Software Development

Security

2

• Understand software-based security controls

• Understand the software development and change/maintenance processes

• Specialized security controls for database and Web applications

• Describe malicious software

• Controls for detection of malware

• Define software engineering principles

Domain Objectives

3

Availability

ConfidentialityIntegrity

Information Security

Information Security TRIAD

4

Domain Agenda

• Programming Concepts

• Threats and Malware

• Software Protection

• Audit and Assurance Mechanisms

• Database and Data Warehousing Environment

• Web Application Environment

5

Application vs. Operating System

• Project Management Controls

• Complexity of Systems and Projects

• Controls Built into Software

6

Generations of Programming Languages

• Generation One - Machine language

• Generation Two - Assembly language

• Generation Three - High-level language

• Generation Four - Very high-level language

• Generation Five - Natural language

7

Programming Languages

• COBOL, Fortran

• C, C-Plus, C++

• Smalltalk, Java, Eiffel

• Visual Programming Languages

• Visual Basic, Visual C, Delphi

• BASIC, Logo, JavaScript

8

HTML, XML, and Active X

• HTML

• XML

• Active X

9

Program Utilities

• Assembler

• Compiler

• Interpreter

10

Programming Concepts

• System Model

• Von Neumann Architecture

• Object-Oriented Programming (OOP)

• Inheritance

• Polymorphism

• Polyinstantiation

11

Programming Concepts

• Distributed Component Object Model (DCOM)

• Common Object Request Broker Architecture (CORBA)

12

Domain Agenda

• Programming Concepts

• Threats and Malware

• Software Protection

• Audit and Assurance Mechanisms

• Database and Data Warehousing Environment

• Web Application Environment

13

Threats and Malware

• Buffer Overflow

• Denial of Service

• Time of Check/Time of Use (TOC/TOU)

14

Threats and Malware

• Malformed Input Attacks

• SQL Injection

• Unicode Attack

• Executable Content/Mobile Code

• Web Applets

• Dynamic Email

15

Threats and Malware

• Object Reuse

• Garbage Collection

• Trap Door

16

Threats and Malware

• Incomplete Parameter Check and Enforcement

• Covert Channels

• Inadequate Granularity of Controls

• Social Engineering

• Multiple Paths to Information

17

Threats and Malware

• Malicious Software

• Modern malware is network aware

• Compatibility - Platform Dominance

• Malware Functionality

18

Virus

• Central characteristic is reproduction

• Generally requires some action by the user

• May or may not carry payloads

19

Virus Types

• Multipartite

• Macro Virus

• Script Virus

• Hoax

• File Infector

• Boot Sector Infector

• System Infector

• Email Virus

20

Virus Anti-Detection

• Stealth

• Tunnelling

• Polymorphism

• Antivirus (anti-malware) Disabling

21

Virus Structure

• Infection / Reproduction

• Target Search

• Infection

• Avoidance

• Trigger

• Payload

22

Worm

• Reproduces

• Generally use loopholes in systems

• May not involve user

• Often attacks server software

23

Trojan Horse

• Purported to be a positive utility

• Hidden negative payload

• Social Engineering

24

Logic Bomb

• Generally implanted by an insider

• Waits for condition or time

• Triggers negative payload

25

Diddlers, Backdoors, and Rats

• Data Diddler

• Backdoor, Trapdoor

• RAT (Remote Access Trojan)

