September 21, 2017

Domain Primitives - the key to creating secure code

This article is an excerpt of topics discussed in the book Secure by Design that I'm currently writing together with Dan Bergh-Johnsson and Daniel Deogun.


This article discusses the foundational code construct called Domain Primitive. Domain Primitives are the smallest building block in your domain model, and a key concept to understand for creating code that is Secure by Design.

If you want to, you can save 37% off Secure by Design with code fccsecure at manning.com.

Domain primitives and invariants

Some of the key properties of a value object in Domain-Driven Design are that it’s immutable, it forms a conceptual whole, and it can uphold invariants and check constraints. We have found that if you take the concept of the value object and slightly tweak it, while having security in mind, you get something called a domain primitive.
Read more »
Posted by Daniel Sawano 0 comments
Labels: , , , , , ,

May 9, 2017

Entities and Security: identity matters

This article is an excerpt of topics discussed in the book Secure by Design that I'm currently writing together with Dan Bergh-Johnsson and Daniel Deogun.


This article discusses the properties of the model objects known as entities and how they function inside the domain model. Knowing about fundamental Domain Driven Design (DDD) concepts such as entities is a great way to start your Secure by Design journey – here is what you need to know to be ready to dive in.

If you want to, you can save 37% off Secure by Design with code fccsecure at manning.com.

Entities

Each part of your domain model has certain characteristics and a certain meaning. Entities are one type of model object with distinct properties. What makes an entity special is that:
  • It has an identity that defines it and makes it distinguishable from others.
  • It has an identity which is consistent during its lifecycle.
  • It can contain other objects, such as other entities or value objects.
  • It’s responsible for the coordination of operations on the objects it owns.
What this means is that if we need to know if two entities are the same, we look at their identities instead of their attributes. It’s the identity of the entity that defines it, regardless of its attributes, and the identity’s consistent over time.
Read more »
Posted by Daniel Sawano 0 comments
Labels: , , , , ,

January 17, 2017

New Book: Secure by Design - now in early access program


The blog posts have been sparse but I've still been writing a lot lately.

After years of thoughts, discussions, and trying out ideas in real projects, we decided to formalize our views on software security in the form of a book. A privilege to write a book together with such great co-authors as Dan Bergh-Johnsson and Daniel Deogun.

Today is a big day because the first early drafts of the book is now released to the public through the Manning ”early access program” (MEAP). We still have a long way to go, and a lot of hard work ahead of us, but I'm confident it'll turn out just as good as we hope - or better.

If you’re interested in reading a book in-the-making, or just want to ’pre-order’ the finished book, you can get it for 50% off until January 24 (2017) if you use the discount code "mljohnsson" (all formats)
Posted by Daniel Sawano 0 comments
Subscribe to: Posts (Atom)