Instructors: - PowerPoint PPT Presentation

Loading...

PPT – Instructors: PowerPoint presentation | free to download - id: cda65-NWVmN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Instructors:

Description:

Cockpit. Display. System. Visual. Cueing. System. Motion. Cueing ... Cockpit. Controls. Instructor. Station. Users. Instructor. Example: WWW Client-Server Pair ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 53
Provided by: certcoordi
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Instructors:


1
95-750 Security Architecture and Analysis Fall
2001
Instructors Rick Linger 301-926-4858 Tom
Longstaff 412-268-7074 Nancy Mead 412-268-5756 CE
RT Coordination Center Software Engineering
Institute Carnegie Mellon University rlinger,
tal, nrm_at_sei.cmu.edu Schedule Wednesday
530-820 PM HBH 1003
2
Security Architecture Analysis Course Roadmap
Session 1 (Linger) What Methods for defining
and reasoning about system architectures. Why
The architecture level is cost-effective and
intellectually manageable for analysis and design
of system security and survivability
capabilities.
Architecture Definition Analysis
Session 2, 3a (Linger) What Survivability
analysis improves preservation of critical
mission capabilities. Why No amount of security
can guarantee that systems will not be
compromised essential services and assets must
be maintained.
Survivable Network Analysis
Sessions 4, 6, 7. 9, 11 (Longstaff) What
Analysis of vulnerabilities and methods for
improving system security. Why System security
can be improved by a variety of techniques at the
network, operating system, and application level.
Security Architectures
Session 13 (Linger) What Architecture
development with COTS components Why Most
security vulnerabilities are the result of poor
system development and acquisition practices.
From a security perspective, good practices and
management methods are critically important.
Architecture Development Management
  • Plus
  • Student team project in survivability analysis
    (Mead)
  • Guest lectures on special topics
  • Student presentations

3
Course Objectives
  • Understand how to reason about system
    architectures
  • Understand security strategies at the
    architecture level
  • Understand and apply survivability concepts
    and strategies
  • Understand impact of development life cycle
    practices and
  • management processes on security and
    survivability
  • Gain experience in summarizing and presenting
    material

4
Your presentations
  • Why is this important?
  • In the work environment you will be
    called upon to
  • Evaluate and articulate situations
  • Explain and defend your ideas
  • A presentation strategy
  • What is the problem?
  • What is the current state-of-practice?
  • What is the solution?
  • Am I explaining this well?
  • Can I summarize the article in one sentence?
  • What is the elevator conversation?
  • You are the teacher
  • Presentation target 15 minutes/cut off at 20
    minutes

5
  • Security Architecture and Analysis Session 1a
  • Concepts of System Architectures
  • Enterprise/Architecture Matchup
  • Architecture and the System Development Life
    Cycle
  • Architectural Styles and Properties
  • Architecture Representation
  • Architecture Impact of COTS Products
  • Architecture Trade-offs
  • Reuse and Product Line Architectures

6
Concepts of System Architectures
7
Concepts of System Architectures
8
Concepts of System Architectures
  • Architectures are comprised of components and
    connectors
  • Components (Computation)
  • Hardware
  • Workstations, servers, mainframes, printers,
    sensors, actuators,
  • Software
  • Operating systems, data base systems,
    middleware,
  • browsers, applications, utilities, firewalls, ...
  • Connectors (Communication)
  • Hardware
  • Communication links routers, switches, public
    telephone
  • network, leased lines, virtual private networks,
  • Software
  • Communication protocols TCP/IP, SNMP, HTTP, FTP
    , Linkage
  • conventions procedure calls, remote procedure
    calls, thread
  • initiation, ...

9
Concepts of System Architectures
  • Modern enterprise system architectures integrate
    computation and communication

Computation
Communication
  • Metcalfs Law
  • Speed and Cost
  • WAN
  • LAN
  • SAN
  • Moores Law
  • MIPS
  • Processing Costs
  • Storage Size and Costs
  • Main Memory
  • Secondary Storage

Enterprise SystemArchitectures
10
Concepts of System Architectures
  • Architecture properties
  • Functional properties
  • Must satisfy domain-specific functional
    requirements
  • and specifications
  • Non-functional properties (the ilities)
  • Must satisfy performance, availability,
    reliability, safety, security, survivability,
    maintainability, usability, manageability,
    properties
  • Architecture trade-offs
  • Properties can conflict
  • Trade-offs seek optimal combinations of
    properties
  • based on cost/benefit analysis