26

Threats and Malware

• DDOS Zombie

• Prank

• Spyware and Adware

• Phishing

• BotNets

27

Domain Agenda

• Programming Concepts

• Threats and Malware

• Software Protection

• Audit and Assurance Mechanisms

• Database and Data Warehousing Environment

• Web Application Environment

28

System Life Cycle

• Project Management-based Methodology

• Typical Phases of a System Life Cycle

29

System Life Cycle

• Project Initiation and Planning

Select/ApproveApproach

Identify Alternatives

Establish User Requirements

Determine Security

RequirementsConduct Risk

AnalysisDefine Security

Strategy

Required Security Activities

30

System Life Cycle

• Functional Design Definition

DevelopProject

Plan

Identify Security

Areas

Required Security Activities

IdentifyFunctional

Requirements

EstablishSecurity

Requirements

Set TestCriteria

SecurityTests

Define Strategy

DevelopFunctionalBaseline

Include Functional Security

Requirements

Prepare Risk Analysis and Contingency Plan

IncludeSecurity

Requirements in RFPs,

Contracts

31

System Life Cycle

•Detailed Design Specifications

Develop FormalBaseline

Update TestingGoals & Plans

Prepare DetailedDesigns

Establish Security

SpecificationsUpdate Security

Test Plans

Document Security Baseline

Required Security Activities

32

• Develop and Document

System Life Cycle

DocumentSystem

Unit Testing& Evaluation

Develop System

Develop Security Code

Security Code Evaluation

Document Security Code

Required Security Activities

33

System Life Cycle

• Acceptance, Testing and Transition to Production

Test

Security Components

Required Security Activities

Validate

Security in Integrated

System

Implement

SecurityCode

Document

Security Controls

Certify

Secure Operations

Accept

Secure System

System Components

System Performance

Integrated System

Project Manuals

Acceptance Test System

34

System Life Cycle

• Decommissioning / Disposal

• Critical data recovered or destroyed

• Media sanitized or destroyed

• Software removal

35

Software Development Methods

• Waterfall

• Spiral

• Clean-room

• Structured Programming Development

36

•Iterative Development

•Joint Analysis Development (JAD)

•Prototyping

•Modified Prototype Model (MPM)

•Exploratory Model

•Rapid Application Development (RAD)

Software Development Methods

37

• Reuse Model

• Computer Aided Software Engineering (CASE)

• Component Based Development

• Extreme Programming

Software Development Methods

38

• Cryptography

• Access Controls

• Open source

• Social Engineering Awareness

• Backup and Redundancy Controls

• Malicious Code Control

• Documentation and Common Program

• Testing and Evaluation

• Mobile Code Controls

• Data Contamination Controls

Additional Software Protection Mechanisms

39

Domain Agenda

• Programming Concepts

• Threats and Malware

• Software Protection

• Audit and Assurance Mechanisms

• Database and Data Warehousing Environment

• Web Application Environment

40

Auditing and Assurance Mechanisms

• Information Integrity

• Information Auditing

• Malware Assurance

41

Change Management ProcessFo

rmal

Req

uest

for C

hang

eAna

lyze

Req

uest

for f

easi

bilit

y,

impa

ct, t

imel

ine

(sec

urity

)

Devel

op Im

plem

enta

tion

Strate

gyApp

rova

l of C

hang

e

Devel

op th

e Cha

nge

Impl

emen

t and

test

the

Chang

eRev

iew

Cha

nge

Effect

iven

ess

Repor

t to

Man

agem

ent

42

Testing

• Last chance to avoid a disaster

• Testing is intended to find the problems

• Tests should address all normal and ‘unexpected’ entries and conditions

• Do not compromise privacy with test data

43

Configuration Management

• Configuration Management

• Patch Management

• Patch Management Process

44

Patch Management

• Potential problem areas :

• Distribution System Failures

• Patch Failures

• Inadequate Testing & Validation

• Patch Rollback

• Load on the network

• Stability issues and other regression issues

45

Domain Agenda

• Programming Concepts

• Threats and Malware

• Software Protection

• Audit and Assurance Mechanisms

• Database and Data Warehousing Environment

• Web Application Environment

46

Database Environment

• Database Management Systems

• Databases - Developed to manage information from many sources in one location

• Eliminates duplication of information

• Preserves storage space

• Prevents inconsistency in data by making changes in one central location

47

Database Environment

• Major Elements

• DBMS should provide

• Transaction Persistence

• Fault Tolerance and Recovery

• Sharing by Multiple Users

• Security Controls

48

DBMS Models

•Hierarchical DBMS

• Stores records in a single table

• Parent/child relationships

• Limited to a single tree

• Difficult to link branches

Car

Honda

CivicAccordCRV

4-door 2-door

Toyota Mazda

49

DBMS Models

• Network DBMS

• Represents data as network of records and sets that are related to each other, forming a network of links

• Record types - records of the same type

• Set types - relationship between record types

50

DBMS Models

Ford Mazda BMW

4 x 4X3

TruckE Series

RegularMazda 3

4 x 4X5

TruckFreestar

RegularMazda 6

5 SpeedTransmission

Leather InteriorFront and Rear

Climate Controls

51

• Relational DBMS

• Most frequently used DBMS model

• Data are structured in tables

• Columns represent the variables (attributes)

• Rows contain the specific instances (records) of data

DBMS Models

52

DBMS Models

Author Table

Author No.

Last Name

First Name

State

123456Smithso

nMary CA

234567 Rogers Mike NY

345678 Tucker Sally CT

456789 Gleason Sarah IL

Attributes

Tuples / Rows

Primary Key

53

DBMS Models

Author Table

Author No.

Last Name

First Name

State

123456 Smithson Mary CA

234567 Rogers Mike NY

345678 Tucker Sally CT

456789 Gleason Sarah IL

Book Table

Book No.

Book Title Book Type Book Price Author No.

PC1234 Learning Database Models Computer 39.99 123456

PC4321 Data Modeling Techniques 69.99 234567

PC6789 Designing a Database Computer 39.99 345678

PC9876 Secrets of Databases Computer 19.99 456789

Primary KeysForeign

Key

54

DBMS Models

Author Table

Author No.

Last Name

First Name

State

Smithson

Mary CA

234567 Rogers Mike NY

345678 Tucker Sally CT

456789 Gleason Sarah IL

Attributes

Tuples / Rows

Primary Key

55

DBMS Models

Author Table

Author No.

Last Name

First Name

State

123456 Smithson Mary CA

234567 Rogers Mike NY

345678 Tucker Sally CT

456789 Gleason Sarah IL

Book Table

Book No.

Book Title Book Type Book Price Author No.

PC1234 Learning Database Models Computer 39.99

PC4321 Data Modeling Techniques 69.99 234567

PC6789 Designing a Database Computer 39.99 345678

PC9876 Secrets of Databases Computer 19.99 456789

Primary KeysForeign

Key

56

DBMS Models

• Relational Database Security Issues

• Ensuring integrity of input data

• Preventing deadlocking

• Access controls

57

DBMS Models

• OODBMS & ORDBMS

• OODBMS (Object Oriented Database Management System)

• ORDBMS (Object Relational Database Management System)

58

Database Interface Languages

• Open Database Connectivity (ODBC)

• Java Database Connectivity (JDBC)

• eXtensible Markup Language (XML)

• Structured Query Language (SQL)

59

Database Security Issues

• Query Attacks

• Bypass Attacks

• Interception of Data

• Web Security

• Data Contamination

• Inference

• Aggregation

• Unauthorized Access

• Improper Modification of Data

• Access Availability

60

View-Based Access Controls

• Constrained views

• Sensitive data is hidden from unauthorized users

• Controls located in the front-end application (user interface)

61

Data Warehouse

• Consolidated view of enterprise data

• Data Mart

• Designed to support decision making through data mining

62

Building Data Warehouse

• Feed all data into large, high-security database

• Normalize the data

• Mine the data for correlations to produce metadata

• Sanitize and export the metadata to its intended users

63

Metadata

• Information about data

• Provides unseen relationships between data

64

Knowledge Discovery in Databases (KDD)

• Methods of identifying patterns in data

• Some KDD methods use artificial intelligence (AI) techniques

• Probabilistic Models

• Statistical Approach

• Classification Approach

• Deviation and Trend Analysis

• Neural Networks

• Expert System Approach

65

Knowledge Management Security Controls

• Protect knowledge database

• Routinely verify decisions

66

Online Transaction Processing (OLTP)

• Records transactions as they occur – in real-time

• Security concerns are concurrency and atomicity

• Lock Controls

67

Lock Controls - The ACID Test

•Atomicity

•Consistency

•Isolation

•Durability

68

Domain Agenda

• Programming Concepts

• Threats and Malware

• Software Protection

• Audit and Assurance Mechanisms

• Database and Data Warehousing Environment

• Web Application Environment

69

Web Site Incidents

• Vandalism

• Financial fraud

• Privileged access

• Theft of transaction information

• Theft of intellectual property

• Denial of Service (DoS)

70

Web Hacks

• Majority of hacks at the application level

• Firewalls provide minimal protection

• Information Gathering

• Administrative Interfaces

• Configuration Management

• Authentication & Access Control

71

Web Hacks

•Input Validation

•Parameter Manipulation

•Session Management

72

Web Application Security Principles

• Validate all input and output

• Fail Secure (closed)

• Fail Safe

• Make it simple

• Defense in depth

• Only as secure as your weakest link

• Security by obscurity

73

• Do not cache secure pages

• Ensure all encryption meets industry standards

• Monitor third party code vendors for security alerts

• Handle exceptions properly

• Do not trust any data from the client

• Do not trust data from other servers, partners, or other parts of the application

Web Application Security Principles

74

Domain Summary

• Understand software-based security controls

• Understand the software development and change/maintenance processes

• Specialized security controls for database and Web applications

• Describe malicious software

• Controls for detection of malware

• Define software engineering principles

“SecurityTranscends

Technology”