Secure by Design
Dan Bergh Johnsson, Daniel Deogun, Daniel Sawano
  • MEAP began January 2017
  • Publication in October 2017 (estimated)
  • ISBN 9781617294358
  • 375 pages (estimated)
  • printed in black & white

As a developer, you need to build software in a secure way. But you can't spend all your time focusing on security. The answer is to use good design principles, tools, and mindsets that make security an implicit result - it's secure by design. Then secure-by-design becomes a guiding principle in how you build your software, from code to architecture. This begins by understanding designs and patterns that promote security so they become easy to apply in your day-to-day work. This way, you end up with securely-built software that avoids a majority of the most common security vulnerabilities. And best of all, it liberates your mind from security and lets you focus on developing features.

Secure by Design teaches developers how to use design to drive security in software development. This book is full of patterns, best practices, and mindsets that you can directly apply to your real world development. You'll also learn to spot weaknesses in legacy code and how to address them. You'll start by gaining an understanding of security as a vital concern and not simply a feature, and how good design promotes security. A real-life case study shows how shallow design caused a severe loss of money. Then you'll dive into practical ways of designing your code to avoid security flaws. You'll see how to use concrete code constructs that have profound effect on security - for example, immutability, validation, domain primitives, and error handling. Additional topics include how to secure your design through tests, using your delivery pipeline, how to do integration between systems, and how insights from cloud thinking support security. The final part of the book compares different architectures from a security perspective and puts concepts from previous chapters to work. In particular, you'll learn what to do in a legacy codebase, how to handle a monolith, and what to do when building a microservice architecture.

Table of Contents detailed table of contents

Part 1: Introduction

1. Why design matters for security

1.1. Security is a concern, not a feature

1.1.1. The robbery of #214;st-Götha Bank 1854

1.1.2. Security features and security concerns

1.2. Defining design

1.2.1. What is design?

1.3. The traditional approach to software security

1.3.1. The shortcomings of the traditional approach

1.4. Driving security through design

1.4.1. Making the User secure by design

1.4.2. The advantages of the design approach

1.4.3. Staying eclectic

1.5. Dealing with strings, XML, and a billion laughs

1.5.1. Internal XML entities in a nutshell

1.5.2. The Billion Laughs attack

1.5.3. Configuring the XML parser

1.5.4. Applying a design mindset

1.5.5. Achieving security in depth

1.6. Summary

2. Intermission: The Anti-Hamlet

2.1. Online book store with business integrity issues

2.1.1. The inner workings of the accounts receivable ledger

2.1.2. How the inventory system tracks books in the store

2.1.3. Shipping of anti-books

2.1.4. Systems living the same lie

2.1.5. A do-it-yourself discount voucher

2.2. Shallow modeling

2.2.1. How shallow models emerge

2.2.2. Implicit concepts, and the dangers thereof

2.3. Deep modeling

2.3.1. How deep models emerge

2.3.2. Make the implicit explicit

2.4. Summary

Part 2: Fundamentals

3. Core concepts of Domain-Driven Design

3.1. Models as a tool for deeper insight

3.1.1. Models are simplifications

3.1.2. Models are strict

3.1.3. Models capture deep understanding

3.1.4. Making a model means choosing one

3.1.5. The model forms the ubiquitous language

3.2. Building blocks for your model

3.2.1. Entities

3.2.2. Value objects

3.2.3. Aggregates

3.3. Bounded contexts

3.3.1. Semantics of the ubiquitous language

3.3.2. The relationship between language, model, and bounded context

3.3.3. Identifying the bounded context

3.4. Interactions between contexts

3.4.1. Sharing a model in two contexts

3.4.2. Drawing a context map

3.5. Summary

4. Code constructs promoting security

4.1. Immutability

4.1.1. An ordinary webshop

4.2. Validation

4.2.1. Checking origin of data

4.2.2. Checking size of data

4.2.3. Checking lexical content of data

4.2.4. Checking syntax of data

4.2.5. Checking semantics of data

4.3. Domain primitives and invariants

4.3.1. Domain primitives as the smallest building blocks

4.3.2. Context boundaries define meaning

4.3.3. Building your domain primitive library

4.3.4. Hardening your APIs by using your domain primitive library

4.4. Read-once objects

4.4.1. Detecting unintentional use

4.4.2. Avoiding leaks caused by evolving code

4.5. Summary

5. Securing mutable state

6. Leveraging your delivery pipeline for security

7. Handling failures in a secure way??

8. Case-study: Insurance policy for free

9. Integrating system of systems with security in mind??

10. Benefits from cloud thinking

Part 3: Applying the Fundamentals

11. Getting a fresh start in a legacy codebase??

12. The subtle issues in a pretty monolith

13. Getting microservices right for security??

14. A final word: don’t forget about security??

What's inside

  • Using good design to create secure software
  • Applying design concepts in real-world cases
  • Spotting hidden security problems
  • Assessing security by identifying design patterns
  • Understanding benefits and limitations of secure‐by‐design
  • Securing legacy, monoliths, and microservice architectures

About the reader

Readers should have some experience in Java, C#/.NET, or similar language.

About the authors

Dan Bergh Johnsson, Daniel Deogun, and Daniel Sawano have collectively been working with security and development for several decades. They are developers at heart and understand that security is often a side-concern. They have also evolved work habits that enable them to develop systems in a way that promotes security, while focusing on high-quality design habits - something that is easier for developers to keep in mind during their daily work. All three are established international speakers and often present at conferences on topics regarding high-quality development as well as security.

Manning Early Access Program (MEAP) Read chapters as they are written, get the finished eBook as soon as it’s ready, and receive the pBook long before it's in bookstores.
Buy
MEAP combo $49.99 pBook + eBook + liveBook
MEAP eBook $39.99 pdf + ePub + kindle + liveBook

FREE domestic shipping on three or more pBooks