CSC 2045 Secure Software Principles Week 02

Questions and Answers

Which of the following best describes the concept of Secure Development Lifecycle (SDL)?

A process that excludes user feedback from the development

A methodology focusing solely on the testing phase of software

A framework that integrates security at every stage of software development (correct)

A strategy that prioritizes speed over security in coding

What does the CIA triad represent in the context of security fundamentals?

Complexity, Input, and Accuracy

Consistent Interface and Application

Code Integrity and Assurance

Confidentiality, Integrity, and Availability (correct)

Which programming principle should be prioritized during implementation?

Adapting popular coding styles

Maximizing performance over security

Code reviews and responsible coding (correct)

Focusing solely on functionality

What does the STRIDE threat model help identify?

Security threats

Which of the following is NOT a component of the STRIDE threat model?

Complexity

What is a primary focus of threat modeling?

Assessing security vulnerabilities

Which technique helps in mitigating the risk of information disclosure?

Access control and encryption

Which of the following describes 'elevation of privilege'?

Unauthorized access to higher system privileges

What is one objective of using logging and audit trails?

To provide evidence in case of repudiation

What is one characteristic of static analysis in secure coding practices?

It analyzes source code without executing it

What is one reason programmers may write insecure code?

A lack of awareness regarding security issues.

What contributes to the challenge of fixing legacy software?

The inherent complexity of outdated systems.

What common misconception do programmers hold regarding security?

Security can be effectively implemented post-development.

What is essential for integrating security into the Software Development Lifecycle (SDLC)?

Incorporating security actions into each existing phase of the SDLC

Which term is used to describe security practices built into DevOps activities?

DevSecOps

Why should security actions not be treated as a separate lifecycle from the SDLC?

Integration with the existing SDLC prevents security measures from being ignored.

What does the implementation of Continuous Integration and Continuous Delivery/Deployment (CI/CD) pipelines in SDLC mostly automate?

Development and operational phases of the application lifecycle

What type of security testing is NOT included in the automation of the SDLC?

Manual Code Review

What does the 'Integrity' principle in the CIA triad primarily focus on?

Protecting data from unauthorized modification

Which component is NOT part of the CIA triad?

Authorization

What aspect of security does the term 'Availability' refer to?

Ensuring the presence of information or resources

What does the 'Confidentiality' principle seek to achieve?

Preventing unauthorized access to sensitive information

What does the principle of 'Security by Design' emphasize during system development?

Security should be integrated from the beginning of the design process.

What is the primary focus of the 'Security by Default' principle?

To establish default settings that prioritize security over usability.

What does the phrase 'no security guarantee' imply regarding software applications?

With enough effort, any application can be compromised.

What does the term 'Psychological acceptability' refer to in the context of security design?

The requirement that security measures must not hinder usability.

Study Notes

Course Information

• Course Title: Secure Software Principles
• Course Code: CSC 2045

Objectives

• Understand why vulnerabilities exist in programming code.
• Learn standard software engineering and software assurance principles for secure software development.

Agenda: Week 02

• Secure Coding
• Secure Fundamentals
• Principles of Security
• SDLC
• Good Programming, Coding Standards & Practices

Secure Coding in C/C++

• Read the Forward (page xvii) from the book Secure Coding C/C++ by Robert Seacord.
• Reference: https://insights.sei.cmu.edu/documents/1312/2005_009_001_52710.pdf

OWASP Secure Fundamentals

• Read the OWASP Developer Guide on Secure Fundamentals.
• Reference: https://owasp.org/www-project-developer-guide/draft/foundations/security_fundamentals/
• Define CIA (Confidentiality, Integrity, Availability) and AAA (Authentication, Authorization, Accounting).

OWASP Principles of Security

• Read the OWASP Developer Guide on Security Principles.
• Reference: https://owasp.org/www-project-developer-guide/draft/foundations/security_principles/
• Understand the outlined security principles.

OWASP Secure Development & Integration

• Read the OWASP Developer Guide on Secure Development & Integration.
• Reference: https://owasp.org/www-project-developer-guide/draft/foundations/secure_development/
• Define SDLC (Software Development Life Cycle).

Why Do We Need SDLC?

