SlideShare a Scribd company logo

ch03Threat Modeling - Locking the Door to Vulnerabilities.ppt

Download as PPT, PDF
G
gealehegn

This document summarizes key points about application security from the CISSP Guide to Security Essentials. It discusses various types of applications like agents, applets, client-server, distributed, and web applications. It also covers application models and technologies, common application threats like buffer overflows and malware, and countermeasures. Finally, it discusses the importance of security throughout the software development life cycle and lists controls that should be present in applications, like authentication, authorization, and audit logging. It also provides an overview of database concepts, architectures, transactions, and security controls.

Education
1 of 53
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
Application Security CISSP Guide to Security Essentials Chapter 3
Objectives • Types of applications • Application models and technologies • Application threats and countermeasures • Security in the software development life cycle • Application security controls • Databases and data warehouses
Types of Applications
Agents • Standalone programs that are part of a larger application • Examples: – Anti-virus – Patch management – Configuration management – Windows 7's "Network discovery" agent
Applets • Software programs that run within the context of another program • Example: media players within browser
Client-server – Separate programs on clients and servers communicate via networks and work together – Client can be weak, even a "thin client" with no hard drive – Example: Client tools connect to database on server • Connection protocols: ODBC or Oracle's Net8 (called SQL*Net prior to Oracle8) – Few developed now but many are in use
Distributed • Software components run on several systems – User workstations, application server, records server, mapping server, databases… • Two-tier, three-tier, multi-tier • Reasons: scalability, performance, geographical
Web Applications • Web browser as client, application server back-end • Client software nearly universal • Application software centralized • Immensely popular and important – OWASP (Open Web Application Security Project) link Ch 3a
Application Models and Technologies
Application Models and Technologies • Control flow languages • Structured languages • Object oriented languages • Knowledge based languages
Control Flow Languages • Linear, sequential • Use of “if – then – else” • Branching with “go to” • Examples: – BASIC, COBOL, Cold Fusion, FORTRAN, Perl, PHP, Python, VBScript
Structured Languages • Nested, heavy use of subroutines and functions • Little or no “go to” • Examples: – C – Pascal
Object Oriented Languages • Utilize concepts of object programming – Classes, objects, instances, and inheritance – Methods, instantiations – Encapsulation, abstraction, polymorphism • Examples – C++, Java, Ruby, Simula, Smalltalk • Distributed Object Oriented Systems – Modules on different systems communicate with an Object Request Broker (ORB), such as • CORBA, Enterprise Java Bean, DCOM, or JRMI
Knowledge Based Applications • Knowledge-based systems – Artificial Intelligence – Used to forecast weather, stock prices, etc. • Neural networks – Modeled after biological reasoning processes – Artificial neurons that store pieces of information – Given cases about situations and outcomes, can predict future outcomes
Knowledge Based Applications (cont.) • Expert systems – Inference engine and knowledge base of past situations and outcomes – Accumulate experience and learn to work better
Threats to Applications
Reasons for attacks • Industrial espionage • Vandalism and disruption • Denial of service • Political / religious
Buffer overflow attacks • Disrupt a software application by providing more data to the application than it was designed to handle • Types – Stack buffer overflow – NOP sled attack – Heap overflow – Jump to register attack • Examples: Morris worm, ping of death, code red worm, Slammer, Blaster, Sasser
Buffer overflow attack countermeasures • Use safe languages and libraries • Executable space protection – Microsoft's Data Execution Prevention • Stack smashing protection – Uses a "canary" value to detect oveflows • Address Space Layout Randomization • Application firewalls
Malicious software • Types: viruses, worms, Trojan horses, rootkits, bots, spam, pharming, spyware, key loggers • Purpose – Steal, corrupt, or destroy information – Remote control – Denial of service
Types of malware • Virus: human assisted replication, embed in programs, files, master boot records • Worm: self replicating, scan for victims, rapid spread – Mass mailing, Port scanning • Trojan horse: claims one function, but is malware
Types of malware (cont.) • Rootkit: hide within or beneath the operating system – Hides files, processes, and network connections • Bot: remote control zombie • Spam: unsolicited e-mail
Types of malware (cont.) • Pharming: attack on DNS to redirect traffic to phishing Web site • Spyware: collect information about usage, forward to central server • Key logger: logs keystrokes and mouse movements, forwards to central server
Malware countermeasures • Anti-malware • Patches • Firewalls and application firewalls • Hardened systems • Intrusion detection systems • Decreased privilege levels • Penetration testing
Input attacks – Buffer overflow – Script injection – Cross site scripting – Cross site request forgery • Countermeasures – Input field filtering, application firewall, application vulnerability scanning, software developer training
Vulnerability Scanners? • They miss 49% of the vulnerabilities they are looking for – Link Ch 6b
Object reuse • Use of a resource belonging to another process, including: – Memory, databases, file systems, temporary files, and paging space • Object reuse countermeasures – Application isolation – Server virtualization – Developer training
• Link Ch 3c
Mobile code • Code from one system that executes on another system – Active Web content • ActiveX, Javascript, Flash – Downloaded software – Can be useful but some is malicious
Mobile code countermeasures • Anti-malware • Reduced user privileges – Don't surf the Web as administrator • Mobile code access controls – Don't let unauthorized users execute code • Restricting mobile code on workstations – Browser settings, NoScript, etc.
Social engineering – Attack on personnel to gain secrets – People are vulnerable because they want to help – Pretexting is pretending to be someone else • Social engineering countermeasures – Security awareness training that includes accountability
Back door / maintenance hook • Access holes deliberately planted by a developer – To facilitate easier testing during development – To facilitate production access – To facilitate a break-in • Back door countermeasures – Code reviews – Source code control
Logic bombs • Deliberate malfunction that causes harm • Time bombs – Malfunction on a given date and time • Event bombs – Malfunction on a specific event • Logic bomb countermeasures – Software source code review, external audits
Security in the Software Development Life Cycle
Security in the Software Development Life Cycle (SDLC) • SDLC – The entire collection of processes used to design, develop, test, implement, and maintain software
Security in the Software Development Life Cycle (cont.) • Security must be included in each step of the SDLC – Conceptual – Requirements and specifications development – Application design – Threat risk modeling – Coding – Testing
Security in the conceptual stage • Presence of sensitive information must be identified • Information flows • Access controls (users, administrators, third parties) • Regulatory requirements • Application dependencies
Security application requirements and specifications • Every detail of the software should be specified, down to individual input forms and fields • Security requirements – Roles, access controls, audit logging, configuration management
Security in application design • Adhere to all requirements and specifications • Published design documents • Design reviews – Reviewed by all stakeholders including security
Threat risk modeling • Identify threats and risks prior to development • Possible changes to specs, req’s, or design
Security in application coding • Develop safe code – Free of common vulnerabilities • Use safe libraries that include safe functions for input validation • 1-10-100 rule – It costs 10 times as much to secure an application after it has been developed – It costs 100 times as much to secure an application after it has been implemented
OWASP Top Ten Web Application Risks • Link Ch 6d
Great OWASP Presentation • Linked as an extra lecture on my CNIT 125 page
Security in testing • Testing should verify correct coding of every requirement and specification • Use vulnerability scanners
Protect the SDLC itself • Source code access control – Protect source code • Don't trust it to remain secret, though – Record version changes • Protection of software development and testing tools – Protect from unauthorized modifications • Protection of software development systems – Prevent introduction of malware, back doors, logic bombs
Application Environment and Security Controls
Controls that must be present in a developed application • Authentication – Limiting access to only legitimate, approved users • Authorization – Limiting access only to approved functions and data • Audit logging – Logging of all actions in the application
Databases and Data Warehouses
Database Concepts • Database – Ordered collection of data, such as employee records • Data Warehouse – A database used for decision support and research – May contain all customer transactions – Business intelligence tools analyze the data to find trends – Example: Google's ad-targeting data
Database Architectures • Hierarchical databases: tree structure like DNS (no longer produced) • Network databases: complex tree structure (no longer produced) • Object-oriented databases: OO, methods stored with data – Not common yet, see link Ch 3e
Database Architectures (cont.) • Distributed databases: physically distributed, any type • Relational databases (RDBMS): in widest use today – Data is stored in tables, records and fields – Tables have relationships – Oracle, SQL Server, DB2, MySQL, etc.
Database Transactions • Records retrieval • Records update • Records creation • Transactional integrity – Nested or complex transactions executed as a unit – Begin work… <transactions> …end work
Database Security Controls • Access controls – Userids, passwords – Table / row / field level access control – Read-only or read/write • Views – Virtual tables that are a subset of individual tables, or a “join” between tables – Permission given to views just like “real” tables

