Page 396 -

P. 396

14.2 Design for security 379

Authentication and Authorization Authentication and Authorization

New York Trading System London Trading System

US User International UK User International
Accounts User Accounts Accounts User Accounts

US Trading US Equity Data UK Trading UK Equity Data
History History

International International
Equity Prices US Funds Data Equity Prices UK Funds Data

Authentication and Authorization Authentication and Authorization

Frankfurt Trading System Hong Kong Trading System

European User International HK User International
Accounts User Accounts Accounts User Accounts

Euro. Trading Euro. Equity Data HK Trading Asian Equity Data
History History

International Euro. Funds Data International Asian Funds Data
Equity Prices Equity Prices

provide some system services. Data can be replicated across the nodes in the system
Figure 14.5
Distributed assets so that recovery from attacks is simplified.
in an equity trading Figure 14.5 shows the architecture of a banking system for trading in stocks and
system funds on the New York, London, Frankfurt, and Hong Kong markets. The system is
distributed so that data about each market is maintained separately. Assets required
to support the critical activity of equity trading (user accounts and prices) are repli-
cated and available on all nodes. If a node of the system is attacked and becomes
unavailable, the critical activity of equity trading can be transferred to another coun-
try and so can still be available to users.
I have already discussed the problem of finding a balance between security and
system performance. A problem of secure system design is that in many cases, the
architectural style that is most suitable for meeting the security requirements may
not be the best one for meeting the performance requirements. For example, say an

391 392 393 394 395 396 397 398 399 400 401