Skip to content

Summary

Summary · Chapter 11

  • The CIA triad — confidentiality, integrity, availability — frames information security. Security is about tradeoffs: balance these goals and don’t wreck usability or availability.
  • There are no silver bullets; rely on proven principles and practices.
  • Threat modeling identifies, categorizes (STRIDE), prioritizes (DREAD), and responds to threats.
  • Secure by design builds security in from the start.
  • Cryptography (encryption, hashing) and IAM are core technical tools.
  • Web architects must track the latest web application security risks and their mitigations.

Chapter 12 covers documenting and reviewing software architectures — using UML to model architecture views and proven methods for reviewing architectural decisions against requirements.

  • Software Architect’s Handbook (Packt, 2018), Ch.11 “Summary”, pp. 905-905.