110 likes | 126 Views
The Software Security Problem. Chapter 1. Goals of this course. Become aware of common pitfalls. Static Analysis and tools. Some common approaches to security. Defensive Programming Security Features (vs secure features) Improving Software Quality. Some common approaches to security.
E N D
The Software Security Problem Chapter 1
Goals of this course • Become aware of common pitfalls. • Static Analysis and tools
Some common approaches to security • Defensive Programming • Security Features (vs secure features) • Improving Software Quality
Some common approaches to security • Defensive Programming • Security Features (vs secure features) • Improving Software Quality (none of these approaches work!)
Usual Software building cycle: • Requirements and Specifications • Design • Code • Test and debug • Integration test • Deliver
Best way to detect vulnerable code • Through a Static Analysis Tool. • However, hand/hard work is still necesary!
Vulnerability Classification • Generic vs context-specific defects • Visible in the code vs visible only in the design • Seven pernicious kingdoms: • Input validation and representation • API abuse • Security Features • Time and State • Error Handling • Code Quality • Encapsulation • Environment
Risky Resource Management Buffer overflow Improper limitation of a pathname in a restricted directory Buffer access woth incorrect length value Improper check for unusual or exceptional conditions Improper control of filename for include/require PHP statement Improper validation of array index. Integer overflow/wraparound Incorrect buffer size calculation Code download without integrity check. Unlimited resource allocation 2009 CWE/SANS Top 25 • Insecure Component Interaction • Faiulre to preserve page structure (Cross-site scripting) • Improper sanitation of SQL commands (SQL injection) • Cross-site request forgery • Unrestricted upload of file with dangerous type • Improper sanitation of OS command elements (OS command injetion) • Error Message Information leak • URL redirect to untrusted site (open redirect) • Race Condition
2009 CWE/SANS Top 25 (cont) • Porous Defenses • Improper Access control • Reliance on untrusted inputs in a security decision • Broken or risky cryptography • Hard-coded credentials/passwords • Missing authentication for critical function • Incorrect Permission Assignment for critical Resource • Use of broken or risky cryptography.