The Software Security Problem Chapter 1
Goals of this course • Become aware of common pitfalls. • Static Analysis and tools
Some common approaches to security • Defensive Programming • Security Features (vs secure features) • Improving Software Quality
Some common approaches to security • Defensive Programming • Security Features (vs secure features) • Improving Software Quality (none of these approaches work!)
Usual Software building cycle: • Requirements and Specifications • Design • Code • Test and debug • Integration test • Deliver
Best way to detect vulnerable code • Through a Static Analysis Tool. • However, hand/hard work is still necesary!
Vulnerability Classification • Generic vs context-specific defects • Visible in the code vs visible only in the design • Seven pernicious kingdoms: • Input validation and representation • API abuse • Security Features • Time and State • Error Handling • Code Quality • Encapsulation • Environment
Risky Resource Management Buffer overflow Improper limitation of a pathname in a restricted directory Buffer access woth incorrect length value Improper check for unusual or exceptional conditions Improper control of filename for include/require PHP statement Improper validation of array index. Integer overflow/wraparound Incorrect buffer size calculation Code download without integrity check. Unlimited resource allocation 2009 CWE/SANS Top 25 • Insecure Component Interaction • Faiulre to preserve page structure (Cross-site scripting) • Improper sanitation of SQL commands (SQL injection) • Cross-site request forgery • Unrestricted upload of file with dangerous type • Improper sanitation of OS command elements (OS command injetion) • Error Message Information leak • URL redirect to untrusted site (open redirect) • Race Condition
2009 CWE/SANS Top 25 (cont) • Porous Defenses • Improper Access control • Reliance on untrusted inputs in a security decision • Broken or risky cryptography • Hard-coded credentials/passwords • Missing authentication for critical function • Incorrect Permission Assignment for critical Resource • Use of broken or risky cryptography.