More Related Content

PPT
SoftwareSecurity.ppt
ssuserfb92ae
 
PPT
Software Security in the Real World
Mark Curphey
 
PDF
8. Software Development Security
Sam Bowne
 
PDF
8. Software Development Security
Sam Bowne
 
PDF
CISSP Prep: Ch 9. Software Development Security
Sam Bowne
 
PPT
Software Security Testing
ankitmehta21
 
PPTX
Keeping Secrets on the Internet of Things - Mobile Web Application Security
Kelly Robertson
 
PPTX
Built-in Security Mindfulness for Software Developers
Phú Phùng
 
SoftwareSecurity.ppt
ssuserfb92ae
 
Software Security in the Real World
Mark Curphey
 
8. Software Development Security
Sam Bowne
 
8. Software Development Security
Sam Bowne
 
CISSP Prep: Ch 9. Software Development Security
Sam Bowne
 
Software Security Testing
ankitmehta21
 
Keeping Secrets on the Internet of Things - Mobile Web Application Security
Kelly Robertson
 
Built-in Security Mindfulness for Software Developers
Phú Phùng
 

Similar to ch03Threat Modeling - Locking the Door to Vulnerabilities.ppt (20)

PPT
Software Security Engineering
Marco Morana
 
ODP
CISSP Week 14
jemtallon
 
PDF
An Introduction to Secure Application Development
Christopher Frenz
 
PDF
Chapter 4 - Data & Application Security Issues Part 2.pdf
aishahmrawy
 
PPT
Application and Systems Development
amiable_indian
 
PDF
The Thing That Should Not Be
morisson
 
PPTX
CompTIASecPLUSAASS-part4 - Edited (1).pptx
mohedkhadar60
 
PPT
Venture name Basics
Sathishkumar Vasudevan
 
PPT
Thur Venture
Sathishkumar Vasudevan
 
PPT
Sangeetha Venture
Sathishkumar Vasudevan
 
PPT
Regression
Sathishkumar Vasudevan
 
PPT
Venture name Basics
Sathishkumar Vasudevan
 
PPTX
Forget cyber, it's all about AppSec
Adrien de Beaupre
 
PPTX
00. introduction to app sec v3
Eoin Keary
 
PPT
Chapter 2- Software Security FULL SLIDES.ppt
Lina Shimelis
 
PDF
The Future of Software Security Assurance
Rafal Los
 
PPTX
Security in an Interconnected and Complex World of Software
Michael Coates
 
PPT
ICT Intro, OS and Applications, Security
TIMON ODINGO
 
PDF
Chapter 5 information assurance and security
myaandr0ids
 
KEY
Application Security Done Right
pvanwoud
 
Software Security Engineering
Marco Morana
 
CISSP Week 14
jemtallon
 
An Introduction to Secure Application Development
Christopher Frenz
 
Chapter 4 - Data & Application Security Issues Part 2.pdf
aishahmrawy
 
Application and Systems Development
amiable_indian
 
The Thing That Should Not Be
morisson
 
CompTIASecPLUSAASS-part4 - Edited (1).pptx
mohedkhadar60
 
Venture name Basics
Sathishkumar Vasudevan
 
Thur Venture
Sathishkumar Vasudevan
 
Sangeetha Venture
Sathishkumar Vasudevan
 
Regression
Sathishkumar Vasudevan
 
Venture name Basics
Sathishkumar Vasudevan
 
Forget cyber, it's all about AppSec
Adrien de Beaupre
 
00. introduction to app sec v3
Eoin Keary
 
Chapter 2- Software Security FULL SLIDES.ppt
Lina Shimelis
 
The Future of Software Security Assurance
Rafal Los
 
Security in an Interconnected and Complex World of Software
Michael Coates
 
ICT Intro, OS and Applications, Security
TIMON ODINGO
 
Chapter 5 information assurance and security
myaandr0ids
 
Application Security Done Right
pvanwoud
 
Ad

More from gealehegn (17)

