1 / 11

Chapter 1

The Software Security Problem. Chapter 1. Goals of this course. Become aware of common pitfalls. Static Analysis and tools. Some common approaches to security. Defensive Programming Security Features (vs secure features) ‏ Improving Software Quality. Some common approaches to security.

norris
Download Presentation

Chapter 1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Software Security Problem Chapter 1

  2. Goals of this course • Become aware of common pitfalls. • Static Analysis and tools

  3. Some common approaches to security • Defensive Programming • Security Features (vs secure features)‏ • Improving Software Quality

  4. Some common approaches to security • Defensive Programming • Security Features (vs secure features)‏ • Improving Software Quality (none of these approaches work!)‏

  5. So, what works?

  6. Usual Software building cycle: • Requirements and Specifications • Design • Code • Test and debug • Integration test • Deliver

  7. Best way to detect vulnerable code • Through a Static Analysis Tool. • However, hand/hard work is still necesary!

  8. Vulnerability Classification • Generic vs context-specific defects • Visible in the code vs visible only in the design • Seven pernicious kingdoms: • Input validation and representation • API abuse • Security Features • Time and State • Error Handling • Code Quality • Encapsulation • Environment

  9. Risky Resource Management Buffer overflow Improper limitation of a pathname in a restricted directory Buffer access woth incorrect length value Improper check for unusual or exceptional conditions Improper control of filename for include/require PHP statement Improper validation of array index. Integer overflow/wraparound Incorrect buffer size calculation Code download without integrity check. Unlimited resource allocation 2009 CWE/SANS Top 25 • Insecure Component Interaction • Faiulre to preserve page structure (Cross-site scripting) • Improper sanitation of SQL commands (SQL injection) • Cross-site request forgery • Unrestricted upload of file with dangerous type • Improper sanitation of OS command elements (OS command injetion) • Error Message Information leak • URL redirect to untrusted site (open redirect) • Race Condition

  10. 2009 CWE/SANS Top 25 (cont)‏ • Porous Defenses • Improper Access control • Reliance on untrusted inputs in a security decision • Broken or risky cryptography • Hard-coded credentials/passwords • Missing authentication for critical function • Incorrect Permission Assignment for critical Resource • Use of broken or risky cryptography.

More Related