Design Conflict in Software Engineering

Abstract

High availability architecture can be affected by several design factors that are required to be
maintained to ensure that no single points of failure exist in such design (Online Tech, 2010).

Security architecture on the other hand represents a key function within an organization where it provides the interface between the tasks required for the information systems solutions for businesses, and the security policymakers (Scammell, 2003).

Availability and Security Architecture

High availability architecture can go beyond maintaining network availability, and its power to maintain business continuity. Such architecture can represent different redundant systems such as load balancers, firewalls, storage devices and servers to maintain availability (Online Tech, 2010).

The majority of the existing systems ensure high-availability through the implementation of the shared-storage architecture where different servers connected to external RAID subsystem to maintain such availability. However such architecture represents several hurdlers in achieving high availability, and eliminating data loss. Since such data replication architecture over TCP/IP for two completely independent systems doesn’t achieve the best high availability architecture, implementing data replication architecture instead of shared storage architecture represents no single points of failure and eliminates the file system recovery time (Tomar, 2011).

With data growth within systems, and the need of organizations to rely on such data, there is an important need for implementing the software architectures that can provide data storage, data protection, data recovery and access. Leveraging the architecture that promotes the system and data availability should not sacrifice security architecture elements of any software. On the other hand, software architects shouldn’t lose sight of system availability while focusing on security. In addition to data integrity and confidentiality that should be maintained within the design architecture, the other aspect of the security architecture is the data availability (Resch, 2011).

There are different ways in which security can be achieved, however; there is a common agreement around software architects that security triad of data integrity, confidentiality, and availability. Confidentiality within any system represents the privacy, and the secrecy of information within such system. In the software security architecture confidentiality can be seen in implementing encryption mechanism, passwords mechanism or firewalls. Data Integrity represents the correctness of the information that promotes the confidence among system users that the information is accurate and correct. Availability means that legitimate users can access the information within the system at anytime where the system implements the availability architecture that can promote such availability (Sans.Org, n.d.).

Design Conflict

In today’s technology business operations rely critically on the electronic information transfer, and digital information. Massive servers and perfect backups are useless if the system didn’t  implement the architecture that can maintain the system availability needed for business continuity. To ensure the availability of the business information, implement the availability architecture that optimizing computing, planning growth, and predict peak usage requirements is very important for any organization. High availability solutions such as fail-over solution and load balancing become more affordable, and easy to implement within any system architecture. However, availability can be compromised in many ways; such as Denial of Service (DOS) attack that can bring down the network servers, or deleting important data by hackers or employees, as such; implementing the right security architecture within any system is very important element for maintaining the system availability (Clemmer, 2010).

To maintain the business continuity within any organization, it’s imperative to implement the right strategy that implements a strategic balance between the information security and information availability. Such strategy should implement the availability architecture that can maintains systems backups, and storage devices that can maintain availability, and also implements the security architecture that protects the organization from malicious attacks, human error by implementing the right security mechanism that can provide authorization and authentications within the system to protect data and information (Groshans, 2006).

Conclusion

The conflict between the availability architecture and security architecture can exist when availability architecture may implement the availability mechanisms that may ignore the security factors (e.g. implementing online data availability without applying the right encryption mechanism that can protect such data). Also, such conflict can exist, when security architecture implemented within a system that can impact the data availability (i.e. ignoring the fact that the system can be compromised by a denial of Service attack that might impact the availability of the system).

Finally, implementing the right availability and security architecture that can guarantee the business continuity is very essential for any organization to survive. Maintaining the right backup mechanism and data replication mechanisms can provide the high availability of the system. Also implementing the right security architecture that can provide data protection, data encryption, and physical security measures can ensure the system availability, and business continuity (Groshans, 2006).

References

Christner, J. (2010) Addressing Performance, availability, Data Protection and Security Concerns in Cloud Storage Environment [Online]. Available from:

http://www.itbusinessedge.com/cm/community/features/guestopinions/blog/addressing-performance­availability-data-protection-and-secu rity-concerns-i n-cloud-storage-environ ments/?cs=42222 (Accessed: 19 May 2011).

Clemmer, L. (2010) Information Security Concepts: Availability [Online]. Available from: http://www.brighthub.com/computing/smb-security/articles/31096.aspx (Accessed: 19 May 2011).

 

Grosha ns, G. (2006) Striking the balance between storage security and availability [Online]. Available from: http://www.continuitycentral.com/feature0362.htm (Accessed: 19 May 2011).

Online Tech (2010) High Availability [Online]. Available from: http://www.michigandatacenters.com/managedservices/highavailability/ (Accessed: 19 May 2011).

Resch, J. (2011) Key Security Considerations When Leveraging Storage as a Service to Store Your Data [Online]. Available from:

http://www.wwpi.com/index.php?option=comcontent&view=article&id=9550:key-security- considerations-when-leveraging-storage-as-a-service-to-store-your-data-&catid=99:cover- story&Itemid=2701018 (Accessed: 19 May 2011).

Sans.Org (n.d.) Security Fundamentals [Online]. Available from: http://hacker-dox.net/Que­Certified. Ethical .Hacker.E/07897353 18/ch01lev1sec4. html (Accessed: 19 May 2011).

Scammell, T. (2003) Security Architecture: One Practitioner’s View [Online]. Available from: http://www.isaca.org/Journal/Past-Issues/2003/Volume-1/Pages/Security-Architecture-One­Practitioners-View.aspx (Accessed: 19 May 2011).

Tomar, N. (2011) A Better Architecture for High Availability [Online]. Available from: http://www.ccpu.com/articles/2009/better-architecture-ha-high-availability/ (Accessed: 19 May 2011).

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: