Test your security!

Testing security of distributed systems is a very complex thing (sure, security is complex inherently). This is because of the nature of security requirements which is functional as well as non-functional. To meet such basket of requirements, good practise is highly recommended. The subsequent bullets list the necessary steps in a proposed order to achieve this goal:

• Document all functional and non-functional requirements and develop use case scenarios base on it (a picture helps a lot !)
• Invite security professionals for support and guidance
• Conduct a comprehensive threat assessment based on a well documented system architecture and (preferable) a security architecture (invite all relevant stakeholders: product management, architects, developer, test folks, …)
• The architecture must support flexible patch and update management
• Review the resulting design, at least the security relevant components
• Check on all 3rd party components in detail to identify known weaknesses; if so, look for alternatives
• Provide and teach (!) secure coding and secure design principles to the team
• Make sure that the team has enough time to learn and to apply such rules and principles (project management must plan accordingly!)
• Test all functional security requirements accoring to your test specification (use well documented requirements and use case scenarios to specify test cases)
• Use tools to check your code to identify flaws and derivations from your guidelines mentioned above
• Apply code review if tools are not sufficient
• Use a realistic test environment (set up) to run a kinda black box test based on tools (fuzzer, etc.)
• Test especially all user interface (focus on web based interfaces) as well as communication stacks
• Document all testing results and establish a rating based on criticality
• Communicate and share your experience