11
The Cost of Downtime
Concepts of System Architectures
Source Fibre Channel Association
12
Concepts of System Architectures
  • The Stages of Enterprise Information System
    Architectures
  • Batch 60s and 70s
  • SW enabler programming languages, job control
  • Business motivation automate clerical tasks
  • On-line transaction processing 80s
  • SW enabler networking, databases, transaction
    monitors
  • Business motivation automate the front office
  • Integrated systems 90s
  • SW enabler internet standards, middleware,
    components
  • Business motivation opening the business to the
    web
  • Web services 00s
  • A possible fourth in the near future
  • SW enabler standards for data and services,
    composability
  • Business motivation efficiency, reduce IT costs?

13
Example The Flameout Candle Company Existing
System
Enterprise/Architecture Matchup
Web Server
Static Documents
Order Processing
Delivery
File Transfer
File Transfer
RPC
Warehouse
Billing
Marketing and Customer data
File Transfer
EDI
Accounts
Suppliers
14
Initial thought - Amazon.com wannabe
Enterprise/Architecture Matchup
WebCommerce Server
Web Server
Static Documents
Order Processing
Delivery
File Transfer
File Transfer
RPC
Warehouse
Billing
Marketing and Customer data
File Transfer
EDI
Accounts
Suppliers
Source C. Britton, IT Architectures and
Midddleware, Addison-Wesley, 2000.
15
But What about ?
Enterprise/Architecture Matchup
WebCommerce Server
Web Server
Static Documents
Delivery information ?
Order Processing
Delivery
File Transfer
CollectingCustomerInformation ?
On-linePayment ?
File Transfer
RPC
Warehouse
Billing
Marketing and Customer data
File Transfer
EDI
Accounts
Suppliers
16
User issue What happened to my order ?
Enterprise/Architecture Matchup
WebCommerce Server
Web Server
Static Documents
Limbo
Order Processing
Delivery
File Transfer
Limbo
File Transfer
RPC
Warehouse
Billing
Marketing and Customer data
File Transfer
EDI
Accounts
Suppliers
17
User issue System lets me order products that
dont exist !
Enterprise/Architecture Matchup
WebCommerceServer
Web Server
Static Documents
Order Processing
Delivery
File Transfer
RPC
Warehouse
Billing
Marketing and Customer data
File Transfer
EDI
Accounts
Suppliers
18
User issue They keep sending my stuff to the
wrong address !
Enterprise/Architecture Matchup
WebCommerceServer
Web Server
Static Documents
Order Processing
Delivery
File Transfer
RPC
Warehouse
Billing
Marketing and Customer data
File Transfer
EDI
Accounts
Suppliers
19
and looking even further ahead
Enterprise/Architecture Matchup
Portals
WebCommerce Server
Voice Interface
WAP
Web Server
Static Documents
One-to-one Marketing
Order Processing
Delivery
File Transfer
B2B
File Transfer
RPC
Warehouse
Billing
Marketing and Customer data
File Transfer
EDI
Accounts
Suppliers
20
A better architecture for the Flameout enterprise
business model
Enterprise/Architecture Matchup
Customers Web Voice WAP Portals B2B
UI Presentation Layer
Ordering Delivery Marketing Billing Accounting War
ehousing
Business Logic Layer
Customers Orders Accounts Inventory Suppliers
Database Layer
21
Architecture and the System Development Life Cycle
Define concept of operations for the enterprise/
business mission and the system requirements
Requirements
Define required system external behavior
Specification
External behavior Software and data Hardware and
network
Define components and their connections
Architecture
Define component designs or acquire components
Design
Implementa- tion
Develop code
(Architecture is the right level for analysis and
design of security and survivability)
Exercise code against specifications
Testing
(Effective life cycle processes are incremental
and iterative)
Execute the business mission
Operations
22
Architectural Styles (Shaw and Garlan Common
Styles)
  • Dataflow systems
  • Batch sequential
  • Pipes and filters
  • Call-and-return systems
  • Main program and subroutine
  • OO systems
  • Hierarchical layers
  • Independent components
  • Communicating processes
  • Event systems
  • Virtual machines
  • Interpreters
  • Rule-based systems
  • Data-centered systems
  • Databases
  • Hypertext systems
  • Blackboards

23
Architectural Styles Why are They Important?
  • An architectural style conveys
  • A mental image of a system
  • A structural template for components and
    connections
  • A set of behaviors
  • A set of constraints
  • An architectural style can be instantiated in
    a variety of contexts

24
Architectural Styles
  • To understand any architecture, it is critical to
    know
  • For every component
  • Who are its users? (people and/or other
    components)
  • What do its users expect?
  • What are its inputs?
  • Where do they come from?
  • What are its outputs?
  • Where do they go to?
  • What is its transition function?
  • What software does it run?
  • What does it do to its inputs to produce its
    outputs?
  • For every communication link
  • What traffic does it carry?
  • What is the volume of traffic?
  • What is the distribution of traffic?

25
Architectural Styles
Example A Data Management System Style
Pipeline, pipes and filters, batch sequential,
data flow
Users
Source data
Report
Validate
Sort
Update
Report
26
Architectural Styles
Example A compiler Style Pipeline, pipes and
filters, batch sequential, data flow
Users
Source code
Object code
Lexical Analysis
Semantic Analysis
Code Generation
Parsing
Severe Error Handling
27
Architectural Styles
Example An Aircraft Avionics System Style Bus,
message passing
Pilot
Users
Flight Management Computer
Engine Management Computer
Display Management Computer
Navigation Computer
Bus
...
...
Sensor Input
Data Link I/O
Navigation/ GPS Input
Actuator Output
...
...
...
28
Architectural Styles
Example Software Tools System Style
Data-centric, blackboard
Users
Users
Tool 1
Tool 2
Tool 3
Users
Blackboard (project dictionary and artifacts)
Users
Tool 8
Tool 4
Users
Users
Tool 5
Tool 7
Tool 6
Users
Users
29
Architectural Styles
Example Automobile Cruise Control Style
Control, feedback
Users
Active/inactive toggle
Controller
Driver
Wheels
Engine
Desired speed
Wheel speed
Sensor
30
Architectural Styles
Example Aircraft Flight Simulator Style
Control, feedback
Users
Cockpit Display System
Aircraft Dynamic Model
Visual Cueing System
Cockpit Controls
Crew
Motion Cueing System
Environment Dynamic Model
Audio Cueing System
Instructor Station
Instructor
31
Architectural Styles
Example WWW Client-Server Pair Style Layered
File Server
Users
Users
External Viewer
Common Gateway Interface
Users
WWW client
Presentation Manager
UI Manager
WWW server
Path Resolver
Access Manager
Cache Manager
Protocol Manager
HTTP Server
Access Control
HTTP
Stream Manager
Stream Manager
32
Architectural Styles
Example A heterogeneous network (the
Internet) Style All possible subarchitectures,
network topology unknown and unknowable, dynamic
changes
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
33
Architectural Styles
Example A Bank ATM System Style Hierarchical,
client server, layered
Users
Domain/Enterprise Logic/ Data Layer
Mainframe
Users
...
Infrastructure/ Communications Layer
Server
Server
...
Server
Presentation/User Interface Layer
ATM
ATM
ATM
ATM
...
ATM
ATM
ATM
ATM
...
ATM
ATM
ATM
ATM
...
Users
34
Architectural Styles
Example A Bank ATM System Style Hierarchical,
client server, layered, with redundant components
Mainframe
Mainframe
Users
...
Server
Server
Server
Server
Server
...
Server
ATM
ATM
ATM
ATM
...
ATM
ATM
ATM
ATM
...
ATM
ATM
ATM
ATM
...
Users
35
Architectural Styles
Gartners Two-Tier and Multi-Tier Enterprise
Architectures
Plump Client Two Tiers
Fat Client Two Tiers
Thin Client Multi-tier
Ultra-Thin Client Multi-tier
Presentation Business Rules Data Access
Presentation Business Rules
Presentation
Browser
Desktop
Business Rules Data Access
Business Rules Data Access
DBMS
Data Access DBMS
Server(s)
DBMS
DBMS
36
Architectural Styles
Putting two nodes together Lots to consider
Users
Users
1) The communications link 2) The protocol
3) Software and applications 4) The API 5) A
common format for data
6) Security 7) Administration 8) Configuration
management
37
Architecture Representation
  • Informal diagrams
  • Boxes and arrows
  • Good for quick, high-level communication
  • Implied semantics
  • Abstract out details (that are important to
    understanding)
  • Ineffective as design basis
  • Architecture languages
  • Well-defined semantics and syntax
  • Generally difficult to use
  • Effective as design basis
  • Essential where stakes are high
  • Examples Wright (CMU), Z (University of Oxford)
  • Advice
  • You will see thousands of box and arrow diagrams
    in your
  • professional careers. Treat them as useful, but
    also as artists conceptions that lack important
    information.

38
Architecture Impact of COTS (Commercial Off The
Shelf) Products
  • Long history
  • Started with environment support
  • Operating systems, data bases, language
    processors,
  • Moving up the food chain
  • Specialized applications, middleware, network
    services, ...
  • Most architectures today are assembled from
    COTS products
  • Domain-specific vendors
  • Bend business processes to match software
    capabilities
  • Glue code ties incompatible products together
  • COTS characteristics
  • Ties your system capability and evolution to
    vendors
  • Cost savings possible, but risks must be managed
  • Functionality and security are what vendor says
    they are
  • Actual capabilities may differ
  • Source code usually not available
  • Knowledge of quality and reliability difficult
    to acquire
  • Acceptance testing and configuration management
    are critical

39
Reuse and Product Line Architectures
  • Reuse
  • Objective
  • Make new use of existing components in new
    environments
  • Motivation
  • Avoid cost of new development
  • Leverage previous investments
  • Problems
  • Cost of generalizing components for potential
    reuse
  • Architectural mismatch in reuse
  • Product Line Architectures
  • Objective
  • Generalize architectures and components for
    future variations
  • Motivation
  • Reduce costs of subsequent product development
  • Problems
  • How should generalization be done?
  • Will future product variations come to fruition?

40
A Bank ATM System 10 Minute Exercise
  • For a server node, define
  • its users
  • inputs and their source
  • outputs and their destination
  • (Make up your answers based on personal
    knowledge. 90 of system development is making
    sure nothing is left out!)

Domain/Enterprise Logic/ Data Layer
Mainframe
Users
Infrastructure/ Communications Layer
Server
Server
...
Server
...
Presentation/User Interface Layer
ATM
ATM
ATM
ATM
...
ATM
ATM
ATM
ATM
...
ATM
ATM
ATM
ATM
...
Users
41
A Bank ATM System 10 Minute Exercise
Users
Outputs
Source
Inputs
Dest.
42
An Architecture Framework
SYSTEM ARCHITECTURE
System Environment enterprise architecture,
business models, system usage and evolution
43
An Architecture Framework
SYSTEM ARCHITECTURE
System Environment enterprise architecture,
business models, system usage and evolution
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
44
An Architecture Framework
SYSTEM ARCHITECTURE
System Environment enterprise architecture,
business models, system usage and evolution
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
45
An Architecture Framework
SYSTEM ARCHITECTURE
System Environment enterprise architecture,
business models, system usage and evolution
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
46
An Architecture Framework
SYSTEM ARCHITECTURE
System Environment enterprise architecture,
business models, system usage and evolution
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
Hardware and Network View (Physical
Infrastructure) Computing hardware servers,
mainframes, PCs,mass storage, Networks, wired
wireless media, devices, topology, protocols
47
An Architecture Framework
SYSTEM ARCHITECTURE
Architecture Fundamentals Architecture role and
life cycle Architecture representation and
reasoning Architecture processes and work
products Architecture analysis and
design Architecture modeling and validation
Architecture patterns and properties COTS
evaluation and integration
System Environment enterprise architecture,
business models, system usage and evolution
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
Ability to Develop
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
Hardware and Network View (Physical
Infrastructure) Computing hardware servers,
mainframes, PCs,mass storage, Networks, wired
wireless media, devices, topology, protocols
48
An Architecture Framework
SYSTEM ARCHITECTURE
Architecture Fundamentals Architecture role and
life cycle Architecture representation and
reasoning Architecture processes and work
products Architecture analysis and
design Architecture modeling and validation
Architecture patterns and properties COTS
evaluation and integration
System Environment enterprise architecture,
business models, system usage and evolution
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
Ability to Develop
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Architecture Best Practices Enterprise modeling
and requirements specification Application
analysis and design Data analysis and
design System integration Network analysis and
design Incremental system development
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
Processes for Developing
Hardware and Network View (Physical
Infrastructure) Computing hardware servers,
mainframes, PCs,mass storage, Networks, wired
wireless media, devices, topology, protocols
49
An Architecture Framework
SYSTEM ARCHITECTURE
Architecture Fundamentals Architecture role and
life cycle Architecture representation and
reasoning Architecture processes and work
products Architecture analysis and
design Architecture modeling and validation
Architecture patterns and properties COTS
evaluation and integration
System Environment enterprise architecture,
business models, system usage and evolution
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
Ability to Develop
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Architecture Best Practices Enterprise modeling
and requirements specification Application
analysis and design Data analysis and
design System integration Network analysis and
design Incremental system development
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
Processes for Developing
Hardware and Network View (Physical
Infrastructure) Computing hardware servers,
mainframes, PCs,mass storage, Networks, wired
wireless media, devices, topology, protocols
Client Environment Client relations, people, and
culture Enterprise architectures, business
models, workflows, legacy systems Functional,
non-functional, usage requirements and
constraints
Goals for Developing
50
An Architecture Framework
SYSTEM ARCHITECTURE
Architecture Fundamentals Architecture role and
life cycle Architecture representation and
reasoning Architecture processes and work
products Architecture analysis and
design Architecture modeling and validation
Architecture patterns and properties COTS
evaluation and integration
Marketplace Environment Partners and alliances
COTS and component products Service and
consultation offerings User groups and standards
System Environment enterprise architecture,
business models, system usage and evolution
Parts for Developing
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
Ability to Develop
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Architecture Best Practices Enterprise modeling
and requirements specification Application
analysis and design Data analysis and
design System integration Network analysis and
design Incremental system development
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
Processes for Developing
Hardware and Network View (Physical
Infrastructure) Computing hardware servers,
mainframes, PCs,mass storage, Networks, wired
wireless media, devices, topology, protocols
Client Environment Client relations, people, and
culture Enterprise architectures, business
models, workflows, legacy systems Functional,
non-functional, usage requirements and
constraints
Goals for Developing
51
An Architecture Framework
SYSTEM ARCHITECTURE
Architecture Fundamentals Architecture role and
life cycle Architecture representation and
reasoning Architecture processes and work
products Architecture analysis and
design Architecture modeling and validation
Architecture patterns and properties COTS
evaluation and integration
Marketplace Environment Partners and alliances
COTS and component products Service and
consultation offerings User groups and standards
System Environment enterprise architecture,
business models, system usage and evolution
Parts for Developing
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
Ability to Develop
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Domain Architectures EAI architectures E-commerce
architectures Directory architectures System
management architectures Middleware
architectures Industry standard architectures
Framework for Developing
Architecture Best Practices Enterprise modeling
and requirements specification Application
analysis and design Data analysis and
design System integration Network analysis and
design Incremental system development
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
Processes for Developing
Hardware and Network View (Physical
Infrastructure) Computing hardware servers,
mainframes, PCs,mass storage, Networks, wired
wireless media, devices, topology, protocols
Client Environment Client relations, people, and
culture Enterprise architectures, business
models, workflows, legacy systems Functional,
non-functional, usage requirements and
constraints
Goals for Developing
52
An Architecture Framework
SYSTEM ARCHITECTURE
Architecture Fundamentals Architecture role and
life cycle Architecture representation and
reasoning Architecture processes and work
products Architecture analysis and
design Architecture modeling and validation
Architecture patterns and properties COTS
evaluation and integration
Marketplace Environment Partners and alliances
COTS and component products Service and
consultation offerings User groups and standards
System Environment enterprise architecture,
business models, system usage and evolution
Parts for Developing
System Requirements function, and properties of
reliability, performance, scalability, security,
usability, cost,
Ability to Develop
External Behavior View (System Specification) Use
r tasks and workflows Function and
information Stimulus/response behavior
Domain Architectures EAI architectures E-commerce
architectures Directory architectures System
management architectures Middleware
architectures Industry standard architectures
Framework for Developing
Architecture Best Practices Enterprise modeling
and requirements specification Application
analysis and design Data analysis and
design System integration Network analysis and
design Incremental system development
Data and Software View (Logical
Infrastructure) Middleware and
applications Databases and storage systems
Operating systems
Processes for Developing
Enabling Technologies Computing comm.
components Microsoft technologies JAVA
technologies Web technologies XML
technologies Security technologies Architecture
patterns Development methods and tools
Tools for Developing
Hardware and Network View (Physical
Infrastructure) Computing hardware servers,
mainframes, PCs,mass storage, Networks, wired
wireless media, devices, topology, protocols
Client Environment Client relations, people, and
culture Enterprise architectures, business
models, workflows, legacy systems Functional,
non-functional, usage requirements and
constraints
Goals for Developing
About PowerShow.com