Continuing pre-reqs part 2
This commit is contained in:
paul
@@ -32,12 +32,18 @@ How will this software communicate between components in the project and externa
|
||||
|
||||
Protocols are vital here as they will help determine how secure communications between programs or across networks will be. You'll want to pick something that either has encryption by default or can be easily added. Authentication is also a must. Some protocols or services have built in authentication methods, while others will need to be worked into the initial connection. These things need to be thought about ahead of time before diving in.
|
||||
|
||||
The data structure is very important as well since all components need to agree on what to look for. See
|
||||
The data structure is critical to have coordinated between each piece involved. See [section](#data-design) for more detail.
|
||||
|
||||
## Major Classes
|
||||
|
||||
Creating a skeleton of all the major classes will go a long way to ensuring good design, which in turn helps with keeping the project secure. By creating the skeleton it becomes more obvious what is missing and where each component will live. By having an experienced engineer design and build the skeleton, it also becomes easier to have junior devs take over the actual implementation.
|
||||
|
||||
## Data Design
|
||||
|
||||
The way the data is designed can have a major impact on security. There are different types of data to consider when designing a secure system. Any data that is considered sensitive, such as PII, should be encrypted both at rest and in transit. Any data that should not be able to be altered by a user should probably also be encrypted both at rest and in transit.
|
||||
|
||||
Really all data should be encrypted in transit to reduce the possibility of man-in-the-middle reading or altering the content.
|
||||
|
||||
## User Interface
|
||||
|
||||
## Error Processing and Logging
|
||||
|
||||
Reference in New Issue
Block a user