軟體架構師精修班 - 外訓心得

報告者： OLD_RD2 李宗沂

Secrets Of Great Architects

• Applying Levels of Abstraction iteratively

• Construct multiple views within each level
• Maintain consistency
• Know detail implementations

• 架構師要了解技術的細節，才能確保抽象
化的計畫可以被實行。

2
Principles for Designing OO System

• Abstraction 抽象化
• Encapsulation 封裝
• Modularity 模組化
• Hierarchy 階層組織

3
Business Object Model

• What's wrong?

4
Business Object Model (Cont.)

• 找到正確的 concept 描述 Business

Model 是架構師重要的能力

5
Analysis Patterns

• Business level modes that represent

common concepts
– Ex.
• Party
• Address
• Person
• Organization
• Order
• ...

6
Requirements

7
Use Case Specification (from IBM Rational)

1.Abstract
2.Basic Flow
3.Alternative Flows
4.Subflows
5.Key Scenarios
6.Pre-Condition
7.Post-Condition
8.Extension Points
9.Special Requirements 8
Rational Pattern

• Business Model
+Behavior, Attributes, Relationship
• Analysis Model
+Platform
• Design Model
+Implementation
• Source Code
9
Software Localizability Guidelines

• Separate localizable & non-localizable

resources
• Should not hard code locale-related data
• Be careful of string buffer capability
• Be careful of UI layout
• Support for testability
• Support for add localized features

10
Mitigation Techniques
• Spoofing 假冒 • Information
– Authentication Disclosure 資訊洩露
(authn) – Authz., encryption
– Good credential • Denial of Service 阻
storage 斷服務
• Tampering 竄改 – Filtering, Authn.,
– Authorization Authz.
(authz), MAC, – Queuing
signing
• Elevation of Privilege
• Repudiation 否認
特權
– Authn., Authz.,
signing, logging,
– Don't run with
trusted third party elevated privileges 11
A Security Framework - SD3
• Microsoft's defense in depth strategy
– Security by Design
• Developers follow secure coding best practices
and implement security features in their
applications to overcome vulnerabilities.
– Security by Default
• End users install applications without altering the
default settings and therefore requires these
users specifically select features that might not
be used or that might reduce security.
– Security in Deployment
• The applications can be maintained securely after
deployment by updating with security patches, 12
monitoring for attacks, and by auditing for
malicious users and content.
Input Data

• 不要相信所有輸入
– 檢查
– 淨化
– 正規化
• 注意 Buffer Overrun

13
架構設計步驟

• Business Modeling
– Identify Business Goal
– Identify Business Process
– Business Object Model
– Analysis Pattern

14
架構設計步驟 (Cont.)
• Analysis Modeling (Platform Independent)
– Functional Requirements
• Use Case
• Use Case Specification
• Glossary
• Find analysis classes
• Identify analysis mechanisms
– Non-functional Requirements
• Define candidate architecture
• Identify non-functional requirements
• Select solution mechanisms
15
架構設計步驟 (Cont.)

• Architecture Design (Platform Dependent)

– Identify subsystem
– Identify interface
– Identify design patterns
• Coding

16
Summary

• 架構師的重要產出
– 軟體架構
– 介面
– Pattern

17