Can a system be considered truly reliable if it isn't fundamentally secure? Or can it be considered secure if it's unreliable? Security is crucial to the design and operation of scalable systems in production, as it plays an important part in product quality, performance, and availability. In this book, experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.
Two previous books demonstrated how and why a commitment to the entire service lifecycle enables organizations to successfully build, deploy, monitor, and maintain software systems. In this latest guide, the authors offer insights into system design, implementation, and maintenance from practitioners who specialize in security and reliability. They also discuss how building and adopting their recommended best practices requires a culture that's supportive of such change.
You'll learn about secure and reliable systems through: Design strategies; Recommendations for coding, testing, and debugging practices; Strategies to prepare for, respond to, and recover from incidents; Cultural best practices that help teams across your organization collaborate effectively.
This open book is licensed under a Creative Commons License (CC BY). You can download Building Secure and Reliable Systems ebook for free in PDF format (10.4 MB).
Table of Contents
The Intersection of Security and Reliability
Case Study: Safe Proxies
Design for Least Privilege
Design for Understandability
Design for a Changing Landscape
Design for Resilience
Design for Recovery
Mitigating Denial-of-Service Attacks
Case Study: Designing, Implementing, and Maintaining a Publicly Trusted CA
Recovery and Aftermath
Organization and Culture
Case Study: Chrome Security Team
Understanding Roles and Responsibilities
Building a Culture of Security and Reliability