Software Secure Architecture and Design

$10-30 USD

Cerrado

Publicado

hace 6 meses

$10-30 USD

Pagado a la entrega

Architecture overview, how the system interaction with external systems puts it at risk. Variation of the boundaries of the system vary from deployment In your opinion, are there locations in the architecture where too many assets reside? Analysis of your threat Model. More explanation about boundaries of the system. The purpose of this deliverable is to come up with the architecture and design of your product Your deliverable must include: ● Architecture Overview. Describe the architecture of the system. Please answer the following questions: o What are the subsystems? What does each subsystem do? o Are there subsystems that are expressly security features? (e.g. encryption, authentication) Describe these in more depth. o Consider the cost of developer mistakes in terms of subsystems. For example "if a developer makes a mistake in this subsystem, what happens?" o Do some subsystems appear to be more susceptible to code-level vulnerabilities? o Do you see security built into system at this architectural level? (e.g. distrustful decomposition) o How might compromising one subsystem affect the security (integrity, reliability, etc.) of the others or of the system as a whole? o How does the system interaction with external systems put it at risk? o Consider how the architecture might change over time. ● Threat Model. Build a threat model diagram and conduct an analysis using the Microsoft tool. Write up your analysis. o What are the machine boundaries of the system? Does this vary from deployment to deployment? o What are the trust boundaries of the system? Are there any trust boundaries more important than others? Please make this diagram legible - I would rather you show the riskiest parts of the threat model than enumerate every possibility. As a guide, threat models get pretty confusing after about 12 primitives per diagram. If you feel your diagram must be more complex, feel free to break it up into multiple diagrams. ● Assets to Threat Model Tracing Provide a mapping from your assets in deliverable 1 to the elements in your threat model. Discuss this mapping: o Does the location in the architecture affect the p(exploit) of an asset? Why or why not? o Are there locations in the architecture where no assets reside? Did you miss any assets there? o In your opinion, are there locations in the architecture where too many assets reside? ● Detailed Design show class diagrams of your detailed design. Please show and discuss any secure design pattern, guideline, principle that you built in your design.

Computer Security

Software Architecture

Web Security

Software Development

ID del proyecto: 37501387

Información sobre el proyecto

6 propuestas

Proyecto remoto

Activo hace 4 meses

¿Buscas ganar dinero?

Dirección de email

Beneficios de presentar ofertas en Freelancer

Fija tu plazo y presupuesto

Cobra por tu trabajo

Describe tu propuesta

Es gratis registrarse y presentar ofertas en los trabajos

6 freelancers están ofertando un promedio de $49 USD por este trabajo

@ExpertNetworkEng

Hello Dear, I am an Expert Network Engineer and I am working as Professor and Expert Consultant Network Engineer in a Multinational ISP. I have great hands-on experience for more than 10 years in various network technologies. I have Cisco CCIE Enterprise , CCIE DataCenter and Cisco Specialist - Enterprise SD-WAN Implementation and Juniper JNCIA-Junos (JN0-102) and JNCIA (Cloud) certificates. I have very good knowledge in Cisco wireless technology, VOIP & Network Security. My specialties: - Design/implement medium and large scale enterprise networks. - Configure Cisco Routers (ASR 1K & 9k, 2900, 2800, ISR 4K, 878, 888), Switches (Cat 6500, 3750, 3850, 2900, 2960, SG- 300, SG-500, [Nexus 5K, 7K and 9K]), Firewalls ([ASA 5505, 5506x, 5508], Fortigate, Palo Alto) and Wireless Acess Points 1800 and 2700. - Configure Juniper Routers (M7, M10, MX 480, MX 960) and SRX (300, 500). - Huawei, Mikrotik, HP & Ubiquiti devices Expert. - Packet Tracer, GNS-3, EVE-NG, VMWare workstation & VirtualBox Expert. - Routing protocols (RIP, OSPF, EIGRP, ISIS & BGP) Configuration and troubleshooting Expert and Switching Expert (VLANs, STP, VTP...). - VPN Configuration Expert (IPSEC/L2TP, GRE/PPTP, OPENVPN & SoftEther). - Linux, Unix & windows servers Expert. - Wireshark Traffic Capture & Analysis Expert. - Write technical reports and summaries. Thanks to check my profile and let me know if you are interested. Best Regards,

$20 USD en 1 día

4,7

(90 comentarios)

5,8

@ahmed4499

Hello sir I am computer engineer and I have master degree in cryptography so may I can help you thanks

$100 USD en 7 días

5,0

(23 comentarios)

5,2

@rainbow

I am a software architecture designer I can work on projects of Software Secure Architecture and Design PLease share details of work

$20 USD en 7 días

4,1

(32 comentarios)

5,3

@waltawil

Hello, I worked in the banking field for more than 25 years covering security for 15 years, I am certified ( CISSP - CISA - CEH - ecppt - IBM analyst i2 - SANS 504 & 503 ) I worked in developing many standards and I think I can help to get the job done successfully.

$30 USD en 7 días

5,0

(3 comentarios)

2,9

@varadharajanmano

Greetings! This is Varadharajan. I assure you that I have carefully considered all the necessary components for this project and have taken the appropriate measures to address any potential risks. I have provided a detailed architecture overview that includes each subsystem's purpose and potential vulnerabilities, with a focus on security features such as encryption and authentication. I have also assessed the cost of developer mistakes and analyzed the system's susceptibility to code-level vulnerabilities. In terms of the threat model, I have built a comprehensive diagram using the Microsoft tool and conducted an analysis of the machine and trust boundaries within the system. I have provided a mapping of all assets to the elements in the threat model, considering how the architecture's variations may affect the p(exploit) of each asset. Throughout the detailed design, I have incorporated various secure design patterns, guidelines, and principles to ensure the product's overall security and reliability. I have included class diagrams to illustrate how these design elements fit into the overall architecture. Overall, I am confident that my approach to this project has accounted for all aspects of the architecture and design, with a special focus on security and threat modeling. Should you have any concerns or questions, I remain at your service and am happy to address them at any time. Glad to collaborate with you!

$99 USD en 15 días

0,0

(0 comentarios)

0,0

@solarisshiva

As a Certified Information Systems Security Professional (CISSP) with an extensive background in security architecture, I bring a wealth of knowledge and skills to the table, making me the ideal candidate for your project. My proven track record in delivering secure software architecture revolves around a comprehensive approach that encompasses threat modeling, rigorous security assurance, and precise definition of security requirements. My whands-on experience in security architecture spans across diverse projects, where I've successfully implemented robust security measures to safeguard systems from potential threats. In the realm of threat modeling, I excel in identifying and assessing potential risks, ensuring that the software architecture is fortified against various vulnerabilities. Moreover, my expertise extends to the articulate definition of security requirements, ensuring that every facet of the software architecture aligns with industry best practices and compliance standards. By entrusting this project to me, you're not just getting a security professional; you're gaining a partner dedicated to designing a system that prioritizes security at every phase, ultimately delivering a solution that stands resilient against evolving cyber threats.

$25 USD en 7 días