Your company sells toys online worldwide. A web-based E-Commerce system developed by an in-house Integrated Product Team (IPT) supports the business. The development team is considering a solution to protect customer orders in motion. Which of the following is the best solution in terms of security, performance, and cost/benefit ratio?
A. For developers to implement encryption in the business logic layer for full mediation
B. For the architect to incorporate a software encryption module as a cross-cutting aspect
C. For database administrators to implement a secure enclave on the database server
D. For web server administrators to enable secure transmission
Wentz’s Book, The Effective CISSP: Security and Risk Management https://www.amazon.com/dp/B087JL6BXR
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. For web server administrators to enable secure transmission.
It’s common for companies to have developers focus on solving their assigned business problems to create more values. Issues such as logging, security, caching, performance, etc. are called cross-cutting concerns, aspects of a program that affect other concerns. “In computer science, a concern is a particular set of information that has an effect on the code of a computer program.” (Wikipedia)
As cross-cutting concerns will affect other concerns, they are typically addressed in common or shared modules to relive the developer’s burden. It’s not a good practice for developers to implement encryption functions on an individual basis. It may lead to inconsistent and proprietary implementations, violation of the Kerchoff principle, and more overhead and costs.
Software Encryption Module
Incorporating a software encryption module as a cross-cutting aspect is feasible, but the concern of encryption can be separated from the application and handled by other services. The software encryption module implemented as part of the application will impose more work upon the development team and distract them. The software encryption will hinder the performance of the application. Instead, the implementation of a hardware security module (HSM) can offload the encryption workload and improve performance and scalability.
The secure enclave on the database server may protect data in use and at rest, but not in motion or transit.
Asking web server administrators to implement HTTPS (TLS/SSL) with a certificate to enable secure transmission is a common practice, which can utilize the power of HSM if needed.
- Cross-cutting concern
- Hardware security module
- Transport Layer Security
- Secure Enclave overview
- Always Encrypted with secure enclaves
- Enable Always Encrypted with Secure Enclaves in SQL Server Management Studio
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.