Here is a draft of our Cloud Security Frame as part of our early exploration work for our patterns & practices Cloud Security Project. It’s a lens for looking at Cloud Security. The frame is simply a collection of Hot Spots. Each Hot Spot represents an actionable category for information. Using Hot Spots, you can quickly find pain and opportunities, or key decision points.

Security Hot Spots are a lens for security. If you know what you’re looking for, you can find it. When you don’t know what you’re looking for, you can waste a lot of time. The Hot Spots provide a way to find, organize and share software security knowledge. You can use hot spots to share principles, patterns, and practices. You can also use hot spots to share knowledge around threats, attacks, vulnerabilities, and countermeasures.

Rather than deal with a laundry list of information, use hot spots to focus your attention on key categories. The Hot Spots are actionable and they are high ROI. The Hot Spots helps you simplify, clarify and gain insight before you elaborate, maximize and optimize.

Photo by CarbonNYC
If it’s not broken, then don’t fix it …
The problem is, you may have an approach that isn’t working, or it’s not as efficient as it could be, but you may not even know it.  Let’s take a quick look at some broken approaches and get to the bottom of why they fail.  If you understand why they fail, you can then take a look at your own approach and see what, if anything, you need to change.  The more prevalent broken approaches include:
The Bolt on Approach

The Do …

While working on patterns & practices Security guidance, I pushed the idea of “Visual Threats and Countermeasures.”  I wanted a simple way to show customers how to quickly whiteboard their application and find issues.  It was very effective for finding hot spots and drilling in. I added some examples of our visual threats and countermeasures on Guidance Share.

I found an organizing frame for quality attributes (security, performance, … etc.) on SoftwareArchitectures.com and I think it’s helpful.  They organize quality attributes by the following:

Runtime system qualities
Non-runtime system qualities
Business qualities
Architecture qualities
Domain specific qualities.

Quality Attribute Frame
This table shows an example of some quality attributes organized by the Quality Attribute Frame

My Related Posts

Quality Attribute List

When thinking about quality, I tend to draw from the following quality attributes:

Availability
Buildability
Conceptual Integrity
Evolvability
Extensibility
Functionality
Implementation Transparency
Integrability
Interoperability
Maintainability
Performance
Portability
Reliability
Reusability
Scalability
Security
Serviceability
Subsetability
Supportability
Testability
Usability

Having a frame of reference for how to think about security helps you cut through information overload.  While working on our patterns & practices Improving Web Application Security: Threats and Countermeasures book, one of our favorite mantras was “Secure your network, host and application!”  We learned this by talking to our infrastructure group at Microsoft.  The main security problem was the issues that fall through the cracks.  The holistic approach is to secure the network, host and application.  The host included runtime services and components, platform services and components, and …

If you know the underlying principles for security, you can be more effective in your security design.  While working on Improving Web Application Security: Threats and Countermeasures, my team focused on creating a durable set of security principles.  The challenge was to make the principles more useful.  It’s one thing to know the principles, but another to turn it into action. 
Turning Insights Into Action
To make the principles more useful, we organized them using our Security Frame.  Our Security Frame is a set of actionable, relevant categories that shape your key …

While working on Improving Web Application Security: Threats and Countermeasures, my team created the software security frame.  We used the Security Frame to organize and prioritize software security issues.  We used this frame throughout the guide to organize our guidelines and checklists.  We also used the Security Frame to build evaluation criteria to help find key security decisions that can have a large impact.
Categories
We found that we could organize the majority of our security principles, patterns and practices using the following buckets:

Category
Key Considerations

Auditing and Logging
Who did what and when? Auditing …

STRIDE is an acronym to help you think about potential software security threats and attacks.  It helps you think evil (i.e. like an attacker.)  I had the privilege of talking to one of the creators of STRIDE, Loren Kohnfelder.  He told me that he originally created STRIDE to help people get in the right mind-set when analyzing security features.
STRIDE Categories
Here’s what STRIDE stands for:

Spoofing user identity.
Tampering with data.
Repudiation.
Information disclosure.
Denial of service.
Elevation of privilege.

Using STRIDE
You can use the STRIDE categories to ask questions related to each aspect of the architecture and …

What’s the difference between software threats, attacks, and vulnerabilities?  While working on Improving Web Application security, we found a lot of confusion, so we came up with a simple way to quickly communicate the terms.
Key Terms

Threat – A negative effect or undesired event. A potential occurrence, often best described as an effect that might damage or compromise an asset or objective. It may or may not be malicious in nature.
Vulnerability – A weakness in some aspect or feature of a system that makes an exploit possible. Vulnerabilities can exist at …