#Yazılım #Mühendisliği - Ders 14: Güvenlik Mühendisliği, Güvenlik Riski Değerlendirmesi #331

FurkanGozukara · 2025-10-28T06:27:13Z

FurkanGozukara
Oct 28, 2025
Maintainer

#Yazılım #Mühendisliği - Ders 14: Güvenlik Mühendisliği, Güvenlik Riski Değerlendirmesi

Full tutorial: https://www.youtube.com/watch?v=yuwHYUSn9DA

#Ücretsiz #Ders #Kurs #Eğitim

İyi bir yazılım programlamak sadece kodlama değil aynı zamanda bir mühendislik sürecidir. Büyük ölçekli gerçek hayat sistemleri, kodlanmaya başlamadan önce iyi planlanmalı ve organize edilmelidir. Böylesine büyük ölçekli bir projede başarıya ulaşmak için, fikirden nihai ürünün teslimatına kadar, projenin tüm aşamalarının iyi bir şekilde dokümente edilmesi ve belirlenen kurallara uyulması gerekir. Bu derste kod yazmaktan ziyade nasıl daha iyi bir yazılım mühendisi olacağınız öğretilecektir.

Bilgisayar Becerileri dersi oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffsk7Rfb3OPCTnDdfKV3cNl5l

Dersin GitHub Depo Adresi : https://github.com/FurkanGozukara/Yazilim-Muhendisligi-IT522-2021

Dersin Discord kanalı bağlantı adresi : https://discord.gg/6Mrb8MwteQ

Discord nasıl çalışır / kullanılır : https://youtu.be/AEwPtYiLvsQ

Bu dersi almak için herhangi bir ön şart gerekmemektedir.

Eğer programlama öğrenmek istiyorsanız veya kendinizi geliştirmek istiyorsanız aşağıdaki derslerimizi de takip edebilirsiniz:

[1] C# ile Programlamaya Giriş dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffskoSXySh0MdiayPJsBZ7m2o

[2] C# ile İleri Programlama dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffslHaBdS3RUW26RKzSjkl8m4

[3] C# ile Nesne Tabanlı Programlama dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffsnH3XJb66FDIHh1yHwWC26I

[4] C# ile ASP.NET Core MVC tabanlı BootStrap ile responsive web tasarımı : https://www.youtube.com/playlist?list=PL_pbwdIyffsnAWtgk4ja3HN3xgMKF7BOE

[5] Yapay Zeka ve Makine Öğrenmesi (örnek programlar C# dilinde) dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffskVschrADCL6KEnL_nqDtgD

[6] Yazılım Mühendisliği dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffslgxMVyXhnHiSn_EWTvx1G-

[7] Bilgi Sistemlerinin Güvenliği dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffslM_o92NwkaUzD7C6Fekx26

[8] Bilgisayar Becerileri dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffsmyE2e909ea1MXLcMb8MenG

