Software Architecture, Code, and Information Security

Information security is tightly linked with the code running on platforms and decisions made during the software architecture planning phase. One can trace a lot of results in penetration tests to workarounds caused by inadequate tools, bad design choices, trends in software development, legacy applications, and too optimistic testing strategies. Let’s visit some of the accident sites by example.

Implementing the basic principles of information security can be hard. The dreaded undefined behaviour or the lack of graceful failures in error conditions happens frequently. A recent presentation about autonomous systems illustrates what we expected from your code — it must be completely self-reliant. Doing n restarts and halting is not the best way of dealing with unexpected situations. Rejecting dangerous states and input is always an option, but sysadmins frequently need to bash applications over the head in order to restore a known operational state. Your code also needs to know the odd parts of your platform. Have a look at the source code of databases and read about the simple operation of writing data to non-volatile storage. Do a full-text search of sync in the PostgresSQL source code and read the comments. Saving data is not necessarily a problem solved on some platforms.

Despite the strict rule in software development of not reusing code, concepts are often reinvented and disguised with alternative names. Modern application stacks feature many levels of isolation, but not all of them are…