Architectural Concepts
A view in the Common Weakness Enumeration published by The MITRE Corporation.
Objective
Views in the Common Weakness Enumeration (CWE) represent one perspective with which to consider a set of weaknesses.
This view organizes weaknesses according to common architectural security tactics. It is intended to assist architects in identifying potential mistakes that can be made when designing software.
Target Audience
Educators
Educators may use this view as reference material when discussing security by design or architectural weaknesses, and the types of mistakes that can be made.
Software Developers
Architects that are part of a software development team may find this view useful as the weaknesses are organized by known security tactics, aiding the arcitect in embedding security throughout the design process instead of discovering weaknesses after the software has been built.
Categories
Weaknesses in this category are related to the design and architecture of audit-based components of the system. Frequently these deal with logging user activities in o...
Weaknesses in this category are related to the design and architecture of authentication components of the system. Frequently these deal with verifying the entity is i...
Weaknesses in this category are related to the design and architecture of a system's authorization components. Frequently these deal with enforcing that agents have th...
Weaknesses in this category are related to the design and architecture of multiple security tactics and how they affect a system. For example, information exposure can...
Weaknesses in this category are related to the design and architecture of data confidentiality in a system. Frequently these deal with the use of encryption libraries....
Weaknesses in this category are related to the design and architecture of a system's identification management components. Frequently these deal with verifying that ex...
Weaknesses in this category are related to the design and architecture of system resources. Frequently these deal with restricting the amount of resources that are acc...
Weaknesses in this category are related to the design and architecture of the entry points to a system. Frequently these deal with minimizing the attack surface throug...
Weaknesses in this category are related to the design and architecture of a system's lockout mechanism. Frequently these deal with scenarios that take effect in case o...
Weaknesses in this category are related to the design and architecture of session management. Frequently these deal with the information or status about each user and ...
Weaknesses in this category are related to the design and architecture of a system's input validation components. Frequently these deal with sanitizing, neutralizing a...
Weaknesses in this category are related to the design and architecture of a system's data integrity components. Frequently these deal with ensuring integrity of data, ...
See Also
- A Catalog of Security Architecture Weaknesses.
2017 IEEE International Conference on Software Architecture (ICSA)
- Understanding Software Vulnerabilities Related to Architectural Security Tactics: An Empirical Investigation of Chromium, PHP and Thunderbird.
2017 IEEE International Conference on Software Architecture (ICSA)
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.