Video Transcription

00:00:03 Hello everyone, welcome to our 14th software engineer course. The
00:00:06 welcome to our 14th software engineer course. The topic of today's lesson is security
00:00:09 topic of today's lesson is security engineering. This will be our last lesson.
00:00:12 engineering. This will be our last lesson.
00:00:17 Thank you for following our lesson on software engineering.
00:00:21 Topics covered in the meat section include security engineering and security management. Security engineering infrastructure and security management are related to applications.
00:00:24 security management. Security engineering infrastructure and security management are related to applications.
00:00:28 Security risk assessment is
00:00:30 assessment is based on security risk assessment. Designing a system based on security risk assessment.
00:00:32 based on security risk assessment. Designing a system based on security risk assessment. Designing for
00:00:34 Designing for security. How to design system architectures for security.
00:00:36 security. How to design system architectures for security. Security
00:00:40 Security engineering is a field that can be listened to by malicious attacks aimed at harming a computer-based
00:00:43 engineering is a field that can be listened to by malicious attacks aimed at harming a computer-based system or its data.
00:00:45 system or its data.
00:00:55 Tools, techniques, and methods to support the development and maintenance of systems that can be listened to. This is a security engineer. Okay,
00:00:58 security engineer. Okay, one of the more comprehensive friends.
00:01:00 one of the more comprehensive friends. This assumes background knowledge about reliability and
00:01:04 This assumes background knowledge about reliability and security concepts in Lesson 10 and the security
00:01:06 security concepts in Lesson 10 and the security requirements specification in Lesson 12. We've
00:01:08 requirements specification in Lesson 12. We've
00:01:15 already covered application infrastructure security. Application security is
00:01:18 security. Application security is
00:01:22 a software engineering problem where the system is designed to be listened to by attacks.
00:01:26 So, for the application to be secure, you
00:01:32 need to design the system from the very beginning to be able to be attacked.
00:01:34 attacked. See, the infrastructure is configured here.
00:01:36 See, the infrastructure is configured here. These
00:01:38 These two concepts are important systems management
00:01:41 two concepts are important systems management issues. The focus of this course is the
00:01:45 issues. The focus of this course is the application is secure, not the infrastructure. In other words, the infrastructure
00:01:47 application is secure, not the infrastructure. In other words, the infrastructure is doing it. What if the application actually
00:01:50 is doing it. What if the application actually worked? The operating system
00:01:52 worked? The operating system is Windows. If you don't want that, firewalls.
00:01:54 is Windows. If you don't want that, firewalls. For example, what are these? These are infrastructure-related
00:01:57 For example, what are these? These are infrastructure-related elements that can provide security.
00:02:00 elements that can provide security. Yes, security can be compromised.
00:02:02 Yes, security can be compromised.
00:02:10 Look carefully at the system layers. What's at the top? Baran, the application itself. If
00:02:13 application itself. If the application itself is not secure, you
00:02:17 the application itself is not secure, you
00:02:26 can encounter serious problems from the very beginning. So, other layers come after that. Go to the message. What is the
00:02:29 other layers come after that. Go to the message. What is the second layer? R110 companies and
00:02:33 second layer? R110 companies and İbrahim. Reusable
00:02:35 İbrahim. Reusable components and libraries.
00:02:39 components and libraries. We use these, but these are Open Source.
00:02:41 We use these, but these are Open Source. Security vulnerabilities generally don't exist,
00:02:44 Security vulnerabilities generally don't exist, or if they do, updates come immediately. They
00:02:48 or if they do, updates come immediately. They come quickly and easily.
00:02:52 come quickly and easily.
00:02:59 Can we prevent errors, disabled vulnerabilities by updating? And so, the communication layers are the middle layers.
00:03:03 so, the communication layers are the middle layers. Then, what's underneath that?
00:03:06 Then, what's underneath that? Database design and management, and
00:03:09 Database design and management, and when it's crushed, database management,
00:03:11 when it's crushed, database management, generally,
00:03:13 generally, but it's trouble-free. If you
00:03:16 but it's trouble-free. If you don't make a serious mistake, what's underneath that? Of
00:03:19 don't make a serious mistake, what's underneath that? Of course, Kecheese browsers,
00:03:22 course, Kecheese browsers, email, and similar browsers are
00:03:26 email, and similar browsers are completely independent of you. Why? Because
00:03:30 completely independent of you. Why? Because everyone uses certain browsers.
00:03:31 everyone uses certain browsers. I use Google Chrome right away. I have to assume that Google
00:03:33 I use Google Chrome right away. I have to assume that Google Chrome has taken various security measures.
00:03:37 Chrome has taken various security measures.
00:03:42 I assume what's underneath them and the operating system is back. This is
00:03:44 operating system is back. This is independent of me. Because I develop the operating system. If
00:03:46 independent of me. Because I develop the operating system. If
00:03:52 Microsoft doesn't take sufficient security measures, my system will be vulnerable no matter what I do.
00:03:55 doesn't take sufficient security measures, my system will be vulnerable no matter what I do. But the most important
00:03:58 But the most important layer is the application itself. First and foremost,
00:04:00 layer is the application itself. First and foremost, I have written it myself. I
00:04:03 I have written it myself. I need to make it very secure. No, I
00:04:06 need to make it very secure. No, I need to develop it securely. Then
00:04:08 need to develop it securely. Then come the other layers, as we explained,
00:04:16 and security management. User and permission management.
00:04:20 Adding and removing users to the system and setting appropriate permissions for users. In other words, each
00:04:24 setting appropriate permissions for users. In other words, each user must have their own security level.
00:04:29 user must have their own security level. And let's say, access levels.
00:04:32 And let's say, access levels. This needs to be taken very seriously.
00:04:35 This needs to be taken very seriously.
00:04:39 Even if our users are company employees, even if they are people you trust very much. You
00:04:42 even if they are people you trust very much. You should not trust anyone. When we develop software, you
00:04:44 should not trust anyone. When we develop software, you
00:04:50 should not trust anyone. This is the distribution, maintenance, installation of
00:04:52 distribution, maintenance, installation of application software and middleware to avoid security vulnerabilities,
00:04:54 application software and middleware to avoid security vulnerabilities, and the
00:04:56 and the configuration of these systems. Look, it
00:04:58 configuration of these systems. Look, it was easy to hack recently.
00:05:00 was easy to hack recently. Do you know where this happened? This
00:05:01 Do you know where this happened? This happened in the software update system. So,
00:05:04 happened in the software update system. So,
00:05:08 when you download software, install it, whatever happens, the update comes, this update is distributed,
00:05:10 comes, this update is distributed, there is a server here.
00:05:13 there is a server here. What are they waiting for? What do they do after that?
00:05:15 What are they waiting for? What do they do after that? Through this update layer,
00:05:18 Through this update layer, through distribution,
00:05:20 through distribution, they send viruses to people,
00:05:22 they send viruses to people, they install viruses, at least
00:05:25 they install viruses, at least they install malware. This is it.
00:05:28 they install malware. This is it. Software distribution and maintenance are also very important,
00:05:31 Software distribution and maintenance are also very important, because it must
00:05:36 because it must connect to a remote server to receive software updates. It
00:05:38 connect to a remote server to receive software updates. It can use various APIs,
00:05:41 can use various APIs, etc. This is also very important. Attack
00:05:44 etc. This is also very important. Attack monitoring, detection, and recovery are crucial. However, monitoring the system
00:05:48 monitoring, detection, and recovery are crucial. However, monitoring the system against unauthorized access requires
00:05:50 against unauthorized access requires vendors to
00:05:52 vendors to design and develop backups and recovery.
00:05:53 design and develop backups and recovery.
00:05:59 You must have a separate server where your own server is located. If it is completely compromised and
00:06:03 your own server is located. If it is completely compromised and destroyed, you can perform a full restore from the backup server.
00:06:07 destroyed, you can perform a full restore from the backup server.
00:06:13 Monitoring is also very important. If unusual activity is detected using this software, you
00:06:16 unusual activity is detected using this software, you
00:06:22 can quickly take action against it. For example, using antivirus software is
00:06:25 example, using antivirus software is very important. Monitoring against unauthorized access
00:06:28 very important. Monitoring against unauthorized access
00:06:33 is crucial for preventing attacks. Backup and recovery are important. As we mentioned, security risk management
00:06:38 As we mentioned, security risk management and risk management systems are about
00:06:41 and risk management systems are about
00:06:45 assessing potential losses from attacks and balancing these losses against the costs of security procedures that can mitigate these losses.
00:06:47 losses against the costs of security procedures that can mitigate these losses.
00:06:55 Here's what we mean by "Happy," and we need to
00:07:00 and we need to strike a balance here.
00:07:02 strike a balance here.
00:07:06 As we've discussed in previous lessons, we can't achieve unlimited security because the cost of doing so
00:07:09 we can't achieve unlimited security because the cost of doing so doesn't prevent losses or
00:07:12 doesn't prevent losses or profits.
00:07:13 profits. Risk management should
00:07:17 Risk management should be guided by a corporate security policy.
00:07:20 be guided by a corporate security policy. Risk management includes the following. Look at the
00:07:22 Risk management includes the following. Look at the corporate security policy. So,
00:07:24 corporate security policy. So, your organization needs a security policy.
00:07:26 your organization needs a security policy. Preliminary risk assessment,
00:07:29 Preliminary risk assessment, that is, estimating the risk before it occurs.
00:07:32 that is, estimating the risk before it occurs. We will see patterns in this and its
00:07:35 We will see patterns in this and its evaluation. Lifecycle risk
00:07:38 evaluation. Lifecycle risk assessment.
00:07:41 assessment. Operational risk assessment. Now, let's
00:07:43 Operational risk assessment. Now, let's look at these one by one. Look at the risk
00:07:46 look at these one by one. Look at the risk assessment. Basetrap. In Rize, the
00:07:50 assessment. Basetrap. In Rize, the Prince of R. Tire, the Princess of Tire, what does this mean for the most organized work?
00:07:52 Prince of R. Tire, the Princess of Tire, what does this mean for the most organized work?
00:07:58 It starts with the presentation and organization of assets. What do you do? It gives assessment, that is, the
00:08:01 It gives assessment, that is, the valuation of assets.
00:08:05 valuation of assets. Look at what's underneath. Taylan's
00:08:08 Look at what's underneath. Taylan's typical partner, that is, the discovery of hazards,
00:08:13 typical partner, that is, the discovery of hazards, the middle, this shouldn't be the case. Look at what
00:08:15 this shouldn't be the case. Look at what happens after the asset assessment. Exper
00:08:17 happens after the asset assessment. Exper Assassin. How much of our assets are
00:08:21 Assassin. How much of our assets are exposed? That is, the assessment of this in the open.
00:08:26 exposed? That is, the assessment of this in the open. After that, where does it
00:08:28 After that, where does it go? Design and Gardens
00:08:31 go? Design and Gardens itself, that is, the change of design and requirements,
00:08:34 itself, that is, the change of design and requirements, of course, the change of design and development, there
00:08:36 of course, the change of design and development, there are two more inputs.
00:08:38 are two more inputs. What else does it take? The
00:08:40 What else does it take? The detection of hazards
00:08:44 detection of hazards takes everyone's detection. Look at the following
00:08:46 takes everyone's detection. Look at the following technology choice. It
00:08:49 technology choice. It takes an input from the technology choices.
00:08:52 takes an input from the technology choices. Then, the assessment of hazards, the
00:08:55 Then, the assessment of hazards, the detection of detection, where does it