PDF
CISSP Domain 05 Identity and Access Management (IAM).pdf
gealehegn
 
PDF
CISSP Domain 06 Security Assessment and Testing.pdf
gealehegn
 
PDF
CISSP Domain 08 Software Development Security.pdf
gealehegn
 
PDF
isc2 CISSP Domain 07 Security Operations.pdf
gealehegn
 
PPTX
CISSP Domain 03 Security Architecture and Engineering.pptx
gealehegn
 
PPTX
CISSP Domain 02 Asset Securitycissp.pptx
gealehegn
 
PPT
MIC_3e_Ch3Add more information to your upload.ppt
gealehegn
 
PPT
How to Create an Effective PowerPoint.ppt
gealehegn
 
PPT
hel29999999999999999999999999999999999999999999.ppt
gealehegn
 
PPT
csce201 - software - sec Basic Security.ppt
gealehegn
 
PPT
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
gealehegn
 
PPT
PCI_Security_Awareness12345678904321.ppt
gealehegn
 
PPT
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.ppt
gealehegn
 
PPT
pci-comp pci requirements and controls.ppt
gealehegn
 
PPTX
SecurityDevelopmentLifecycle 202512.pptx
gealehegn
 
PPTX
Educause+PCI+briefing+4-19-20162345.pptx
gealehegn
 
PDF
PCI DSS Training compliance training for companies
gealehegn
 
CISSP Domain 05 Identity and Access Management (IAM).pdf
gealehegn
 
CISSP Domain 06 Security Assessment and Testing.pdf
gealehegn
 
CISSP Domain 08 Software Development Security.pdf
gealehegn
 
isc2 CISSP Domain 07 Security Operations.pdf
gealehegn
 
CISSP Domain 03 Security Architecture and Engineering.pptx
gealehegn
 
CISSP Domain 02 Asset Securitycissp.pptx
gealehegn
 
MIC_3e_Ch3Add more information to your upload.ppt
gealehegn
 
How to Create an Effective PowerPoint.ppt
gealehegn
 
hel29999999999999999999999999999999999999999999.ppt
gealehegn
 
csce201 - software - sec Basic Security.ppt
gealehegn
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
gealehegn
 
PCI_Security_Awareness12345678904321.ppt
gealehegn
 
Taiwan_2wehuikl;lkjjk;ivfazzfffggggh.ppt
gealehegn
 
pci-comp pci requirements and controls.ppt
gealehegn
 
SecurityDevelopmentLifecycle 202512.pptx
gealehegn
 
Educause+PCI+briefing+4-19-20162345.pptx
gealehegn
 
PCI DSS Training compliance training for companies
gealehegn
 
Ad

Recently uploaded (20)

PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PDF
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
PDF
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
PDF
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PDF
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPTX
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PDF
Computing-Curriculum for Schools in Ghana
abigailanane203
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
Microbial disease of the cardiovascular and lymphatic systems
KeyaSharma
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
Abdominal Access Techniques with Prof. Dr. R K Mishra
mohitsuren827
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
IMMUNITY IMMUNITY refers to protection against infection, and the immune syst...
shilpa939953
 
