There are security fundamentals that apply to any system architecture. When securing an information system, there are three primary security objectives, confidentiality, integrity and availability.
Confidentiality ensures that information remains private by only allowing authorized users to access it.
Integrity ensures that information can be trusted because it has not been tampered with.
Availability ensures that systems are accessible and can make information available to authorized users when they need it.
To achieve these goals, security strategies and controls are selected and applied to a systems architecture to the extent they are required. Access control is one security technique applied to protect sensitive resources. If you’ve ever taken a flight, you’ve experienced two key components of access control, authentication and authorization. To board a flight, you must authenticate or prove your identity by showing your ID at the security gate. Next, you show your boarding pass to prove you’re authorized to be on the flight. Only after completing these two steps will you be granted access to the airplane.
When securing information systems, authentication is an important security control because it establishes a user’s identity which is necessary to make an access decision. Systems may need to authenticate both human users and other systems, which is accomplished through the exchange of something you know such as a password or something you have such as a token. Highly sensitive systems may apply additional security measures like multi-factor authentication that combines several authentication methods such as a password and a one-time pin. Once identity is established, a system uses the authorization process to control access to resources based upon a user’s privileges. Privileges are used to determine if users should be granted access to the resources they requested.
Modern authorization protocols such as OAuth permit access privileges to be delegated by a resource owner to third parties, allowing the third party to access resources on behalf of a user. Trust is another very important security concept because it determines to what extent something is believed to be true. Systems must frequently decide whether to trust various pieces of information such as a user’s identity, access privileges, tokens and transactional business data. This determination is made based upon factors such as the source of the data, it’s age and the integrity checks it is undergone.
Additionally trust domains can cause one segment of a system to trust a piece of information. However, if that data crosses a trust boundary to another segment of the system, it is no longer trusted.
A system’s attack surface comprises all of the paths that can be used to get data into or out of an application. A systems user interface, open ports, API, and database can all present opportunities for an attacker to compromise a system. So they are considered part of the attack surface.
Reducing and hardening the attack surface is an effective strategy to enhance a system security. These security goals and concepts are universal to any architecture. Most of the strategies used to secure a monolith need to be re-engineered to secure a distributed system.