00:08:57 detection of detection, where does it go? The attack assessment, that is, the
00:09:01 go? The attack assessment, that is, the attack
00:09:03 attack assessment, see where it
00:09:06 assessment, see where it gives data. Control. Aydan's typical partner,
00:09:09 gives data. Control. Aydan's typical partner, that is, the detection of control. If
00:09:13 that is, the detection of control. If this control cannot be delivered, What is
00:09:16 this control cannot be delivered, What is it taking from the existing controller?
00:09:19 it taking from the existing controller? What all of these are happening to you? It combines
00:09:21 What all of these are happening to you? It combines with changes in design requirements. It
00:09:27 with changes in design requirements. It can also happen with pipec. It
00:09:30 can also happen with pipec. It also gives abuse
00:09:33 also gives abuse cases. These are examples of threats to a system.
00:09:35 cases. These are examples of threats to a system.
00:09:40 But examples and 3 intervention threats. An attacker
00:09:42 threats. An attacker gains access. For example,
00:09:44 gains access. For example, they gain access to your operating system and can do whatever they want there.
00:09:48 they gain access to your operating system and can do whatever they want there. E. There are interruption
00:09:55 E. There are interruption threats. An attacker
00:09:56 threats. An attacker makes a part of the system unusable.
00:09:58 makes a part of the system unusable. This is the easiest if you have an internet connection
00:10:01 This is the easiest if you have an internet connection system.
00:10:05 system. There is no way to prevent this. They can make your system inaccessible to normal users by performing a DOS attack on you,
00:10:07 There is no way to prevent this. They can make your system inaccessible to normal users by performing a DOS attack on you,
00:10:14 and there is no precaution against this. So, no matter what you do, if
00:10:18 So, no matter what you do, if an attack larger than your available resources
00:10:21 an attack larger than your available resources comes, it will consume all our system resources
00:10:24 comes, it will consume all our system resources and make your system inaccessible.
00:10:28 and make your system inaccessible.
00:10:36 This is the most annoying and most fabricated attack. This is never hacking.
00:10:38 attack. This is never hacking. These change threats are: if
00:10:42 These change threats are: if a system has been tampered with, is there a system? That is, you have a system that
00:10:45 a system has been tampered with, is there a system? That is, you have a system that has been changed, and you
00:10:50 has been changed, and you may not be aware of it. This is one of the most
00:10:52 may not be aware of it. This is one of the most dangerous fabricated threats.
00:10:55 dangerous fabricated threats. A system is false information here.
00:10:57 A system is false information here. In other words, it fabricates information and gets it. You keep
00:11:00 In other words, it fabricates information and gets it. You keep it. For example,
00:11:04 it. For example, you have a weather station. You are
00:11:07 you have a weather station. You are given fake information and
00:11:10 given fake information and Facebook downloads fake information. For example, this is also
00:11:12 Facebook downloads fake information. For example, this is also a very serious situation. If fake GPS information
00:11:15 a very serious situation. If fake GPS information is given, our autonomous systems will be vulnerable to
00:11:17 is given, our autonomous systems will be vulnerable to
00:11:23 attacks and abuses, such as airplanes and cars. This poses a serious threat of attack and misuse. You can write this in Spring if you're curious. Our
00:11:28 You can write this in Spring if you're curious. Our asset analysis table is asset value,
00:11:31 asset analysis table is asset value, material, and
00:11:34 material, and information system. It's valuable. Our
00:11:35 information system. It's valuable. Our information
00:11:37 information system is valuable. This is why we
00:11:42 system is valuable. This is why we built it.
00:11:43 built it.
00:11:55 It's necessary to support all clinical concentrations. Our information system is potentially critical for security. So,
00:11:58 potentially critical for security. So, what threats could it be exposed to?
00:12:00 what threats could it be exposed to? High exposure, meaning vulnerable
00:12:03 High exposure, meaning vulnerable clips might need to be canceled. It
00:12:06 clips might need to be canceled. It might cause financial losses. There would be system
00:12:08 might cause financial losses. There would be system restoration costs. Treatment
00:12:12 restoration costs. Treatment cannot be prevented. Possible patient harm.
00:12:14 cannot be prevented. Possible patient harm.
00:12:19 What happens if patients can't get their prescriptions quickly? They might suffer from their illnesses. So,
00:12:23 So, what do we have? There are threats and
00:12:26 what do we have? There are threats and harms. The patient database is
00:12:30 harms. The patient database is valuable. A valuable database is necessary to support all
00:12:33 valuable. A valuable database is necessary to support all daily concentrated concentrations. It's
00:12:35 daily concentrated concentrations. It's potentially
00:12:37 potentially critical for security.
00:12:40 critical for security. For example, if you eat a silicone, it could be very
00:12:44 For example, if you eat a silicone, it could be very seriously
00:12:46 seriously deleted. I've even started copying. The
00:12:49 deleted. I've even started copying. The exposure is high. We could even
00:12:52 exposure is high. We could even say it's the highest because they constantly
00:12:53 say it's the highest because they constantly recognize me. Is there a vulnerability? It's
00:12:55 recognize me. Is there a vulnerability? It's completely related to me. It might
00:12:59 completely related to me. It might need to be canceled. Financial losses.
00:13:01 need to be canceled. Financial losses. The system needs treatment costs.
00:13:03 The system needs treatment costs. If it can't be prescribed, brother, what's the last thing?
00:13:07 If it can't be prescribed, brother, what's the last thing?
00:13:12 An individual patient record in a database that's boiling. BID. Normally, it's low. Why? Because for
00:13:15 BID. Normally, it's low. Why? Because for an ordinary patient and their data, the destruction of the data wo
00:13:18 an ordinary patient and their data, the destruction of the data wo
00:13:23 n't have much of an impact, but it
00:13:28 can be high for certain high-profile patients. For example, there's someone very popular and they
00:13:31 example, there's someone very popular and they have a disease they want to hide. The
00:13:33 have a disease they want to hide. The emergence of this disease
00:13:35 emergence of this disease could have serious consequences for your institution.
00:13:37 could have serious consequences for your institution. Direct exposure is low,
00:13:40 Direct exposure is low, but there's a potential reputational loss.
00:13:44 but there's a potential reputational loss. What's the name of what I did here? We analyzed the assets.
00:13:46 What's the name of what I did here? We analyzed the assets. Now, the threat and control
00:13:49 Now, the threat and control analysis. The threat is
00:13:51 analysis. The threat is that the ineffective user
00:13:54 that the ineffective user gains access as a system administrator and
00:13:56 gains access as a system administrator and renders the system unusable. The probability
00:13:58 renders the system unusable. The probability is low. Only allow
00:14:00 is low. Only allow system management on certain physically secured issues.
00:14:02 system management on certain physically secured issues. Why, if you
00:14:05 Why, if you grant such a permission as a control, that
00:14:08 grant such a permission as a control, that malicious person
00:14:10 malicious person must be physically present, which is very rare and
00:14:12 must be physically present, which is very rare and very difficult. Not impossible, but very
00:14:15 very difficult. Not impossible, but very difficult. This is feasible.
00:14:18 difficult. This is feasible. How is the feasibility of this? Low implementation
00:14:20 How is the feasibility of this? Low implementation cost. Because you can
00:14:22 cost. Because you can only allow access within your institution to those who actually have the authority to do so,
00:14:24 only allow access within your institution to those who actually have the authority to do so,
00:14:28 and there's no cost with this. Since it's Artvin, they have to come to your institution anyway,
00:14:31 have to come to your institution anyway, but care must be taken to ensure key distribution and
00:14:33 but care must be taken to ensure key distribution and availability of keys in case of an emergency.
00:14:35 availability of keys in case of an emergency. So, if necessary, remote
00:14:38 So, if necessary, remote
00:14:45 development can be allowed, even in rare cases, manually. You should know what the other threat is. An unauthorized user
00:14:47 what the other threat is. An unauthorized user gains access to the system as a user and
00:14:49 gains access to the system as a user and confidential information. This is very high
00:14:51 confidential information. This is very high because patients' education levels
00:14:55 because patients' education levels may be low, they
00:14:57 may be low, they may be easily hacked, and the patient's password may
00:14:59 may be easily hacked, and the patient's password may be compromised. So, isn't it
00:15:02 be compromised. So, isn't it likely to be high? So,
00:15:04 likely to be high? So, we can control this to prevent this. As
00:15:07 we can control this to prevent this. As you've seen, a certain number of numbers,
00:15:10 you've seen, a certain number of numbers, special characters, password lengths, etc. are
00:15:12 special characters, password lengths, etc. are required so that passwords cannot be guessed and cannot be
00:15:15 required so that passwords cannot be guessed and cannot be easily found. This is a control
00:15:18 easily found. This is a control mechanism. But it's not sufficient. Another
00:15:20 mechanism. But it's not sufficient. Another control mechanism could be that all
00:15:22 control mechanism could be that all users are required to verify their identities using a biometric mechanism. For
00:15:24 users are required to verify their identities using a biometric mechanism. For
00:15:30 example, you can log in to the system with your finger. Of
00:15:33 you can log in to the system with your finger. Of course, there
00:15:36 course, there would be a situation like a hacker gaining the password, but
00:15:39 would be a situation like a hacker gaining the password, but this system is used to monitor usage.
00:15:41 this system is used to monitor usage. All changes to patient information are
00:15:43 All changes to patient information are recorded daily. Others control. If
00:15:47 recorded daily. Others control. If a malicious person catches up, they can
00:15:49 a malicious person catches up, they can
00:15:53 detect and restore changes to patient information. So, what is the feasibility? It's
00:15:56 restore changes to patient information. So, what is the feasibility? It's technically feasible, but it's
00:15:58 technically feasible, but it's a high-cost solution. Because magic,
00:16:03 a high-cost solution. Because magic, for example, to obtain biometric information, you'll
00:16:05 for example, to obtain biometric information, you'll need a device. The cost of that device is
00:16:09 need a device. The cost of that device is likely due to user resistance.
00:16:12 likely due to user resistance. Users
00:16:14 Users know they don't want to provide geometric information. This might be difficult.
00:16:20 know they don't want to provide geometric information. This might be difficult. What is the feasibility of the first application, the
00:16:26 What is the feasibility of the first application, the biometric event? The other is to
00:16:29 biometric event? The other is to monitor system usage. To stay
00:16:30 monitor system usage. To stay informed quickly, record changes daily.
00:16:32 informed quickly, record changes daily. This is simple and transparent to implement
00:16:34 This is simple and transparent to implement and also supports recovery.
00:16:36 and also supports recovery. This can be easily
00:16:39 This can be easily done. Yes, security
00:16:42 done. Yes, security requirements require patient information to be stored in a secure area within the system used by
00:16:45 requirements require patient information to be stored in a secure area within the system used by credit personnel at the beginning of a clinic session.
00:16:47 credit personnel at the beginning of a clinic session.
00:16:59 After the A101 clinic session is completed, patient information from system clients should
00:17:01 patient information from system clients should not be kept.
00:17:04 not be kept. This system requires all changes made to the
00:17:07 This system requires all changes made to the database server, and
00:17:09 database server, and a log should be kept on a separate computer.
00:17:10 a log should be kept on a separate computer.
00:17:14 This means backing up these. What are these security requirements for
00:17:16 requirements for reducing smoking? Lifecycle risk
00:17:20 reducing smoking? Lifecycle risk assessment. During system development,
00:17:24 assessment. During system development, after commissioning, the risk
