July 2018
Intermediate to advanced
356 pages
9h 18m
English
Content preview from Hands-On Security in DevOps
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Security architecture design principles
In this section, we would like to discuss two key concepts, which are security by design and privacy by design. When we discuss security, it's more about the security controls of the whole system such as authentication, authorization, availability, accountability, integrity, and confidentiality. For privacy, it focuses specifically on privacy data or PII (personal identifiable information). Privacy protection is focused on the authorized data handling life cycle and governance.
If we categorize some security controls in general terms, you may find some differences, although there are some overlapping areas in terms of security and privacy:
|
|
Security by design
|
Privacy by design
|
|
Primary concerns ... |