engineering, means that the software has been designed from the foundation to be secure. Malicious practices are taken for granted and care is taken to minimize impact in anticipation of security vulnerabilities, when a security vulnerability is discovered or on invalid user input.[1] Closely related is the practice of using "good" software design, such as Domain-Driven Design or Cloud Native, as a way to increase security by reducing risk of vulnerability-opening mistakes -- even though the design principles used were not originally conceived for security purposes.” • 『サイバーセキュリティ戦略について』 内閣府サイバーセキュリティ戦略(平成27年9月4日閣議決定) セキュリティ・バイ・デザインの推進、説明責任、また関係者の共通価値として認識することについて明示
Requirements Functional requirements Security/Privacy requirements Law/Regulation, .. Account Model Account Lifecycle Enrollment Authentication Federation User Interface/Interaction Block rules Output Account Hijack Sudden Death Account Recovery Issue Mass Registration Fake Account, … Social Connection features Privacy-related features Federated service features
Open LINE and tap “Start” Enter your phone number 1 2 3 2016. 2 ~ 2019. 2 ~ Now 2014 ~ 2016. Feb 2011~ LINE’s Account Model Enrollment Authentication Functional Requirements Account Lifecycle User interface/Interaction Block rules Account Hijack Sudden Death Account Recovery Issue Reverse Brute-force Attack