarized zone (DMZ) that is limited with 2 firewalls. 

 

The first outside DMZ firewall filters any outside traffic to the connecting server (such as a http server) and allows only traffic from legitimate IP or MAC addresses and certain ports such as HTTP or HTTPS ports ,but not FTP or other ports. Then the outsider has permission to access the http server, and needs to pass another inside firewall. This inside firewall allows only traffic from the specific front-end http server (IP or MAC address) and a port (that is different than the outside port) and allows to connect to specific internal application or company servers. 

This allows that any outside hacker should never get access to the internal application servers if for some reason the first outside firewall breaks. Another outside application security control is to have on each of the application and database servers updated antivirus software running to avoid any underlying threats from the inside.