Security
IT-security and the related operational security of a perimeter-less federated IT system starts with the hardening of individual components.
Components security
Besides secure processes of onboarding data space members and transferring data between data participants, supporting components of a specific data space and the collection of components must adhere to high-security standards. A association will be responsible for ensuring its members that the software components are secure enough to use when handling highly vulnerable data.
Ensuring security entails, but is not limited to, the following principles in software design.
Development Stack and Libraries:
Selecting a secure development stack involves careful consideration of programming languages, frameworks, and tools with a strong track record in security. It’s essential to keep libraries and dependencies up to date to address potential security vulnerabilities.
Secure Code Design:
Secure code design encompasses foundational principles, including rigorous input validation, output encoding, and error handling. Implementing security design patterns, such as the Principle of Least Privilege or Fail-Safe Defaults, is crucial for minimizing potential vulnerabilities. Practical code examples demonstrate how to apply these principles effectively.
Operational Security:
Operational security is critical to ongoing protection. Access controls and permissions are vital for restricting employee access to sensitive resources. Regular access reviews and audit trails ensure accountability and security maintenance.
Logging and Monitoring (Audit trail):
Comprehensive logging is a cornerstone of application security, capturing user actions, system events, and critical security data. Log analysis tools and intrusion detection systems are essential for identifying and responding to security incidents. Log format examples and recommendations for logged information assist in maintaining robust security practices.
Incident Response:
Incident response involves a structured approach to handling security incidents, encompassing detection, containment, eradication, recovery, and post-incident analysis. A well-prepared incident response team and communication plan are paramount to address and mitigate security events effectively.
Security Testing:
Security testing involves systematic (and automatic) assessments to uncover vulnerabilities. This includes penetration testing, vulnerability scanning, and code reviews. Integrating security testing into the development lifecycle is critical for identifying and rectifying security weaknesses.
Compliance and Regulations:
Compliance with security standards and regulations is like following the rules to ensure alignment with requirements, such as GDPR, ISO or other relevant certifications. It’s a way to show that security is taken seriously and protecting user data in accordance with legal standards.
Zero Trust as a Principle in a perimeterless federated IT system
The BDI Framework starts with zero-trust principles, including governance and registration. The isolation between BDI Associations and their respective Association Registers is the first expression of zero-trust as a principle: no single point of failure for a complete federated system (only local ones), limited propagation of the effect of a breach.
The same applies to Authorization Registers, Representation Registers and Professional Qualification Registers: most organizations will install their own instances within their IT-landscape, as they are closely connected to other corporate systems. In other cases they will supplied as SaaS by a service provider. The decentralization limits the propagation of the effect of breaches.
In order to be able to analyze the root cause of a possible error, vulnerability or attack it will be necessary to combine logs from multiple IT-components, each operated by a separate entity. To make this analysis possible it is required to standardize at least part of the logging.