CSC 2045 Week 02 Secure Software Principles PDF

CSC 2045 SECURE SOFTWARE PRINCIPLES OBJECTIVES AGENDA: WEEK 02 Describe why vulnerabilities exist in 1. Secure Coding programming code 2. Secure Fundamentals Become familiar with standard principles of software engineering and 3. Principles of Security software assurance needed for secure software development 4. SDLC 5. Good Programming, Coding Standards & Practices SECURE CODING IN C/C++ FOWARD Read the Forward (page xvii) noted in the Table of Contents from the book Secure Coding C/C++ by Robert Seacord o https://insights.sei.cmu.edu/documents/1312/2005_009_001_5271 0.pdf OWASP SECURE FUNDAMENTALS Read the OWASP Developer Guide on Secure Fundamentals o https://owasp.org/www-project-developer- guide/draft/foundations/security_fundamentals/ o Define CIA and AAA OWASP PRINCIPLES OF SECURITY Read the OWASP Developer Guide on Principles of Security: o https://owasp.org/www-project-developer- guide/draft/foundations/security_principles/ Become familiar with each security principle outlined OWASP SECURE DEVELOPMENT & INTEGRATION Read the OWASP Developer Guide on Secure Development & Integration o https://owasp.org/www-project-developer- guide/draft/foundations/secure_development/ o What is meant by SDLC? WHY DO WE NEED SDLC? Software provides automation, intelligence, and functionality. Software takes input and produce output. Input can be unexpected, leads to unexpected interaction(s) among software components. Automation, intelligence and functionality have certain risks. Privacy (task leakage); unauthorized alteration, privilege escalation through buffer overflow? What is software security? Managing such risks. SOFTWARE DEVELOPMENT SECURITY DEVELOPMENT LIFECYCLE (SDLC) LIFECYCLE (SDL) 1. Define the Steve Lipner from problem Microsoft coined (analysis/requir the term Security ements) Development 2. Design the Lifecycle (SDL). solution SDL takes each (algorithm) element of the software 3. Implement/Code development solution lifecycle (SDLC) (program) and specifically 4. Testing considers how it 5. Deploy/Maintain pertains to and document security. ANALYSIS AND REQUIREMENTS WHAT? Defining the problem Requirements Most common cause of software system failure traced to poor requirements gathering Generate and document a clear problem statement Use Cases Threat modeling Consider security DESIGN IMPLEMENTATION HOW? Choose programming language Are some languages more Planning secure? Algorithm Is there a totally secure Code responsibly language? Code responsibly. Consider vulnerabilities Software security principles Security principles Syntax error vs logic error (bug) Consider security Code reviews Static analysis Consider security SAFE CODING: THREAT MODELING 101 STRIDE Threat Model Reads must be authorized Confidentiality Spoofing Modification must be Integrity authorized Tampering Software continues working Availability even while being attached Repudiation Identify and Users must declare who Information Disclosure Authentication (I&A) they are and prove it Denial of Service Determine what a user is Authorization allowed to do Elevation of Privilege Record important events Auditing THREATS AND MITIGATION TECHNIQUES Spoofing Identity Information Disclosure Compromise Compromise confidentiality authentication Access control, encryption, not Protect keys & storing secrets... passwords... Denial of Service Tampering with Data Compromise availability Compromise integrity Graceful degradation, filtering, Repudiation increase server resources Logging, audit trails, Elevation of Privilege digital signatures... Access control, sandboxing... COMMON CODE VULNERABILITIES We'll consider the following code vulnerabilities this semester: Incorrect or incomplete input validation Poor or missing exception handling Buffer overflows TYPICAL SOFTWARE SECURITY PROBLEMS VULNERABILITY TYPE CHANGE BY YEAR Race conditions Other common Vulnerabilities SQL injection Cross-side scripting GOOD PROGRAMMING (CPROGRAMMING) If you are persistent, willing to pay attention to issues of design and focus on both problem solving and Patience Precision precise solutions to problems, you will go far as a programmer. Problem Programs are meant to be read Design Solver Good by humans and only Programmer incidentally for computers to execute. —Donald Knuth, The Art of Computer Programming WHY WRITE INSECURE CODE? From the Secure Coding HOWTO Book, read the section: o https://dwheeler.com/secure-programs/Secure-Programs- HOWTO/why-write-insecure.html Answer within the PearDeck: o Did you agree with all the items outlined in the section? If not, which item and why? If yes, which item is the most critical in your opinion? CODING Good Programming Style Whitespace Consistency Clarity and Formatting Code is read more often than it is written. —Guido van Rossum (creator of Python) C++ CODING STANDARDS The main point of a C++ coding standard is to provide a set of rules for using C++ for a particular purpose in a particular environment. It follows that there cannot be one coding standard for all uses and all users. C++ Core Guidelines Should I use using namespace std in my code? NO Should I declare locals in the middle of a function or at the top? Which is better: identifier names that_look_like_this or identifier names thatLookLikeThis? What’s a good coding standard for using global variables? NO NEVER DO IT!

CSC 2045 Week 02 Secure Software Principles PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue