1 / 10

Chapter 24: Software Security

Chapter 24: Software Security. Key Takeaway Points. Software security is a proactive , rather than reactive, approach to constructing secure software. Consideration of software security should begin in the requirements phase and continue throughout the life cycle. Security Requirements.

dorothysalazar
Download Presentation

Chapter 24: Software Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 24: Software Security

  2. Key Takeaway Points • Software security is a proactive, rather than reactive, approach to constructing secure software. • Consideration of software security should begin in the requirements phase and continue throughout the life cycle.

  3. Security Requirements • Security requirements define the capabilities of the software system to thwart attempted attacks and recover from successful attacks. • There are many different types of security requirements (page 608). • Not all systems require all types of security requirements. • Security requirements are associated with costs to design and implement. • Which security requirements are needed for a system is a project dependent decision.

  4. Secure Software Design Principles Principle 1. Secure the weakest link. Principle 2. Practice defense in depth. Principle 3. Fail securely. Principle 4. Least privilege. Principle 5. Compartmentalize. Principle 6. Keep it simple and stupid. Principle 7. Promote privacy. Principle 8. Remember that hiding secrets is hard. Principle 9. Be reluctant to trust. Principle 10. Use community resources.

  5. Secure Software Design Patterns (p. 611) Architectural security patterns: • Privilege Reduction • Privilege Separation • Defer to Kernel • Single Access Point • Check Point • Secure Access Layer Design security patterns: • Roles/RBAC Implementation security patterns • Secure Pipe • Session • Input Validation • Secure Logger

  6. SAMS Example

  7. Seven Best Practices of Software Security • Code review • Architectural risk analysis • Penetration testing • Risk based security testing • Misuse cases • Security requirements • Security operation

  8. Attack Tree • An attack tree is an And-Or tree, each non-terminal is an AND node, or OR node. • Each non-terminal represents a problem to be solved or a goal to be accomplished. • An AND node means the problem is solved if the problems represented by its children are solved. An OR node means the problem is solved if the problem of one of its children is solved. • An attack tree describes the options to accomplish an attack.

  9. domain modeling security requirements misuse cases security architectural design security test planning modify planning and architectural design w.r.t. changes design for security apply security patterns and secure design principles review design to detect security flaws modify domain model to help understand security related concepts test w/security requirements apply static analysis tools perform penetration testing and misuse case testing Software Security in the Life Cycle Planning & Architectural design Accommodate Change Domain Modeling Software Design Implementation, Test & Deployment

  10. Tool Support for Software Security • SeaMonster is a security modeling tool for threat models, namely attack trees and misuse cases, and can connect to a repository for model sharing and reuse. • PMD is a Java static code analyzer. • FindBugs is a Java static analyzer, and looks for bugs in Java programs. • WASSP is a “hardening” tool which identifies problems on a running system

More Related