• Software provides automation, intelligence, and functionality.
• Software takes input and produces output.
• Unexpected input can lead to unexpected interactions among components.
• Automation, intelligence, and functionality create potential risks, including privacy issues, unauthorized actions (like alteration or privilege escalation through buffer overflow).
• Understanding software security is crucial.
• Managing these risks is essential.

Software Development Lifecycle (SDLC)

• Phase 1: Define the Problem: Analyze and specify the requirements for the problem.
• Phase 2: Design the Solution: Defining the algorithm to solve the particular problem
• Phase 3: Implement/Code Solution: Creating the program's solution.
• Phase 4: Testing: Verifying the correctness and effectiveness, and identifying potential errors in the program.
• Phase 5: Deploy/Maintain & Document: Deploying it to the intended environment and maintaining its functionality afterward (documentation is essential).

Analysis and Requirements

• What?
  • Define the problem.
  • Understand the requirements.
• Most common cause of system failures: Tracing failures to inadequate requirements gathering.
• Document the problem statement precisely.
• Use cases.
• Threat modeling.
• Important point: Consider security in this phase.

Design

• How? Planning, Algorithms, and Code Responsibility
• Consider vulnerabilities and apply security principles.

Implementation

• Choose a programming language (consider security).
• Code Responsibly. Apply software security principles. Understand syntax errors vs. logic errors.
• Code reviews and static analysis.
• Important point: Consider security during implementation.

Safe Coding: Threat Modeling 101

• STRIDE Threat Model:
  • Spoofing: Unauthorized access masquerading as another user.
  • Tampering: Unauthorized changes to data or functionality.
  • Repudiation: Inability to confirm actions.
  • Information Disclosure: Revealing confidential information.
  • Denial of Service (DoS): Preventing legitimate users from accessing resources.
  • Elevation of Privilege: Unauthorized increase in permissions.
  • Other considerations include Confidentiality, Integrity, Availability, Identification/Authentication, Authorization, and Auditing.

Threats and Mitigation Techniques

• Spoofing Identity: Compromising authentication, protecting keys, and passwords.
• Tampering with Data: Compromising integrity.
• Repudiation: Logging, audit trails, and digital signatures.
• Information Disclosure: Compromising confidentiality, access control, and encryption.
• Denial of Service: Compromising availability, graceful degradation, filtering, increasing server resources.
• Elevation of Privilege: Access control and sandboxing.

Common Code Vulnerabilities

• Incorrect or incomplete input validation
• Poor or missing exception handling
• Buffer overflows
• Race conditions
• SQL injection
• Cross-side scripting
• Common Vulnerabilities (additional): The document lists several other Common Weakness Enumeration (CWE) vulnerabilities with year-over-year trends, including CWE-20, CWE-119, CWE-434, CWE-22, CWE-89, etc. Studying these and their trends is essential.

Good Programming

• Focus on both problem solving and precise solutions.
• Programs should be readable by humans, with attention given to the design, to be easily executed by the machine later.
• This is vital for good programming practices.
• Consider these points as you develop new code.

Why Write Insecure Code?

• Read the given web link (https://dwheeler.com/secure-programs/Secure-Programs-HOWTO/why-write-insecure.html) and discuss the reasons for creating insecure code.
• Answer questions in the PearDeck format about the items in the article, and your opinions about them.

Good Programming style

• Code is read more than written.
• Code consistency.
• Code clarity.
• Code formatting.

C++ Coding Standards

• Coding standards for a particular environment using C++. There is no completely universal standard for all environments, since the uses for C++ are too varied.
• Guidelines for using using namespace std. Avoid using using namespace std; in your code.
• Guidelines for local variable declarations. Declaring variables at the top of the function scope is generally preferred.
• Important point: C++ Coding Standards are important for consistent software designs and maintenance; no single standard applies to all use-cases.
• Guidelines for variable naming. Use descriptive and meaningful names that clearly indicate the purpose of the variable.
• Guidelines for global variables. Minimize the usage of global variables whenever possible.

Description

This quiz focuses on the key concepts of secure coding, principles of security, and relevant software development life cycle practices discussed in Week 02 of the Secure Software Principles course. It also covers the importance of CIA and AAA in the context of secure software development. Prepare to demonstrate your understanding of secure coding standards in C/C++.