software development security. 2 understand software-based security controls understand the software...
TRANSCRIPT
2
• Understand software-based security controls
• Understand the software development and change/maintenance processes
• Specialized security controls for database and Web applications
• Describe malicious software
• Controls for detection of malware
• Define software engineering principles
Domain Objectives
4
Domain Agenda
• Programming Concepts
• Threats and Malware
• Software Protection
• Audit and Assurance Mechanisms
• Database and Data Warehousing Environment
• Web Application Environment
5
Application vs. Operating System
• Project Management Controls
• Complexity of Systems and Projects
• Controls Built into Software
6
Generations of Programming Languages
• Generation One - Machine language
• Generation Two - Assembly language
• Generation Three - High-level language
• Generation Four - Very high-level language
• Generation Five - Natural language
7
Programming Languages
• COBOL, Fortran
• C, C-Plus, C++
• Smalltalk, Java, Eiffel
• Visual Programming Languages
• Visual Basic, Visual C, Delphi
• BASIC, Logo, JavaScript
10
Programming Concepts
• System Model
• Von Neumann Architecture
• Object-Oriented Programming (OOP)
• Inheritance
• Polymorphism
• Polyinstantiation
11
Programming Concepts
• Distributed Component Object Model (DCOM)
• Common Object Request Broker Architecture (CORBA)
12
Domain Agenda
• Programming Concepts
• Threats and Malware
• Software Protection
• Audit and Assurance Mechanisms
• Database and Data Warehousing Environment
• Web Application Environment
14
Threats and Malware
• Malformed Input Attacks
• SQL Injection
• Unicode Attack
• Executable Content/Mobile Code
• Web Applets
• Dynamic Email
16
Threats and Malware
• Incomplete Parameter Check and Enforcement
• Covert Channels
• Inadequate Granularity of Controls
• Social Engineering
• Multiple Paths to Information
17
Threats and Malware
• Malicious Software
• Modern malware is network aware
• Compatibility - Platform Dominance
• Malware Functionality
18
Virus
• Central characteristic is reproduction
• Generally requires some action by the user
• May or may not carry payloads
19
Virus Types
• Multipartite
• Macro Virus
• Script Virus
• Hoax
• File Infector
• Boot Sector Infector
• System Infector
• Email Virus
21
Virus Structure
• Infection / Reproduction
• Target Search
• Infection
• Avoidance
• Trigger
• Payload
22
Worm
• Reproduces
• Generally use loopholes in systems
• May not involve user
• Often attacks server software
24
Logic Bomb
• Generally implanted by an insider
• Waits for condition or time
• Triggers negative payload
27
Domain Agenda
• Programming Concepts
• Threats and Malware
• Software Protection
• Audit and Assurance Mechanisms
• Database and Data Warehousing Environment
• Web Application Environment
29
System Life Cycle
• Project Initiation and Planning
Select/ApproveApproach
Identify Alternatives
Establish User Requirements
Determine Security
RequirementsConduct Risk
AnalysisDefine Security
Strategy
Required Security Activities
30
System Life Cycle
• Functional Design Definition
DevelopProject
Plan
Identify Security
Areas
Required Security Activities
IdentifyFunctional
Requirements
EstablishSecurity
Requirements
Set TestCriteria
SecurityTests
Define Strategy
DevelopFunctionalBaseline
Include Functional Security
Requirements
Prepare Risk Analysis and Contingency Plan
IncludeSecurity
Requirements in RFPs,
Contracts
31
System Life Cycle
•Detailed Design Specifications
Develop FormalBaseline
Update TestingGoals & Plans
Prepare DetailedDesigns
Establish Security
SpecificationsUpdate Security
Test Plans
Document Security Baseline
Required Security Activities
32
• Develop and Document
System Life Cycle
DocumentSystem
Unit Testing& Evaluation
Develop System
Develop Security Code
Security Code Evaluation
Document Security Code
Required Security Activities
33
System Life Cycle
• Acceptance, Testing and Transition to Production
Test
Security Components
Required Security Activities
Validate
Security in Integrated
System
Implement
SecurityCode
Document
Security Controls
Certify
Secure Operations
Accept
Secure System
System Components
System Performance
Integrated System
Project Manuals
Acceptance Test System
34
System Life Cycle
• Decommissioning / Disposal
• Critical data recovered or destroyed
• Media sanitized or destroyed
• Software removal
35
Software Development Methods
• Waterfall
• Spiral
• Clean-room
• Structured Programming Development
36
•Iterative Development
•Joint Analysis Development (JAD)
•Prototyping
•Modified Prototype Model (MPM)
•Exploratory Model
•Rapid Application Development (RAD)
Software Development Methods
37
• Reuse Model
• Computer Aided Software Engineering (CASE)
• Component Based Development
• Extreme Programming
Software Development Methods
38
• Cryptography
• Access Controls
• Open source
• Social Engineering Awareness
• Backup and Redundancy Controls
• Malicious Code Control
• Documentation and Common Program
• Testing and Evaluation
• Mobile Code Controls
• Data Contamination Controls
Additional Software Protection Mechanisms
39
Domain Agenda
• Programming Concepts
• Threats and Malware
• Software Protection
• Audit and Assurance Mechanisms
• Database and Data Warehousing Environment
• Web Application Environment
40
Auditing and Assurance Mechanisms
• Information Integrity
• Information Auditing
• Malware Assurance
41
Change Management ProcessFo
rmal
Req
uest
for C
hang
eAna
lyze
Req
uest
for f
easi
bilit
y,
impa
ct, t
imel
ine
(sec
urity
)
Devel
op Im
plem
enta
tion
Strate
gyApp
rova
l of C
hang
e
Devel
op th
e Cha
nge
Impl
emen
t and
test
the
Chang
eRev
iew
Cha
nge
Effect
iven
ess
Repor
t to
Man
agem
ent
42
Testing
• Last chance to avoid a disaster
• Testing is intended to find the problems
• Tests should address all normal and ‘unexpected’ entries and conditions
• Do not compromise privacy with test data
43
Configuration Management
• Configuration Management
• Patch Management
• Patch Management Process
44
Patch Management
• Potential problem areas :
• Distribution System Failures
• Patch Failures
• Inadequate Testing & Validation
• Patch Rollback
• Load on the network
• Stability issues and other regression issues
45
Domain Agenda
• Programming Concepts
• Threats and Malware
• Software Protection
• Audit and Assurance Mechanisms
• Database and Data Warehousing Environment
• Web Application Environment
46
Database Environment
• Database Management Systems
• Databases - Developed to manage information from many sources in one location
• Eliminates duplication of information
• Preserves storage space
• Prevents inconsistency in data by making changes in one central location
47
Database Environment
• Major Elements
• DBMS should provide
• Transaction Persistence
• Fault Tolerance and Recovery
• Sharing by Multiple Users
• Security Controls
48
DBMS Models
•Hierarchical DBMS
• Stores records in a single table
• Parent/child relationships
• Limited to a single tree
• Difficult to link branches
Car
Honda
CivicAccordCRV
4-door 2-door
Toyota Mazda
49
DBMS Models
• Network DBMS
• Represents data as network of records and sets that are related to each other, forming a network of links
• Record types - records of the same type
• Set types - relationship between record types
50
DBMS Models
Ford Mazda BMW
4 x 4X3
TruckE Series
RegularMazda 3
4 x 4X5
TruckFreestar
RegularMazda 6
5 SpeedTransmission
Leather InteriorFront and Rear
Climate Controls
51
• Relational DBMS
• Most frequently used DBMS model
• Data are structured in tables
• Columns represent the variables (attributes)
• Rows contain the specific instances (records) of data
DBMS Models
52
DBMS Models
Author Table
Author No.
Last Name
First Name
State
123456Smithso
nMary CA
234567 Rogers Mike NY
345678 Tucker Sally CT
456789 Gleason Sarah IL
Attributes
Tuples / Rows
Primary Key
53
DBMS Models
Author Table
Author No.
