CSC 1029 Week 06 SDL Design Principles PDF

CSC 1029 CYBERSECURITY FUNDAMENTALS OBJECTIVES AGENDA: WEEK 02 Understand what 1. What is Cybersecurity and Types of cybersecurity is and its Attacks importance. 2. Cybersecurity Objectives Understand what we are 3. What are we protecting 4. Cost of Cybersecurity protecting from attackers. 5. Your Next Move: Software Developer Understand the lessons 6. Vulnerabilities learned from historical and 7. Threat Model: STRIDE current events, and emerging 8. Threat Intelligence trends. 9. Types of Attacks 10. Importance of Software Security 11. TODO and Resources for Help WHAT IS CYBERSECURITY Read the CompTIA article: What is Cybersecurity? https://www.comptia.org/content/articles/what-is-cybersecurity Watch the YouTube: What is Cybersecurity OBJECTIVES OF CYBERSECURITY Read the CompTIA resource State of Cybersecurity for 2024 Market Overview through to Policy https://www.comptia.org/content/research/cybersecurity-trends- research What do you consider to be the top objectives for Cybersecurity? WHAT ARE WE PROTECTING Review each of the 16 Critical Infrastructure Sectors https://www.cisa.gov/topics/critical-infrastructure-security-and- resilience/critical-infrastructure-sectors WHAT IS THE COST? https://comptiacdn.azureedge.net/webcontent/images/default-source/researchreports/2022-state-of- cybersecurity---us/estimated-global-cost-of-cybercrime-in-2021.png?sfvrsn=2bbc387f_2 YOUR NEXT MOVE: SOFTWARE DEVELOPER Read the CompTIA blog: Your Next Move Software Developer https://www.comptia.org/blog/your-next-move-software- developer VULNERABILITIES Review the National Vulnerability Database visualizations: https://nvd.nist.go v/general/visualiz ations/vulnerabilit y- visualizations/cwe -over-time Vuln Summary Word Frequency Cloud: https://nvd.nist.gov/general/visualizations Threat STRIDE THREAT LIST Security https://owasp.org/www-community/Threat_Modeling_Process#stride-threat-list Control Threat action aimed at accessing and use of another user’s credentials, such as Spoofing username and password. Authentication Threat action intending to maliciously change or modify persistent data, such as Tampering records in a database, and the alteration of data in transit between two computers Integrity over an open network, such as the Internet. Threat action aimed at performing prohibited operations in a system that lacks the Non- Repudiation ability to trace the operations. Repudiation Information Threat action intending to read a file that one was not granted access to, or to read Confidentiality disclosure data in transit. Denial of Threat action attempting to deny access to valid users, such as by making a web Availability service server temporarily unavailable or unusable. Elevation of Threat action intending to gain privileged access to resources in order to gain Authorization privilege unauthorized access to information or to compromise a system. THREAT INTELLIGENCE Read the blog post from CompTIA: Threat Modeling and Cyber Threat Intelligence: Anticipating the Next Hit https://www.comptia.org/blog/threat-modeling-and-cyber- threat-intelligence TYPES OF ATTACKS 1. Social engineering attacks 3. Attacks against the Organization penetration supporting infrastructure IT infrastructure exploration Denial of Service (DoS) Phishing Spam Virus Spoofing Worm Man in the middle Trojans 2. Attacks against the Spyware application’s software Adware Cross-site scripting (XSS) 4. Physical attacks Buffer overflows External drives & Flash Sticks SQL code injection Bringing down the system Time/logic bombs Back door Stealing hardware IMPORTANCE OF SOFTWARE SECURITY Software security is the idea of engineering software so that it continues to function correctly under malicious attack. Software Security aims to avoid security vulnerabilities by addressing security from the early stages of software development life cycle. Security is a risk management. https://home.cs.colorado.edu/~kena/classes/5828/s12/presentation-materials/stevensonhunteralharbikhali.pdf Software Security refers to many aspects of security related to software Detect malicious attack Continue to function under malicious attack Maintain confidenitality, integrity, and availability CYBERSECURITY PRINCIPLES Complete the interactive lesson SDL SECURE DESIGN PRINCIPLES Safer applications begin with secure design Assume that all applications can and will be compromised No Security feature is perfect Core SDL secure design principles: Attack Surface Reduction Defense in Depth Basic Privacy Least Privilege Threat Modeling Secure Defaults Video: Start: 6:00 | End: 7:52 ATTACK SURFACE REDUCTION Attack Surface: Any part of an application that is accessible by a human or another program Minimize the number of exposed attack surface points a malicious user can discover and attempt to exploit Video: Start 7:52 | End 13:33 BASIC PRIVACY Privacy versus Security Privacy: Empowering users to