00:17:26 after commissioning, the risk assessment, that is, the lifecycle, is
00:17:29 assessment, that is, the lifecycle, is now operational.
00:17:32 now operational. More information is available.
00:17:34 More information is available. As the system is running, we
00:17:36 As the system is running, we can continuously obtain information from the system platform,
00:17:39 can continuously obtain information from the system platform, middleware, system architecture,
00:17:41 middleware, system architecture, and organization. We
00:17:44 and organization. We can obtain information from all of these and
00:17:47 can obtain information from all of these and evaluate them. Therefore,
00:17:51 evaluate them. Therefore,
00:17:54 security vulnerabilities arising from design choices can be identified. Now that we are in practice, we
00:17:56 that we are in practice, we can determine these. Since the application is running, is the
00:17:59 can determine these. Since the application is running, is the lifecycle of the shop like this? For
00:18:03 lifecycle of the shop like this? For the chassis
00:18:04 the chassis and the fire, the car is organized. This is
00:18:06 and the fire, the car is organized. This is directly the same. In fact, the
00:18:11 directly the same. In fact, the preliminary risk assessment and the lifecycle
00:18:15 preliminary risk assessment and the lifecycle risk assessment are exactly the same. I wonder if the
00:18:19 risk assessment are exactly the same. I wonder if the incorrect table was included
00:18:22 incorrect table was included in a book. Let me check and see if it's correct.
00:18:30 in a book. Let me check and see if it's correct. Friends, a lifecycle assessment. No need to explain further,
00:18:32 Friends, a lifecycle assessment. No need to explain further, yes, CEO test, or Nikon version of the
00:18:36 yes, CEO test, or Nikon version of the shawl, what was ready, so let's write ready, ready,
00:18:41 shawl, what was ready, so let's write ready, ready, ready software,
00:18:45 ready software, design decisions resulting from use, e-system
00:18:48 design decisions resulting from use, e-system user identities, a horse password,
00:18:50 user identities, a horse password, how to use the combi, verified system
00:18:53 how to use the combi, verified system architecture, client system, standard,
00:18:55 architecture, client system, standard, and also through the browser,
00:18:57 and also through the browser, is the systematic result of criticism, so Istanbul result,
00:19:00 is the systematic result of criticism, so Istanbul result, binary s12, editable and form, as
00:19:04 binary s12, editable and form, as
00:19:10 security vulnerabilities associated with these technology choices, see what's here, what is technology for, technology, a sub-ancient, your
00:19:14 what is technology for, technology, a sub-ancient, your spouse, or here, in terms of security, look, what is
00:19:17 spouse, or here, in terms of security, look, what is login, Passat, ancient, equal, what is this, a
00:19:20 login, Passat, ancient, equal, what is this, a classic password, we
00:19:23 classic password, we have a password to use, Bare, if Look, what
00:19:27 have a password to use, Bare, if Look, what 's here, you can download Taboo,
00:19:29 's here, you can download Taboo, security vulnerabilities, vulnerabilities. If the user
00:19:32 security vulnerabilities, vulnerabilities. If the user chooses a password that can guess, this
00:19:36 chooses a password that can guess, this security opens, distributes, or the address is
00:19:40 security opens, distributes, or the address is not 16th century,
00:19:44 not 16th century, we want a pass, so we want a key with a pass, so to the authority, distributes,
00:19:52 we want a pass, so we want a key with a pass, so to the authority, distributes, people with authorized access, their passwords to
00:19:55 people with authorized access, their passwords to
00:20:03 people without authorized access, if they come out, this is
00:20:04 they come out, this is also a security angle,
00:20:08 also a security angle, what is another technology, client server architecture using a
00:20:11 what is another technology, client server architecture using a web browser, that is, client server architecture
00:20:15 web browser, that is, client server architecture using a web browser, so
00:20:18 using a web browser, so what are its vulnerabilities, then subject, Sudi
00:20:21 what are its vulnerabilities, then subject, Sudi nylon service, so the result is B Friends
00:20:26 nylon service, so the result is B Friends attack
00:20:30 attack As I said, there's no way to prevent this. The
00:20:33 As I said, there's no way to prevent this. The only thing you can do is increase the system's
00:20:35 only thing you can do is increase the system's resources. However, if
00:20:37 resources. However, if a powerful attack occurs, no matter what
00:20:39 a powerful attack occurs, no matter what you do, you can't prevent it.
00:20:41 you do, you can't prevent it. Another vulnerability is the
00:20:44 Another vulnerability is the Beyblade
00:20:47 Beyblade Browser Cage browser, but
00:20:56 what about the form? It says that confidential information may remain in the browser's memory, but this is very unlikely.
00:20:59 but this is very unlikely. If you don't do this, what can we say?
00:21:03 If you don't do this, what can we say? Current browsers are quite reliable and
00:21:07 Current browsers are quite reliable and have strong security measures.
00:21:09 have strong security measures. Another one is Browser Security. Luppo
00:21:12 Another one is Browser Security. Luppo Sweeto Key Access. If the
00:21:15 Sweeto Key Access. If the browser has security
00:21:18 browser has security vulnerabilities, it says this can also
00:21:20 vulnerabilities, it says this can also lead to unauthorized access. This is
00:21:25 lead to unauthorized access. This is also very unlikely. I
00:21:27 also very unlikely. I
00:21:35 don't remember such a major security vulnerability recently. Frankly, this and the third technology at the bottom. Yusuf Editable Workforce. What is
00:21:39 third technology at the bottom. Yusuf Editable Workforce. What is
00:21:44 the use of these changeable web forms? What is needed here? What
00:21:46 What is needed here? What problems can occur here? Wow, Grande loading
00:21:50 problems can occur here? Wow, Grande loading of Cengiz Impossible. It's impossible to record detailed
00:21:55 of Cengiz Impossible. It's impossible to record detailed changes in detail
00:21:59 changes in detail
00:22:06 because it goes and changes one point at a time. It's updated en masse
00:22:08 changes one point at a time. It's updated en masse to the database. In this case, it
00:22:10 to the database. In this case, it
00:22:15 can be difficult to collect where and how to change them. Because it's not a single change.
00:22:22 I've changed the bulk porn. It's being done. Shoror authorization is being done. Kent Pepper's single ording
00:22:25 Kent Pepper's single ording face is Strong.
00:22:27 face is Strong. Another vulnerability is this
00:22:33 Another vulnerability is this user's year. Let's
00:22:37 user's year. Let's
00:22:50 say it's based on the user's role. Different authorizations cannot be made according to the user's role. Or, here, he mentioned Deadpool and the forum.
00:22:53 here, he mentioned Deadpool and the forum. I honestly couldn't figure it out.
00:22:55 I honestly couldn't figure it out. Because it's
00:22:58 Because it's possible to fix both of these vulnerabilities in the forums. If a good
00:23:02 possible to fix both of these vulnerabilities in the forums. If a good design is implemented,
00:23:06 design is implemented, a password checker will be
00:23:09 a password checker will be available for security requirements and
00:23:12 available for security requirements and will be run daily. Weak passwords
00:23:15 will be run daily. Weak passwords will be reported to system administrators.
00:23:17 will be reported to system administrators. Weak passwords can be detected and
00:23:19 Weak passwords can be detected and users
00:23:21 users can be asked to change them. Instead, if weak passwords
00:23:25 can be asked to change them. Instead, if weak passwords
00:23:30 are blocked when they are lost or updated, there will be no need for this. Access to the system will be
00:23:34 Access to the system will be allowed only from approved client computers.
00:23:36 allowed only from approved client computers. Look, this is a very serious
00:23:38 Look, this is a very serious security requirement and a very serious
00:23:40 security requirement and a very serious security measure.
00:23:43 security measure. Special access to the system can only be granted on certain computers, and
00:23:47 Special access to the system can only be granted on certain computers, and it cannot be done from anywhere else.
00:23:50 it cannot be done from anywhere else. This way, external actions can
00:23:54 This way, external actions can be completely prevented, or unauthorized
00:23:57 be completely prevented, or unauthorized access can be prevented. There will be
00:23:58 access can be prevented. There will be
00:24:04 a single approved web browser installed by system administrators on every client computer. This is again, nonsense, and
00:24:07 This is again, nonsense, and preventing the use of browsers is
00:24:10 preventing the use of browsers is already 3-4 times today.
00:24:13 already 3-4 times today. There are several major web browsers. There's
00:24:16 There are several major web browsers. There's Google Chrome, Mozilla Firefox,
00:24:19 Google Chrome, Mozilla Firefox, and Microsoft. And then there's Opera. These
00:24:22 and Microsoft. And then there's Opera. These four are all the most reliable and
00:24:26 four are all the most reliable and up-to-date web browsers. Microsoft
00:24:29 up-to-date web browsers. Microsoft
00:24:37 has released a really good browser with it. Let's not be too harsh on that. Here's the browser.
00:24:38 browser. It's quite good. The old internet
00:24:43 It's quite good. The old internet isn't as smooth as it used to be. Yes, operational risk
00:24:47 isn't as smooth as it used to be. Yes, operational risk assessment is a continuation of lifecycle risk
00:24:50 assessment is a continuation of lifecycle risk assessment, but it provides
00:24:52 assessment, but it provides additional information about the environment in which the system is used.
00:24:55 additional information about the environment in which the system is used. So, what do we have now?
00:25:02 So, what do we have now? Have you listed the operation? We've passed. The
00:25:04 Have you listed the operation? We've passed. The system is running. During its use,
00:25:07 system is running. During its use, we can obtain a lot of information.
00:25:10 we can obtain a lot of information. According to our initial assessment, the
00:25:12 According to our initial assessment, the characteristics of this environment could lead to new system risks.
00:25:15 characteristics of this environment could lead to new system risks. Of course, we
00:25:17 Of course, we need to conduct such a risk analysis. Because
00:25:21 need to conduct such a risk analysis. Because we are no longer in a secure development environment. In
00:25:24 we are no longer in a secure development environment. In other words, we are in a public environment. The
00:25:28 other words, we are in a public environment. The risk of outages
00:25:30 risk of outages
00:25:37 means leaving logged-in computers unattended. How does designing for security
00:25:43 affect the security of a system? How do architects and architectural design decisions affect the security of the system? Is it best practice? So, what is the
00:25:46 it best practice? So, what is the
00:25:50 accepted best practice when designing security systems for trust? Design for deployment. When a system
00:25:54 Design for deployment. When a system is used,
00:25:56 is used,
00:26:01 what support should be designed to prevent security vulnerabilities from emerging?
00:26:12 We will examine these individually in detail. Yes, architectural design.
00:26:15 architectural design. When designing a security architecture, two fundamental issues
00:26:19 When designing a security architecture, two fundamental issues must be considered. Let's see what these issues are.
00:26:21 must be considered. Let's see what these issues are.
00:26:31 How should the system be organized to protect critical assets against external attacks? Deployment is successful.
00:26:33 Deployment is successful.
00:26:37 How should system assets be distributed to minimize the effects of an attack? These potentially conflicting
00:26:40 These potentially conflicting assets are more expensive to protect if distributed. If
00:26:42 assets are more expensive to protect if distributed. If assets are protected,
00:26:43 assets are protected, availability and performance
00:26:44 availability and performance requirements may be compromised. Now,
00:26:48 requirements may be compromised. Now, let's look at the details of protection. Next, we'll look
00:26:50 let's look at the details of protection. Next, we'll look at the protection on
00:26:52 at the protection on the platform on which a system runs.
00:26:54 the platform on which a system runs. Controls on the
00:26:57 Controls on the application itself.
00:26:59 application itself. For example, additional password
00:27:01 For example, additional password protection. Protection on the registry.
00:27:04 protection. Protection on the registry. Access to specific information.
00:27:04 Access to specific information. This protection invoked. These lead to a layered
00:27:08 This protection invoked. These lead to a layered protection architecture. Let me
00:27:12 protection architecture. Let me give you an example.
00:27:15 give you an example. When you ask for saved passwords, what
00:27:17 When you ask for saved passwords, what does it ask you
00:27:23 does it ask you to enter your Windows login password?
00:27:31 I'll give you an example here. When I click on this passport and say "checkpas sos"
00:27:38 click on this passport and say "checkpas sos" and when I say "that pass" here,
00:27:45 and when I say "that pass" here, what does it ask me to do? It asks, see, Windows
00:27:48 what does it ask me to do? It asks, see, Windows OS asks me to enter my password.
00:27:51 OS asks me to enter my password. What is this? Break system protection.
00:27:53 What is this? Break system protection. So, suppose I forget it for a moment on the computer
00:27:56 So, suppose I forget it for a moment on the computer with ulterior motives. But
00:27:58 with ulterior motives. But someone came to me with a password. Ramo. But they
00:28:01 someone came to me with a password. Ramo. But they wanted to look, but they
00:28:04 wanted to look, but they didn't know the system password.
00:28:06 didn't know the system password. What will happen? You won't be able to access it.
00:28:10 What will happen? You won't be able to access it. A multi-layered protection architecture.
00:28:14 A multi-layered protection architecture. Platform-level protections. Systematic.
00:28:17 Platform-level protections. Systematic. Fair integrity
00:28:19 Fair integrity management. What is the platform-
00:28:21 management. What is the platform- level protection system for the bus?
00:28:26 level protection system for the bus? 16. Ancient. In other words, the
00:28:29 16. Ancient. In other words, the system is even more sporting. What
00:28:35 system is even more sporting. What can we say here?
00:28:44 This system is authentic. In other words, the
00:28:52 system is the correct system. Let's say it's the authorized system. Let's say it's the system authorization system.
00:28:56 Let's say it's the authorized system. Let's say it's the system authorization system.
00:28:59 This is the verification of the system's competence. We are
00:29:02 We are busy in the third. Fair integrity. That is,
00:29:06 busy in the third. Fair integrity. That is,
00:29:12 managing the stability and accuracy of files. But what are these? Platform-
00:29:15 But what are these? Platform- level protection. 16. What is application-level
00:29:18 level protection. 16. What is application-level protection. Look, what is here? Database
00:29:20 protection. Look, what is here? Database access no. Verification of the database of the day.
00:29:24 access no. Verification of the database of the day. System, or rather,
00:29:26 System, or rather, verification of database access permission.
00:29:33 verification of database access permission. Railing. Ship management.
00:29:35 Railing. Ship management. Managing database operations. Database construction.
00:29:38 Managing database operations. Database construction. Returning to the seven. In other words,
00:29:43 Returning to the seven. In other words, recovery. And the third
00:29:46 recovery. And the third level reporter for pro-tek. That is, the record
00:29:50 level reporter for pro-tek. That is, the record level. Protection, access to records,
00:29:54 level. Protection, access to records, authorization, the most
00:29:57 authorization, the most accurate recording, encryption,
00:30:02 accurate recording, encryption, accuracy of records, and management.
00:30:06 accuracy of records, and management. At least, what's in advance? So,
00:30:11 At least, what's in advance? So, distributing patient records here. Distribution,
00:30:15 distributing patient records here. Distribution, my first language, is
00:30:19 my first language, is a bit different from distribution.
00:30:22 a bit different from distribution. Distribution means that attacks on a system do not
00:30:23 Distribution means that attacks on a system do not necessarily
00:30:25 necessarily lead to a complete loss of system service.
00:30:27 lead to a complete loss of system service. So, what do we mean here?
00:30:31 So, what do we mean here?
00:30:35 We distribute the services we provide to different servers. The Steam platform
00:30:39 Steam platform has separate protection features and may differ from
00:30:41 has separate protection features and may differ from other platforms because they share a common security vulnerability. The
00:30:43 other platforms because they share a common security vulnerability. The
00:30:48 risk of denial of service attacks is high, and distribution is particularly important. So,
00:30:54 distribution is particularly important. So, what's here?
00:30:57 what's here? There are assets distributed in an equity trading system.
00:31:00 There are assets distributed in an equity trading system. Look what they've done. They've established a New York
00:31:03 Look what they've done. They've established a New York Trading system, a New York Trading
00:31:06 Trading system, a New York Trading system.
00:31:08 system. They've established a London Trading system. They
00:31:10 They've established a London Trading system. They
00:31:14 've stored American accounts that I'll use in the New York Trading system. They've stored international user accounts.
00:31:16 international user accounts.
00:31:27 They've stored American or American accounts. They've stored the history of commercial transactions. They've stored American assets for sale, and so on.
00:31:30 They've stored American assets for sale, and so on. Look, in London, England, they've stored
00:31:33 Look, in London, England, they've stored accounts and assets of people in England.
00:31:35 accounts and assets of people in England. Then there's
00:31:39 Then there's Frankfurt, and Europeans have stored them in
00:31:42 Frankfurt, and Europeans have stored them in Hong Kong. They're hidden in Hong Kong. So, they've
00:31:44 Hong Kong. They're hidden in Hong Kong. So, they've implemented an asset distribution. That's why
00:31:47 implemented an asset distribution. That's why the system in America, if it's hacked,
00:31:50 the system in America, if it's hacked, won't affect those in other countries.
00:31:52 won't affect those in other countries.
00:31:56 You always hear about user passwords, emails, etc.
00:31:59 passwords, emails, etc. being added, but credit card information
00:32:01 being added, but credit card information not being added. Because credit card
00:32:04 not being added. Because credit card information is stored in a different
00:32:07 information is stored in a different and more secure system.
00:32:08 and more secure system. So, even if the main system is added,
00:32:13 So, even if the main system is added,
00:32:17 they may never have manually processed credit card information. What is that? That's asset distribution. The
00:32:22 asset distribution. The key points of Brevet Part 1 are security
00:32:24 key points of Brevet Part 1 are security engineering. It deals with
00:32:26 engineering. It deals with how to develop systems that can be eavesdropped on malicious attacks. The
00:32:27 how to develop systems that can be eavesdropped on malicious attacks. The
00:32:34 first rule, as I always say, is to assume that everyone who accesses a system and uses the system has
00:32:36 accesses a system and uses the system has malicious intent.
00:32:39 malicious intent. This is our only rule:
00:32:42 This is our only rule:
00:32:49 never trust any input you receive from outside. Security threats can be threats to the integrity and availability of a system or data.
00:32:51 threats can be threats to the integrity and availability of a system or data.
00:32:56 See, we mentioned integrity here. The word "integrity"
00:33:01 The word "integrity" would be more accurate.
00:33:03 would be more accurate. This is uncorrupted, unaltered,
00:33:06 This is uncorrupted, unaltered, unaltered, uncorrupted security risk management is
00:33:10 unaltered, uncorrupted security risk management is
00:33:19 about assessing potential losses from attacks and developing security requirements to minimize losses. Design architecture includes following good design practices
00:33:22 architecture includes following good design practices and minimizing system vulnerability.
00:33:24 and minimizing system vulnerability. Yes,
00:33:27 Yes, security engineering is the
00:33:30 security engineering is the subject matter you want to trust in Section 2.
00:33:32 subject matter you want to trust in Section 2. Design guidelines will help you design a secure system.
00:33:34 Design guidelines will help you design a secure system.
00:33:39 Following these guidelines will certainly make our job easier.
00:33:41 make our job easier.
00:33:46 Design for deployment will increase our security. Design in a way that minimizes deployment issues that could lead to security vulnerabilities.
00:33:48 minimizes deployment issues that could lead to security vulnerabilities.
00:33:54 Of course, when you deploy, you'll need to ensure more system security.
00:33:55 need to ensure more system security. This can
00:33:58 This can increase the likelihood of security vulnerabilities.
00:34:01 increase the likelihood of security vulnerabilities. System survivability, that is, the system's continued
00:34:04 System survivability, that is, the system's continued survival, allows the system to
00:34:07 survival, allows the system to provide essential services
00:34:09 provide essential services even when under attack. Even under attack, the
00:34:12 even when under attack. Even under attack, the most critical operations continue. If we
00:34:15 most critical operations continue. If we can allow this, this
00:34:20 can allow this, this would be a very positive element. Let's look at the
00:34:24 would be a very positive element. Let's look at the design guidelines for security engineers for self-engineering.
00:34:26 design guidelines for security engineers for self-engineering. Ergene
00:34:28 Ergene gave me the guidelines, and I'll press them. These guidelines cover
00:34:31 gave me the guidelines, and I'll press them. These guidelines cover good practices in security system design. They
00:34:33 good practices in security system design. They
00:34:38 serve two purposes: they raise awareness of security issues within a software engineering team.
00:34:40 of security issues within a software engineering team. More precisely,
00:34:43 More precisely, one of them is security. But when design decisions are made, these design guidelines
00:34:45 one of them is security. But when design decisions are made, these design guidelines are considered. These
00:34:48 are considered. These
00:34:57 can be used as the basis for a review checklist applied during the system validation process. Are the design guidelines here valid during software specification and
00:34:58 guidelines here valid during software specification and design?
00:35:02 design? Yes, look. Yes, security.
00:35:11 Yes, look. Yes, security. Design guidelines for secure systems engineers.
00:35:12 Design guidelines for secure systems engineers. Security guidelines. Let's see
00:35:15 Security guidelines. Let's see what I base my security decisions on
00:35:17 what I base my security decisions on a clear security policy. So, let's
00:35:19 a clear security policy. So, let's have a security policy. Avoid a single
00:35:21 have a security policy. Avoid a single point of failure. If
00:35:23 point of failure. If multiple points of failure
00:35:26 multiple points of failure occur simultaneously, your system
00:35:28 occur simultaneously, your system will fail safely.
00:35:31 will fail safely. Even when the system succeeds, it
00:35:34 Even when the system succeeds, it
00:35:47 will prevent Android and Velog Lion from becoming insecure again. Balance security and usability. If we
00:35:50 usability. If we
00:35:54 sacrifice usability for security, we can create negative feedback. We
00:35:56 we can create negative feedback. We need a balance. Log user transactions, that
00:36:00 need a balance. Log user transactions, that is, keep long-line records.
00:36:02 is, keep long-line records.
00:36:07 Use leftover cake varieties to reduce the old ones. What we've explained with diversity?
00:36:10 we've explained with diversity? Verify all inputs. As I always say,
00:36:12 Verify all inputs. As I always say, never trust users.
00:36:15 never trust users. Segment our assets.
00:36:19 Segment our assets. Design for distribution.
00:36:22 Design for distribution. Design for recoverable and recoverable. Now
00:36:26 Design for recoverable and recoverable. Now
00:36:31 let's examine the technical guidelines in more detail. I base my decisions on an open information factory. Because I define
00:36:33 factory. Because I define
00:36:39 a security policy for the organization that defines the basic security requirements that must be implemented in enterprise systems. Avoid a single
00:36:41 a single point of failure. Ensure that a security
00:36:43 point of failure. Ensure that a security error occurs only when
00:36:45 error occurs only when multiple failures occur in security procedures.
00:36:47 multiple failures occur in security procedures.
00:36:51 For example, implement paid and question-based authentication. What do you mean by "right?"?
00:36:54 authentication. What do you mean by "right?"? For example,
00:36:56 For example, you've seen it after signing up, like the name of your first pet.
00:37:00 you've seen it after signing up, like the name of your first pet. What would this be?
00:37:02 What would this be? Double security, yes, or a more secure reason like SMS plus
00:37:06 Double security, yes, or a more secure reason like SMS plus password.
00:37:09 password.
00:37:38 Balance security and usability in design guidelines 46. Try to avoid security procedures that circulate around the system's usage.
00:37:40 security procedures that circulate around the system's usage. Sometimes, you need to
00:37:43 Sometimes, you need to
00:37:47 consider a more secure system to make it more usable. A balance needs to be struck here.
00:37:50 A balance needs to be struck here. Log user actions daily.
00:37:52 Log user actions daily.
00:37:55 A user action log that can be analyzed daily to discover who did what should be kept and users
00:37:58 daily to discover who did what should be kept and users should be informed of such a log. They are
00:38:00 should be informed of such a log. They are less likely to behave indefinitely.
00:38:04 less likely to behave indefinitely.
00:38:09 Use redundancy and various methods to mitigate risk. Keep multiple copies of data. Use this type of infrastructure. Thus, the
00:38:11 Use this type of infrastructure. Thus, the Altepe vulnerability is not a single point of failure.
00:38:13 Altepe vulnerability is not a single point of failure. Design guidelines 7-10. Check that all
00:38:18 Design guidelines 7-10. Check that all entries are correct. To
00:38:20 entries are correct. To prevent unexpected entries from causing problems,
00:38:22 prevent unexpected entries from causing problems,
00:38:29 check that all entries are within the range. This means that you
00:38:35 have an expectation in various ways, whether it's for numbers or text. You need to check whether that expectation falls within the expected range.
00:38:39 that expectation falls within the expected range.
00:38:45 Separate our assets into sections. System assets will be in separate areas, and
00:38:47 assets will be in separate areas, and users can access
00:38:49 users can access only the information they need instead of the entire system.
00:38:50 only the information they need instead of the entire system.
00:38:56 Arrange attachments so that distribution design prevents distribution issues.
00:38:57 prevents distribution issues.
00:39:02 Designing for the recoverable League involves designing the system to simplify recoverability after a successful attack,
00:39:13 designing the distribution software for deployment,
00:39:17 configuring it to run in the operating environment, and configuring it for the operating system.
00:39:18 and configuring it for the operating system. At this stage,
00:39:21 At this stage, configuration errors can arise as a result of configuration errors.
00:39:23 configuration errors can arise as a result of configuration errors.
00:39:28 Designing distribution support for the system can
00:39:32 reduce the likelihood of security vulnerabilities.
00:39:34 vulnerabilities. There are default settings with security vulnerabilities. Attackers
00:39:37 There are default settings with security vulnerabilities. Attackers
00:39:40 can find settings for the software from WhatsApp. These are generally weak, but they
00:39:47 can be used by users when attacking a system to increase them. This is the most honest thing manufactured right now, you know.
00:39:49 thing manufactured right now, you know. Our devices are now connected to the internet,
00:39:51 Our devices are now connected to the internet, and this is the most common reason
00:39:59 for these default settings. Let me explain.
00:40:01 explain. Security cameras are the most misused devices, for example.
00:40:04 Security cameras are the most misused devices, for example. They are connected to a network and
00:40:07 They are connected to a network and default settings are used.
00:40:09 default settings are used. These are scanned with automatic software.
00:40:11 These are scanned with automatic software. Special software is installed in them.
00:40:13 Special software is installed in them. Because they are connected to the internet and
00:40:15 Because they are connected to the internet and have their own software, they can be
00:40:17 have their own software, they can be monitored or turned into
00:40:20 monitored or turned into a zombie device for DOS attacks.
00:40:22 a zombie device for DOS attacks. While everything
00:40:25 While everything comes to mind, this is just a
00:40:27 comes to mind, this is just a security camera.
00:40:29 security camera. For example, a refrigerator. For example, if you use a fortune telling password, it can be
00:40:31 For example, a refrigerator. For example, if you use a fortune telling password, it can be easily scanned, found, and
00:40:34 easily scanned, found, and malware can be installed.
00:40:38 malware can be installed. This opens up all kinds of possibilities, like
00:40:40 This opens up all kinds of possibilities, like televisions. This distribution is very stylish, especially for
00:40:44 televisions. This distribution is very stylish, especially for devices that come with default settings.
00:40:46 devices that come with default settings.
00:40:53 Some configuration settings in development and debugging systems are
00:40:55 configuration settings in development and debugging systems are
00:40:59 very well designed. If these aren't disabled, they could be
00:41:00 If these aren't disabled, they could be a vulnerability that could be exploited by attackers.
00:41:03 a vulnerability that could be exploited by attackers. So, development and
00:41:05 So, development and debugging can sometimes have some configuration settings for their own bugging,
00:41:08 debugging can sometimes have some configuration settings for their own bugging, but you
00:41:09 but you
00:41:19 need to disable or cancel these when the software is operational because these are your security, so we'll be patient.
00:41:21 we'll be patient. You've probably seen this on your mobile phone. Sometimes, there
00:41:23 You've probably seen this on your mobile phone. Sometimes, there
00:41:30 may be situations where developer security settings need to be enabled. I don't know if you've ever experienced such a special situation. But there is such a thing.
00:41:34 situation. But there is such a thing. This distribution supports configurations. Include
00:41:38 This distribution supports configurations. Include support for viewing and analyzing configurations.
00:41:39 support for viewing and analyzing configurations.
00:41:46 Ensure that the system administrator responsible for the deployment can easily view the entire configuration. Ensure this makes it
00:41:51 easier to identify deficiencies and errors. Minimize the default separations and thus
00:41:53 separations and thus limit the damage that could be caused.
00:41:55 limit the damage that could be caused.
00:41:58 Therefore, if there is an administrator, why did you leave them? Design the system to minimize the privileges allocated.
00:42:01 leave them? Design the system to minimize the privileges allocated. This
00:42:05 This
00:42:11 means that if someone uses administrative access and gains access, they won't be able to instantly experience the features of the system. So, this means giving them the minimum level of privileges.
00:42:14 means giving them the minimum level of privileges. Don't grant any unnecessary privileges.
00:42:16 Don't grant any unnecessary privileges. Because the account granted privileges can fall into the
00:42:20 Because the account granted privileges can fall into the hands of malicious individuals. Elif,
00:42:21 hands of malicious individuals. Elif, develop with the assumption that the account is vulnerable to malicious users.
00:42:24 develop with the assumption that the account is vulnerable to malicious users.
00:42:30 Include configuration settings for gold support. When setting up a system, all information about the same part and component of a system
00:42:33 When setting up a system, all information about the same part and component of a system
00:42:39 must be placed in a way that it can be installed all at once. Otherwise, it's easy to forget to set the relevant security features.
00:42:41 forget to set the relevant security features. Forgetting this is a very important
00:42:45 Forgetting this is a very important element. For example, I recently
00:42:47 element. For example, I recently moved a server to
00:42:51 moved a server to another server, and just today, there are a lot of settings. It's
00:42:54 another server, and just today, there are a lot of settings. It's quite easy to forget these,
00:42:57 quite easy to forget these, so you only
00:42:59 so you only need to write it down. You can even
00:43:01 need to write it down. You can even automatically change and
00:43:02 automatically change and place it through a Secret. This would be the cleanest
00:43:05 place it through a Secret. This would be the cleanest
00:43:09 way to fix security vulnerabilities. Provide easy ways to fix security vulnerabilities when problems are detected. Security disclosure in distributed systems,
00:43:11 are detected. Security disclosure in distributed systems,
00:43:14 such as automatic updates, provides easy ways to fix them. We already know that automatic updates are
00:43:19 already know that automatic updates are
00:43:45 important. System survivability is an urgent system feature that reflects the ability of a system or a part of the system to provide basic services right after this. A survivability analysis and design should be part of the security engineering process. Rose, the importance of survivability. Our economic and social life depends on computer systems.
00:43:46 life depends on computer systems. Critical infrastructure, electricity, gas,
00:43:49 Critical infrastructure, electricity, gas, telecommunications, transportation, healthcare,
00:43:51 telecommunications, transportation, healthcare, see the provision. They recently
00:44:00 added this. Petroleum distribution and oil or gas in America.
00:44:04 Petroleum distribution and oil or gas in America. People
00:44:06 People
00:44:11 paid millions of dollars in Bitcoin to hackers out of necessity and made the system work. Because
00:44:14 made the system work. Because every time the system is down, they have to pay millions of dollars in Bitcoin.
00:44:17 every time the system is down, they have to pay millions of dollars in Bitcoin. They were causing much greater damage, both financially
00:44:19 They were causing much greater damage, both financially and in terms of users.
00:44:22 and in terms of users. Critical systems should be designed to
00:44:25 Critical systems should be designed to provide critical services even when under attack.
00:44:28 provide critical services even when under attack.
00:44:37 Business systems, such as cable systems,
00:44:39 cable systems, can have economic impacts within a very short time. Examples of airline reservation
00:44:41 can have economic impacts within a very short time. Examples of airline reservation systems, e-commerce systems, and payment
00:44:43 systems, e-commerce systems, and payment systems include things like your card
00:44:44 systems include things like your card not working.
00:44:47 not working. A service availability can seriously victimize you.
00:44:52 A service availability can seriously victimize you.
00:44:56 What are the Enkatek system services for a business? How can these services be compromised?
00:44:58 How can these services be compromised? What is the military service quality that must be maintained?
00:45:01 What is the military service quality that must be maintained? How can these services be protected?
00:45:03 How can these services be protected? How quickly
00:45:05 How quickly can a service be recovered if it becomes unusable? What happens depending on these?
00:45:08 can a service be recovered if it becomes unusable? What happens depending on these? Service availability
00:45:10 Service availability emerges. Orhan, strategies
00:45:13 emerges. Orhan, strategies for surviving in the middle. We
00:45:16 for surviving in the middle. We added capabilities to the system to avoid problems.
00:45:18 added capabilities to the system to avoid problems. Look at recognizing attacks and
00:45:22 Look at recognizing attacks and detecting faults and assessing the resulting damage. We
00:45:23 detecting faults and assessing the resulting damage. We
00:45:28 added capabilities to the system to identify problems and recover under attack. We added capabilities
00:45:30 under attack. We added capabilities to the system to provide problems.
00:45:32 to the system to provide problems. But what are these?
00:45:33 But what are these? Our survival strategies. The
00:45:36 Our survival strategies. The stages within the system are one and a system. Are you
00:45:39 stages within the system are one and a system. Are you up? Arkiteck. You, that is,
00:45:41 up? Arkiteck. You, that is, review the system requirements trial architecture.
00:45:43 review the system requirements trial architecture. Examine the cost. Three details are available. Tefal Clipso
00:45:46 Examine the cost. Three details are available. Tefal Clipso service conference critical services
00:45:48 service conference critical services and components. You can determine the cost and
00:45:51 and components. You can determine the cost and complete the attack. Less and more
00:45:54 complete the attack. Less and more compensation. So, possible attacks and
00:45:59 compensation. So, possible attacks and Yes, what can we say? Identify
00:46:06 Yes, what can we say? Identify components that can be added externally. Four months later,
00:46:10 components that can be added externally. Four months later, identify the components that can be seized.
00:46:12 identify the components that can be seized. The Face of Both and Survival
00:46:16 The Face of Both and Survival strategy, that is, determine your weak points,
00:46:19 strategy, that is, determine your weak points, soft spots, and
00:46:22 soft spots, and survival strategy.
00:46:25 survival strategy. Then, succeed again.
00:46:27 Then, succeed again. Continuously improve the system in this cycle.
00:46:30 Continuously improve the system in this cycle. Key activities: system understanding,
00:46:32 Key activities: system understanding, objectives, requirements, and architecture
00:46:35 objectives, requirements, and architecture review. Identify critical services.
00:46:37 review. Identify critical services. Identify services that require maintenance.
00:46:39 Identify services that require maintenance. Simulate attack scenarios.
00:46:42 Simulate attack scenarios.
00:46:48 Identify affected components. You even hear this a lot. What do large companies do?
00:46:51 What do large companies do? They do that, for example, or
00:46:54 They do that, for example, or they conduct activities at work.
00:46:57 they conduct activities at work. Those who can identify security vulnerabilities are very serious matters.
00:46:59 Those who can identify security vulnerabilities are very serious matters. Good day, awards, data tables,
00:47:03 Good day, awards, data tables, even better than simulations. Survival
00:47:06 even better than simulations. Survival analysis will be applied.
00:47:08 analysis will be applied. Determine survival in languages.
00:47:15 Determine survival in languages. An example for trading system survival.
00:47:18 An example for trading system survival. Duplicate user accounts and
00:47:20 Duplicate user accounts and stock prices among the results. Therefore,
00:47:22 stock prices among the results. Therefore, some provisions were made for survival. A little
00:47:26 some provisions were made for survival. A little translation. It didn't seem quite right. Let's expand on this.
00:47:30 translation. It didn't seem quite right. Let's expand on this. This season's special, Hakan, I guess, huh?
00:47:52 Yes, subscribe.
00:47:57 subscribe. Why should we spread the excess result down your throat?
00:48:08 Why should we spread the excess result down your throat? What does this mean?
00:48:27 What does this mean? Have column servers, friends. If one of
00:48:30 Have column servers, friends. If one of your servers passes, meaning if it becomes inoperable,
00:48:33 your servers passes, meaning if it becomes inoperable,
00:48:38 you can immediately continue to serve with the column result. The basic ability to protect is to order stock.
00:48:41 basic ability to protect is to order stock. What is the ability for this trading
00:48:43 What is the ability for this trading system, or rather, exchange, but also
00:48:50 system, or rather, exchange, but also support for the stock market sector.
00:48:52 support for the stock market sector.
00:49:07 This survivable ordering service is a
00:49:11 critical service that must survive. What is placing an order for authorized users for stock?
00:49:13 placing an order for authorized users for stock? This system requires three components to
00:49:16 This system requires three components to be available and
00:49:17 be available and secure. User authentication allows authorized users to
00:49:20 secure. User authentication allows authorized users to log in to the system.
00:49:22 log in to the system. One price
00:49:25 One price quote allows the quotation of buy and sell prices.
00:49:27 quote allows the quotation of buy and sell prices. Two, order placement, which allows for buy and sell
00:49:32 Two, order placement, which allows for buy and sell orders.
00:49:33 orders. This also requires three possible attacks.
00:49:39 This also requires three possible attacks. One intentional user
00:49:41 One intentional user pretended to be a famous user and placed malicious stock orders
00:49:43 pretended to be a famous user and placed malicious stock orders to create problems for the famous user.
00:49:45 to create problems for the famous user.
00:49:50 A very bad situation: an unauthorized user disrupts transactions based on
00:49:53 an unauthorized user disrupts transactions based on sales and purchases,
00:49:55 sales and purchases, making happy reconciliation impossible. If a
00:50:01 making happy reconciliation impossible. If a stock is purchased, the
00:50:03 stock is purchased, the unauthorized user places malicious orders. Just now, the survivability analysis attack.
00:50:06 unauthorized user places malicious orders. Just now, the survivability analysis attack.
00:50:10 Resistance. So, what kind of resistance do we have? What is the login password for placing an order?
00:50:12 have? What is the login password for placing an order? Something different. Request a transaction stress, for example,
00:50:15 Something different. Request a transaction stress, for example, SMS verification. I don't know. Subscribe for a second.
00:50:19 SMS verification. I don't know. Subscribe for a second.
00:50:33 Send a copy of the user order via email to this contact phone number. Coriolanus invented the user order history so they can identify orders.
00:50:35 user order history so they can identify orders. Models
00:50:37 Models photo For example, I think this happened to me.
00:50:40 photo For example, I think this happened to me. I made a purchase.
00:50:43 I made a purchase. One of the e-commerce sites leaked my credit
00:50:45 One of the e-commerce sites leaked my credit card information.
00:50:49 card information. One of these secrets went and
00:50:51 One of these secrets went and made a purchase of 2500 TL. But the last time I received an
00:50:54 made a purchase of 2500 TL. But the last time I received an SMS for a purchase of 20 TL,
00:50:57 SMS for a purchase of 20 TL,
00:51:02 I saw that there was a purchase of 2500 TL. The recognition
00:51:04 was a purchase of 2500 TL. The recognition system was very late here, which put me in a bit of a difficult
00:51:08 system was very late here, which put me in a bit of a difficult situation. But of course,
00:51:11 situation. But of course, yes, the e-commerce system
00:51:15 yes, the e-commerce system has other resistance points. It
00:51:17 has other resistance points. It is due to the conditions imposed by a special conscience. We
00:51:19 is due to the conditions imposed by a special conscience. We use cards, you know.
00:51:22 use cards, you know. If the withdrawal
00:51:25 If the withdrawal wasn't made via SMS verification, the bank
00:51:28 wasn't made via SMS verification, the bank has to hold it. Okay, so I didn't need the bank. Did
00:51:31 has to hold it. Okay, so I didn't need the bank. Did I contact all the companies whose card I used to withdraw money from and
00:51:33 I contact all the companies whose card I used to withdraw money from and
00:51:38 mention that it was an illegal withdrawal? Those companies all canceled the transactions.
00:51:40 Those companies all canceled the transactions. But even if it wasn't canceled, the bank still
00:51:43 But even if it wasn't canceled, the bank still holds the transaction. As you can see, resistance and
00:51:44 holds the transaction. As you can see, resistance and recognition are crucial. Recovery processes
00:51:47 recognition are crucial. Recovery processes automatically provide a
00:51:51 automatically provide a mechanism to reverse and restore user accounts.
00:51:52 mechanism to reverse and restore user accounts.
00:51:56 Users are insured against losses caused by malicious trading. I pay income to users in dollars.
00:51:58 pay income to users in dollars. Lion, let me
00:52:01 Lion, let me give you an example.
00:52:03 give you an example. I ordered a spell from N11. The user says I sent it.
00:52:06 I ordered a spell from N11. The user says I sent it.
00:52:11 There's also the shipping information. I look at the shipping information and the cargo says it was delivered to me.
00:52:13 was delivered to me. Nothing was delivered. I wrote to N11.
00:52:16 Nothing was delivered. I wrote to N11. It wasn't a large amount.
00:52:18 It wasn't a large amount. En11 charged me
00:52:22 En11 charged me that much credit directly for customer satisfaction.
00:52:27 that much credit directly for customer satisfaction. Okay, I lost money again because the product I purchased was immediately
00:52:29 Okay, I lost money again because the product I purchased was immediately connected to 115 in 15 days.
00:52:31 connected to 115 in 15 days. What comes into play here?
00:52:34 What comes into play here? They
00:52:36 They probably have insurance for such situations, and there
00:52:38 probably have insurance for such situations, and there 's a budget for the details.
00:52:40 's a budget for the details. They cover it from there. The corruption of the transaction base and its
00:52:43 They cover it from there. The corruption of the transaction base and its maintenance are another attack.
00:52:50 maintenance are another attack. Abra, a very dangerous and bad attack.
00:52:54 Abra, a very dangerous and bad attack. Furthermore, you must authorize using
00:52:57 Furthermore, you must authorize using a stronger authentication mechanism, such as privileged digital certificates,
00:52:59 a stronger authentication mechanism, such as privileged digital certificates,
00:53:06 or access. Only internal adults are allowed.
00:53:09 access. Only internal adults are allowed. Izmir, for example,
00:53:11 Izmir, for example,
00:53:17 is not limited to accessing blocked sites. It also allows access to a location only within the family,
00:53:20 only within the family, and this is the most widely used method.
00:53:23 and this is the most widely used method. Perhaps this is also a method for
00:53:27 Perhaps this is also a method for recognizing transactions on a server.
00:53:30 recognizing transactions on a server. For an office, preserve read-only copies of transactions and
00:53:32 For an office, preserve read-only copies of transactions and
00:53:36 periodically compare them to check for read-only corruption.
00:53:41 To detect corruption, preserve the cryptographic checksum with all transaction records and
00:53:47 ensure the grip top competitor's total is very, very important, especially with digital evidence.
00:53:51 especially with digital evidence. This must be present so that the records
00:53:53 This must be present so that the records can be determined to be intact.
00:53:56 can be determined to be intact.
00:54:02 If recovery is necessary, provide a mechanism to replay
00:54:05 transactions from a specific time to reconstruct transactions.
00:54:09 For example, I take daily backups. Of course, if the backup is
00:54:11 Of course, if the backup is not available today,
00:54:15 not available today, there are various different methods. For example, there is Liverik et, so you
00:54:18 there are various different methods. For example, there is Liverik et, so you can do live cloning, but
00:54:21 can do live cloning, but on a different water table. Maybe
00:54:24 on a different water table. Maybe it can slow down a bit. So, here
00:54:26 it can slow down a bit. So, here are various methods depending on the sensitivity of your system.
00:54:32 are various methods depending on the sensitivity of your system. Baran Yes, key points for this section:
00:54:35 Baran Yes, key points for this section: General Security guidelines designers are
00:54:38 General Security guidelines designers are facing security issues. It
00:54:40 facing security issues. It makes it responsive and
00:54:42 makes it responsive and serves as a review control dress. The
00:54:45 serves as a review control dress. The configuration showed the visualization
00:54:48 configuration showed the visualization placement setting and default
00:54:49 placement setting and default searches, minimizing distribution
00:54:52 searches, minimizing distribution errors. The
00:54:54 errors. The system's Peker capability reflects the ability to provide service when a system is
00:54:56 system's Peker capability reflects the ability to provide service when a system is under attack or after a portion of the system is
00:54:58 under attack or after a portion of the system is damaged.
00:55:00 damaged. Yes, friends, we've
00:55:03 Yes, friends, we've reached the end of our lesson.
00:55:05 reached the end of our lesson. Let's upload the book immediately. I'm waiting for your projects.
00:55:10 Let's upload the book immediately. I'm waiting for your projects.
00:55:13 If you want, you can sell it in the final, you can deliver it in just one.
00:55:15 you can sell it in the final, you can deliver it in just one. Make your choice accordingly. There
00:55:18 Make your choice accordingly. There
00:55:24 are no problems, there are no negative aspects. Those who can't make it to the end should
00:55:25 Those who can't make it to the end should try and identify it in the supplements.
00:55:28 try and identify it in the supplements.
00:55:34 I don't think there will be a disadvantage for you either. Thank you for watching my lessons. Those
00:55:36 Thank you for watching my lessons. Those who want to learn their numbers
00:55:39 who want to learn their numbers should look at other playlists in the museum.
00:55:42 should look at other playlists in the museum. What were you going to write? Let's upload this project in our last lesson. We
00:55:46 What were you going to write? Let's upload this project in our last lesson. We
00:55:57 already have the book on us, everyone knows. Those
00:56:01 everyone knows. Those who want to contact me, please
00:56:02 who want to contact me, please use Discord or email. How
00:56:07 use Discord or email. How not? Blue Discord. The best thing is usually
00:56:13 not? Blue Discord. The best thing is usually Discord is online.
00:56:16 Discord is online. If you write insurance, I'll write to you.
00:56:17 If you write insurance, I'll write to you. Even if it's a feature, write it in the general channel
00:56:20 Even if it's a feature, write it in the general channel so everyone can see the questions and
00:56:22 so everyone can see the questions and answers. Yes, thank you. Take
00:56:26 answers. Yes, thank you. Take care. See you.