Last Name
First Name
State
123456 Smithson Mary CA
234567 Rogers Mike NY
345678 Tucker Sally CT
456789 Gleason Sarah IL
Book Table
Book No.
Book Title Book Type Book Price Author No.
PC1234 Learning Database Models Computer 39.99 123456
PC4321 Data Modeling Techniques 69.99 234567
PC6789 Designing a Database Computer 39.99 345678
PC9876 Secrets of Databases Computer 19.99 456789
Primary KeysForeign
Key
54
DBMS Models
Author Table
Author No.
Last Name
First Name
State
Smithson
Mary CA
234567 Rogers Mike NY
345678 Tucker Sally CT
456789 Gleason Sarah IL
Attributes
Tuples / Rows
Primary Key
55
DBMS Models
Author Table
Author No.
Last Name
First Name
State
123456 Smithson Mary CA
234567 Rogers Mike NY
345678 Tucker Sally CT
456789 Gleason Sarah IL
Book Table
Book No.
Book Title Book Type Book Price Author No.
PC1234 Learning Database Models Computer 39.99
PC4321 Data Modeling Techniques 69.99 234567
PC6789 Designing a Database Computer 39.99 345678
PC9876 Secrets of Databases Computer 19.99 456789
Primary KeysForeign
Key
56
DBMS Models
• Relational Database Security Issues
• Ensuring integrity of input data
• Preventing deadlocking
• Access controls
57
DBMS Models
• OODBMS & ORDBMS
• OODBMS (Object Oriented Database Management System)
• ORDBMS (Object Relational Database Management System)
58
Database Interface Languages
• Open Database Connectivity (ODBC)
• Java Database Connectivity (JDBC)
• eXtensible Markup Language (XML)
• Structured Query Language (SQL)
59
Database Security Issues
• Query Attacks
• Bypass Attacks
• Interception of Data
• Web Security
• Data Contamination
• Inference
• Aggregation
• Unauthorized Access
• Improper Modification of Data
• Access Availability
60
View-Based Access Controls
• Constrained views
• Sensitive data is hidden from unauthorized users
• Controls located in the front-end application (user interface)
61
Data Warehouse
• Consolidated view of enterprise data
• Data Mart
• Designed to support decision making through data mining
62
Building Data Warehouse
• Feed all data into large, high-security database
• Normalize the data
• Mine the data for correlations to produce metadata
• Sanitize and export the metadata to its intended users
64
Knowledge Discovery in Databases (KDD)
• Methods of identifying patterns in data
• Some KDD methods use artificial intelligence (AI) techniques
• Probabilistic Models
• Statistical Approach
• Classification Approach
• Deviation and Trend Analysis
• Neural Networks
• Expert System Approach
66
Online Transaction Processing (OLTP)
• Records transactions as they occur – in real-time
• Security concerns are concurrency and atomicity
• Lock Controls
68
Domain Agenda
• Programming Concepts
• Threats and Malware
• Software Protection
• Audit and Assurance Mechanisms
• Database and Data Warehousing Environment
• Web Application Environment
69
Web Site Incidents
• Vandalism
• Financial fraud
• Privileged access
• Theft of transaction information
• Theft of intellectual property
• Denial of Service (DoS)
70
Web Hacks
• Majority of hacks at the application level
• Firewalls provide minimal protection
• Information Gathering
• Administrative Interfaces
• Configuration Management
• Authentication & Access Control
72
Web Application Security Principles
• Validate all input and output
• Fail Secure (closed)
• Fail Safe
• Make it simple
• Defense in depth
• Only as secure as your weakest link
• Security by obscurity
73
• Do not cache secure pages
• Ensure all encryption meets industry standards
• Monitor third party code vendors for security alerts
• Handle exceptions properly
• Do not trust any data from the client
• Do not trust data from other servers, partners, or other parts of the application
Web Application Security Principles
74
Domain Summary
• Understand software-based security controls
• Understand the software development and change/maintenance processes
• Specialized security controls for database and Web applications
• Describe malicious software
• Controls for detection of malware
• Define software engineering principles