Download
the software security problem n.
Skip this Video
Loading SlideShow in 5 Seconds..
Chapter 1 PowerPoint Presentation

Chapter 1

147 Views Download Presentation
Download Presentation

Chapter 1

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. The Software Security Problem Chapter 1

  2. Goals of this course • Become aware of common pitfalls. • Static Analysis and tools

  3. Some common approaches to security • Defensive Programming • Security Features (vs secure features)‏ • Improving Software Quality

  4. Some common approaches to security • Defensive Programming • Security Features (vs secure features)‏ • Improving Software Quality (none of these approaches work!)‏

  5. So, what works?

  6. Usual Software building cycle: • Requirements and Specifications • Design • Code • Test and debug • Integration test • Deliver

  7. Best way to detect vulnerable code • Through a Static Analysis Tool. • However, hand/hard work is still necesary!

  8. Vulnerability Classification • Generic vs context-specific defects • Visible in the code vs visible only in the design • Seven pernicious kingdoms: • Input validation and representation • API abuse • Security Features • Time and State • Error Handling • Code Quality • Encapsulation • Environment

  9. Risky Resource Management Buffer overflow Improper limitation of a pathname in a restricted directory Buffer access woth incorrect length value Improper check for unusual or exceptional conditions Improper control of filename for include/require PHP statement Improper validation of array index. Integer overflow/wraparound Incorrect buffer size calculation Code download without integrity check. Unlimited resource allocation 2009 CWE/SANS Top 25 • Insecure Component Interaction • Faiulre to preserve page structure (Cross-site scripting) • Improper sanitation of SQL commands (SQL injection) • Cross-site request forgery • Unrestricted upload of file with dangerous type • Improper sanitation of OS command elements (OS command injetion) • Error Message Information leak • URL redirect to untrusted site (open redirect) • Race Condition

  10. 2009 CWE/SANS Top 25 (cont)‏ • Porous Defenses • Improper Access control • Reliance on untrusted inputs in a security decision • Broken or risky cryptography • Hard-coded credentials/passwords • Missing authentication for critical function • Incorrect Permission Assignment for critical Resource • Use of broken or risky cryptography.