shanzay321 · 2025-10-30T07:30:52Z

shanzay321
Oct 30, 2025

Yazılım Mühendisliği Ders 14: Güvenlik Mühendisliği ve Güvenlik Riski Değerlendirmesi Özeti

Herkese merhabalar, 14. yazılım mühendisliği dersimizin son dersinin özetiyle karşınızdayım. Bugünkü konumuz Güvenlik Mühendisliği ve Güvenlik Riski Değerlendirmesi idi.

İşte derste üzerinde durduğumuz önemli noktalar:

Güvenlik Mühendisliği Temelleri

Güvenlik mühendisliği, sistemi kötü niyetli saldırılara karşı dayanıklı hale getirmek demek.

En önemli kuralımız: Sistemi kullanan herkese şüpheyle yaklaşın! Dışarıdan gelen hiçbir veriye güvenmeyin.

Odak noktamız altyapı değil, bizzat yazdığımız uygulamanın kendi güvenliği.

Güvenlik Yönetimi

Kullanıcı ve izin yönetimini çok sıkı tutmalıyız. Kimseye gereğinden fazla yetki vermemeliyiz.

Yazılım güncellemelerinin güvenli dağıtımı da çok önemli. Güncelleme sistemleri hacker'ların hedefi olabilir.

Mutlaka saldırı izleme sistemleri kurmalı, yedekleme yapmalı ve sistemin hızla toparlanabilmesini sağlamalıyız.

Risk Yönetimi

Sonsuz güvenlik diye bir şey yok. Güvenlik önlemlerinin maliyeti ile koruduğumuz varlığın değeri arasında denge kurmalıyız.

Şirket olarak bir güvenlik politikası oluşturmalı, risk değerlendirmelerini sistemin yaşam döngüsünün her aşamasında yapmalıyız.

Tehditler ve Varlıklar

Dört temel tehdit türü var:

Erişim tehditleri: Hacker'ın sistemimize sızması

Kesinti tehditleri: DDoS saldırıları gibi sistemi kullanılmaz hale getirmeleri

Değişiklik tehditleri: Verilerimizi değiştirmeleri

Sahtecilik tehditleri: Sisteme yanlış bilgi sokmaları (örneğin sahte GPS verisi)

Önce değerli varlıklarımızı (müşteri verileri, finansal bilgiler vb.) belirlemeli, sonra bunları hangi tehditlerin beklediğini analiz etmeliyiz.

Güvenlik için Tasarım

Sistemi baştan güvenli tasarlamalıyız:

Çok katmanlı koruma kullanmalıyız (işletim sistemi + uygulama + veritabanı güvenliği)

Hizmetleri dağıtmak çok önemli - bir sunucu çökerse tüm sistem çökmesin

Kredi kartı bilgilerini ana sistemden ayrı tutmak gibi önlemler almalıyız

Güvenlik İpuçları
İşte güvenlik için altın kurallarımız:

Her girdiyi mutlaka kontrol et

Kullanıcı işlemlerini mutlaka logla

Kimseye gereksiz yetki verme (minimum ayrıcalık kuralı)

Yedekli sistemler kur

Güvenlik ve kullanılabilirlik dengesini iyi kur

Tek noktada hata olmasını engelle

Sistem Dayanıklılığı (Survivability)

Sistemimiz sadece saldırıları engellemekle kalmamalı, saldırı altında da temel hizmetleri vermeye devam edebilmeli.

Bunun için üç stratejimiz var:

Direnç: Saldırıları önlemeye çalışmak

Tanıma: Saldırıları hızla fark etmek

Kurtarma: Saldırıdan sonra hızla toparlanmak

Gerçek Hayattan Örnekler:

Güvenlik kameraları, akıllı buzdolapları gibi cihazlardaki varsayılan şifrelerin değiştirilmemesi büyük güvenlik açığı

E-ticaret sistemlerinde SMS doğrulama gibi çift faktörlü kimlik doğrulama şart

Banka ve borsa sistemlerinde kesintisiz hizmet çok kritik öneme sahip

Son Söz:
Güvenlik, yazılım geliştirmenin sonunda eklenecek bir özellik değil, baştan itibaren mühendislik sürecinin bir parçası olmalı. Bu dersle birlikte yazılım mühendisliği serimizi de tamamlamış olduk.

Projelerinizi bekliyorum, sorularınız için Discord kanalımıza veya e-posta yoluyla ulaşabilirsiniz. Hepinize teşekkür ederim, iyi çalışmalar.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

#Yazılım #Mühendisliği - Ders 14: Güvenlik Mühendisliği, Güvenlik Riski Değerlendirmesi #331

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

#Yazılım​​ #Mühendisliği​​ - Ders 14: Güvenlik Mühendisliği, Güvenlik Riski Değerlendirmesi #331

Uh oh!

FurkanGozukara Oct 28, 2025 Maintainer

#Yazılım​​ #Mühendisliği​​ - Ders 14: Güvenlik Mühendisliği, Güvenlik Riski Değerlendirmesi

Video Transcription

Replies: 1 comment

Uh oh!

shanzay321 Oct 30, 2025

#Yazılım #Mühendisliği - Ders 14: Güvenlik Mühendisliği, Güvenlik Riski Değerlendirmesi #331

FurkanGozukara
Oct 28, 2025
Maintainer

#Yazılım #Mühendisliği - Ders 14: Güvenlik Mühendisliği, Güvenlik Riski Değerlendirmesi

shanzay321
Oct 30, 2025