Classroom Observation Tools for Teachers
Nicaramirez
 
Computing-Curriculum for Schools in Ghana
abigailanane203
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 

ch03Threat Modeling - Locking the Door to Vulnerabilities.ppt

  • 1. Application Security CISSP Guide to Security Essentials Chapter 3
  • 2. Objectives • Types of applications • Application models and technologies • Application threats and countermeasures • Security in the software development life cycle • Application security controls • Databases and data warehouses
  • 4. Agents • Standalone programs that are part of a larger application • Examples: – Anti-virus – Patch management – Configuration management – Windows 7's "Network discovery" agent
  • 5. Applets • Software programs that run within the context of another program • Example: media players within browser
  • 6. Client-server – Separate programs on clients and servers communicate via networks and work together – Client can be weak, even a "thin client" with no hard drive – Example: Client tools connect to database on server • Connection protocols: ODBC or Oracle's Net8 (called SQL*Net prior to Oracle8) – Few developed now but many are in use
  • 7. Distributed • Software components run on several systems – User workstations, application server, records server, mapping server, databases… • Two-tier, three-tier, multi-tier • Reasons: scalability, performance, geographical
  • 8. Web Applications • Web browser as client, application server back-end • Client software nearly universal • Application software centralized • Immensely popular and important – OWASP (Open Web Application Security Project) link Ch 3a
  • 10. Application Models and Technologies • Control flow languages • Structured languages • Object oriented languages • Knowledge based languages
  • 11. Control Flow Languages • Linear, sequential • Use of “if – then – else” • Branching with “go to” • Examples: – BASIC, COBOL, Cold Fusion, FORTRAN, Perl, PHP, Python, VBScript
  • 12. Structured Languages • Nested, heavy use of subroutines and functions • Little or no “go to” • Examples: – C – Pascal
  • 13. Object Oriented Languages • Utilize concepts of object programming – Classes, objects, instances, and inheritance – Methods, instantiations – Encapsulation, abstraction, polymorphism • Examples – C++, Java, Ruby, Simula, Smalltalk • Distributed Object Oriented Systems – Modules on different systems communicate with an Object Request Broker (ORB), such as • CORBA, Enterprise Java Bean, DCOM, or JRMI
  • 14. Knowledge Based Applications • Knowledge-based systems – Artificial Intelligence – Used to forecast weather, stock prices, etc. • Neural networks – Modeled after biological reasoning processes – Artificial neurons that store pieces of information – Given cases about situations and outcomes, can predict future outcomes
  • 15. Knowledge Based Applications (cont.) • Expert systems – Inference engine and knowledge base of past situations and outcomes – Accumulate experience and learn to work better
  • 17. Reasons for attacks • Industrial espionage • Vandalism and disruption • Denial of service • Political / religious
  • 18. Buffer overflow attacks • Disrupt a software application by providing more data to the application than it was designed to handle • Types – Stack buffer overflow – NOP sled attack – Heap overflow – Jump to register attack • Examples: Morris worm, ping of death, code red worm, Slammer, Blaster, Sasser
  • 19. Buffer overflow attack countermeasures • Use safe languages and libraries • Executable space protection – Microsoft's Data Execution Prevention • Stack smashing protection – Uses a "canary" value to detect oveflows • Address Space Layout Randomization • Application firewalls
  • 20. Malicious software • Types: viruses, worms, Trojan horses, rootkits, bots, spam, pharming, spyware, key loggers • Purpose – Steal, corrupt, or destroy information – Remote control – Denial of service
  • 21. Types of malware • Virus: human assisted replication, embed in programs, files, master boot records • Worm: self replicating, scan for victims, rapid spread – Mass mailing, Port scanning • Trojan horse: claims one function, but is malware
  • 22. Types of malware (cont.) • Rootkit: hide within or beneath the operating system – Hides files, processes, and network connections • Bot: remote control zombie • Spam: unsolicited e-mail
  • 23. Types of malware (cont.) • Pharming: attack on DNS to redirect traffic to phishing Web site • Spyware: collect information about usage, forward to central server • Key logger: logs keystrokes and mouse movements, forwards to central server
  • 24. Malware countermeasures • Anti-malware • Patches • Firewalls and application firewalls • Hardened systems • Intrusion detection systems • Decreased privilege levels • Penetration testing
  • 25. Input attacks – Buffer overflow – Script injection – Cross site scripting – Cross site request forgery • Countermeasures – Input field filtering, application firewall, application vulnerability scanning, software developer training
  • 26. Vulnerability Scanners? • They miss 49% of the vulnerabilities they are looking for – Link Ch 6b
  • 27. Object reuse • Use of a resource belonging to another process, including: – Memory, databases, file systems, temporary files, and paging space • Object reuse countermeasures – Application isolation – Server virtualization – Developer training
  • 29. Mobile code • Code from one system that executes on another system – Active Web content • ActiveX, Javascript, Flash – Downloaded software – Can be useful but some is malicious
  • 30. Mobile code countermeasures • Anti-malware • Reduced user privileges – Don't surf the Web as administrator • Mobile code access controls – Don't let unauthorized users execute code • Restricting mobile code on workstations – Browser settings, NoScript, etc.
  • 31. Social engineering – Attack on personnel to gain secrets – People are vulnerable because they want to help – Pretexting is pretending to be someone else • Social engineering countermeasures – Security awareness training that includes accountability
  • 32. Back door / maintenance hook • Access holes deliberately planted by a developer – To facilitate easier testing during development – To facilitate production access – To facilitate a break-in • Back door countermeasures – Code reviews – Source code control
  • 33. Logic bombs • Deliberate malfunction that causes harm • Time bombs – Malfunction on a given date and time • Event bombs – Malfunction on a specific event • Logic bomb countermeasures – Software source code review, external audits
  • 34. Security in the Software Development Life Cycle
  • 35. Security in the Software Development Life Cycle (SDLC) • SDLC – The entire collection of processes used to design, develop, test, implement, and maintain software
  • 36. Security in the Software Development Life Cycle (cont.) • Security must be included in each step of the SDLC – Conceptual – Requirements and specifications development – Application design – Threat risk modeling – Coding – Testing
  • 37. Security in the conceptual stage • Presence of sensitive information must be identified • Information flows • Access controls (users, administrators, third parties) • Regulatory requirements • Application dependencies
  • 38. Security application requirements and specifications • Every detail of the software should be specified, down to individual input forms and fields • Security requirements – Roles, access controls, audit logging, configuration management
  • 39. Security in application design • Adhere to all requirements and specifications • Published design documents • Design reviews – Reviewed by all stakeholders including security
  • 40. Threat risk modeling • Identify threats and risks prior to development • Possible changes to specs, req’s, or design
  • 41. Security in application coding • Develop safe code – Free of common vulnerabilities • Use safe libraries that include safe functions for input validation • 1-10-100 rule – It costs 10 times as much to secure an application after it has been developed – It costs 100 times as much to secure an application after it has been implemented
  • 42. OWASP Top Ten Web Application Risks • Link Ch 6d
  • 43. Great OWASP Presentation • Linked as an extra lecture on my CNIT 125 page
  • 44. Security in testing • Testing should verify correct coding of every requirement and specification • Use vulnerability scanners
  • 45. Protect the SDLC itself • Source code access control – Protect source code • Don't trust it to remain secret, though – Record version changes • Protection of software development and testing tools – Protect from unauthorized modifications • Protection of software development systems – Prevent introduction of malware, back doors, logic bombs
  • 47. Controls that must be present in a developed application • Authentication – Limiting access to only legitimate, approved users • Authorization – Limiting access only to approved functions and data • Audit logging – Logging of all actions in the application
  • 49. Database Concepts • Database – Ordered collection of data, such as employee records • Data Warehouse – A database used for decision support and research – May contain all customer transactions – Business intelligence tools analyze the data to find trends – Example: Google's ad-targeting data
  • 50. Database Architectures • Hierarchical databases: tree structure like DNS (no longer produced) • Network databases: complex tree structure (no longer produced) • Object-oriented databases: OO, methods stored with data – Not common yet, see link Ch 3e
  • 51. Database Architectures (cont.) • Distributed databases: physically distributed, any type • Relational databases (RDBMS): in widest use today – Data is stored in tables, records and fields – Tables have relationships – Oracle, SQL Server, DB2, MySQL, etc.
  • 52. Database Transactions • Records retrieval • Records update • Records creation • Transactional integrity – Nested or complex transactions executed as a unit – Begin work… <transactions> …end work
  • 53. Database Security Controls • Access controls – Userids, passwords – Table / row / field level access control – Read-only or read/write • Views – Virtual tables that are a subset of individual tables, or a “join” between tables – Permission given to views just like “real” tables