control Privacy Security the use, collection and distribution of their personal information Security: Establishing protective measures that defend against hostile acts or influences and protects the confidentiality of personal information Privacy AND Security together are key factors for building trusted applications Video: Start 13:33 | End 20:40 (I'm aware the video audio stops – this is how the video was posted, it will resume) THREAT MODELING Threat Modeling is a process to understand threats to an application Threats and vulnerabilities are not the same thing: Threats: What a malicious user may attempt to compromise a system Vulnerabilities: A specific way a threat is exploitable, e.g. coding error Spoofing Tampering Repudiation https://www. Info. Disclosure microsoft.co m/en- Denial of Service us/securityen Elevation of Privlegdge gineering/sdl /threatmodeli ng Video: Start 20:47 | End 24:00 DEFENSE IN DEPTH Assume that software and hardware will fail at some point Trusted applications: security and privacy features and mechanisms Most applications today can be compromised when single, and often only, layer of defense is breached (firewall) Defense in Depth: If one defense layer is breached, what other defense layers (if any) provide additional protection to the application? Video: Start 24:00 | End 27:05 DEFENSE IN DEPTH Layered defense is needed Firewalls, IDS, encryption, access control are usually used together for communication and data security LEAST PRIVILEGE Least Privilege: If an application is compromised, then the potential damage that the malicious person can inflict is contained and minimized accordingly Trust with reluctance – need-to-know Least Privilege Tips: Evaluate your application and think minimally! Default – no access What is the minimum access level your application requires to perform its functions? Elevate privileges only when needed, and then release those elevated privileges when their purposes have been satisfied Video: Start 27:05 | End 29:53 PRIVILEGE CREEP AND COMPLETE MEDIATION Privilege creep: Gradual accumulation of access rights beyond what an individual needs to do their job. Occurs when a user changes job responsibilities within the organization and is granted new privileges Violation of need-to-know Complete Mediation Every access to every object must be checked before allow access The check should be efficient, not taking too many complex steps, or using too much system resources. Complete mediation restricts the caching of information SEPARATION OF PRIVILEGE OR DUTY Access to objects should depend on more than one condition Multi-factor authentication Separation of duty Two-person rule In coding – limit global variables, use local data and arguments! Access Control – Permission to access is called authorization Who should have access to what and possibly when? In coding – who has access to a file (readonly, read/write, delete)? LEAST COMMON MECHANISM Minimize the amount of mechanism common to more than one user and depended on by all users Every shared mechanism is a potential information path SECURE DEFAULTS Deploy applications in more secure configurations by default. Helps to better ensure that customers get safer experience with your application out of the box, not after extensive configuration It is up to the user to reduce security and privacy levels Favor Simplicity Favor white-listing over black-listing Fail-safe defaults If some actions fail, system is still secure, the default is deny-of-access. Video: Start 29:53 | End 32:32 DENY BY DEFAULT AND FAIL-SAFE Deny by Default - Everything not explicitly permitted is forbidden Fail-safe in engineering is a design feature that, in the event of a specific type of failure, responds in a way that will cause no or minimal harm to other equipment, the environment or people The system design prevents or mitigates unsafe consequences of the system's failure. Dead man's switch is automatically operated if the human operator becomes incapacitated. MGM CASINO CYBER ATTACK SEPT. 2023 Read the article: https://westoahu.hawaii.edu/cyber/global-weekly-exec- summary/alphv-hackers-reveal-details-of-mgm-cyber-attack/ Did the casino follow secure design principles? 1. Attack Surface Reduction 2. Basic Privacy 3. Threat Modeling 4. Defense in Depth 5. Least Privilege 6. Secure Defaults EARN YOUR PRE-WORK GRADE Post your weekly discussion question and research solution to D2L TODO Complete Week 02 Content Module in D2L to 100% WHAT'S COMING UP NEXT...WEEK 03 QUESTIONS | CLARIFICATIONS | HELP Student Office Hours: Schedule Meeting with Julie o By Appointment (both on-campus and remote via Zoom) o Drop-In Times Available (on-campus) Email: [email protected] RRCC On Campus Tutoring: https://www.rrcc.edu/learning- commons/tutoring 24/7 Online Tutoring: D2L > Content > Resources for Help

CSC 1029 Week 06 SDL Design Principles PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue