Security Development Lifecycle. Microsoft SDL 概觀 The SDL is composed of proven security practices It works in development organizations regardless of.

Slides:



Advertisements
Similar presentations
Sachin Rawat Crypsis SDL Threat Modeling.
Advertisements

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.
WwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling With STRIDE and DREAD Chuck Ben-Tzur Security Consultant Sentry Metrics March 27, 2007.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Security Development Lifecycle Randy Guthrie Microsoft Developer Evangelist
Day O’ Security An Introduction to the Microsoft Security Development Lifecycle Day 1: Threat Modelling - CIA and STRIDE.
Copyright © Microsoft Corp 2006 Introduction to Threat Modeling Michael Howard, CISSP Senior Security Program Manager Security Engineering and Communication.
Lecture 1: Overview modified from slides of Lawrie Brown.
Writing Secure Code – Best Practices
August 1, 2006 XP Security. August 1, 2006 Comparing XP and Security Goals XP GOALS User stories No BDUF Refactoring Continuous integration Simplicity.
August 1, 2006 Software Security. August 1, 2006 Essential Facts Software Security != Security Features –Cryptography will not make you secure. –Application.
1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-
Introducing Computer and Network Security
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
SwE 434. Rational Quality Manager Rational Quality Manager is a collaborative, Web-based tool that offers comprehensive test planning, test construction,
1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.
Applied Software Project Management 1 Introduction Dr. Mengxia Zhu Computer Science Department Southern Illinois University Carbondale.
Methods For The Prevention, Detection And Removal Of Software Security Vulnerabilities Jay-Evan J. Tevis Department of Computer Science and Software Engineering.
Stoimen Stoimenov QA Engineer QA Engineer SitefinityLeads,SitefinityTeam6 Telerik QA Academy Telerik QA Academy.
What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.
IDENTITY MANAGEMENT: PROTECTING FROM THE INSIDE OUT MICHAEL FORNAL, SECURITY ANALYST PROVIDENCE HEALTH & SERVICES SOURCE SEATTLE CONFERENCE
A Framework for Automated Web Application Security Evaluation
 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.
Software Assurance Session 15 INFM 603. Bug hunting vs. vulnerability spotting Bugs are your code not behaving as you designed it. Many can be found by.
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
امیرحسین علی اکبریان.  Introduction  Goals of Threat Modeling  The approach Overview.
May 2, 2007St. Cloud State University Software Security.
CSE 403 Lecture 14 Safety and Security Requirements.
1 ADVANCED MICROSOFT EXCEL Lesson 9 Applying Advanced Worksheets and Charts Options.
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
Microsoft Security Development Lifecycle
Version 02U-1 Computer Security: Art and Science1 Writing Secure Code The Proactive secure Development Process by Michael Howard and David LeBlanc.
April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
1 © 2004, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL Support for Vista Unity 5.0(1)
Definitions of Business, E- Business, and Risk  Business: An organization involved in trade of goods and/or services to the consumers  E-Business: Application.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Information Security What is Information Security?
Managing Change 1. Why Do Requirements Change?  External Factors – those change agents over which the project team has little or no control.  Internal.
Software from Requirements Brent Haines April 12, 2007 Why Methodology Doesn’t Really Matter.
Practical Threat Modeling for Software Architects & System Developers
What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling  OCTAVE Risk/Threat.
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
CSSE 492 Software Dependability Seattle University Computer Science & Software Engineering Winter 2007 Prof. Roshanak Roshandel.
CSE 403, Software Engineering Lecture 6
Presented by Mike Sues, Ethical Hack Specialist Threat Modeling.
What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.
1 Design Principles CS461 / ECE422 Spring Overview Simplicity  Less to go wrong  Fewer possible inconsistencies  Easy to understand Restriction.
How We Got Here PC and Internet changed the rules –Viruses, information sharing, “outside” and “inside” indistinguishable –Vulnerability research for.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
Access Control. Assignment Review  Current  Next 6/23/2016 Access Control 2.
Access Control. Assignment Review  Current –You decide what categories you want to include. Just provide the required justification.  Next  Detailed.
Security+ All-In-One Edition Chapter 1 – General Security Concepts
Execution with Unnecessary Privileges
Security Protection Goals
Understanding Security Layers
Finding and Managing Bugs CSE 403 Lecture 23
CS 465 Terminology Slides by Kent Seamons Last Updated: Sep 7, 2017.
CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com
CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com
Presentation transcript:

Security Development Lifecycle

Microsoft SDL 概觀 The SDL is composed of proven security practices It works in development organizations regardless of their size or platform. SDL does not necessarily change existing processes. SDL adds security to your existing processes. It consists of multiple phases in which core software assurance activities are defined.

資安是一種態度 ! Just add some security steps and rules!

SDL 進程 Process EducationAccountability Ongoing Process Improvements

Microsoft SDL 基本精神 The Microsoft SDL is a holistic and comprehensive approach. SDL ensures that you get your work done securely! How to get rid of bad habits? Replace it by good ones! SDL helps you to identify ALL attack vectors to be constantly vigilant to look at your code and environment from the attackers point of view

安全設計原則 Threat Modeling 威脅模型

Threat Model 綜觀 A security-based analysis that helps people determine the highest level security risks posed to the product and how attacks can manifest themselves. The goal is to determine which threats require mitigation and how to mitigate the threats. Important You cannot build a secure system until you understand your threats. It’s as simple as that. The key point is to get you to think about the security of your application in a relatively formal way.

Threat Model 基本精神 Core SDL secure design principles Attack Surface Reduction Basic Privacy Threat Modeling A part of your architecture Defense in Depth Least Privilege Secure Defaults

使用 TM 的好處 TM help you understand your application. You will know better about the makeup of your app. TM help you find complex design defects. TM should be read by other product team that build on your product. Help other team to find threat in your product. TM help you find bugs. In fact, 50% bugs are found through threat analysis. TM help new team members understand the app in detail. TM can serve as a vehicle to expedite learning curve. TMs are useful for testers. Testers should test against the threat model, which will help them develop new tools.

如何進行 TM Rank the threats by decreasing risk. Choose how to respond to the threats. Decompose the application.Determine the threats to the system. Assemble the threat- modeling team. Choose techniques to mitigate the threats.

STRIDE 威脅型態 Desired PropertyThreatDefinition Authentication S poofing Impersonating something or someone else Integrity T ampering Modifying code or data without authorization Non-repudiation R epudiation The ability to claim to have not performed some action against an application Confidentiality Information Disclosure The exposure of information to unauthorized users Availability D enial of Service The ability to deny or degrade a service to legitimate users Authorization E levation of Privilege The ability of a user to elevate their privileges with an application without authorization

如何反應威脅 Option 2: Warn the User Also be problematic: many users don’t know what the right decision is. User will ignore warnings if they come up too often. Option 1: Do nothing Incorrect, because the problem is latent. If you decide to do nothing, whether the feature could be disabled by default? Option 4: Fix the problem Remedy the problem with technology. The most difficult one and will involve more work. Option 3: Remove the Problem Don’t ship with security flaw, rather pull the feature from the product. Don’t want to do that? Remember, there’s always the next version!

Books related to SDL Threat Modeling (Microsoft Professional) by Frank Swiderski, Window Snyder July 14, 2004 ISBN-10: ISBN-13: The Security Development Lifecycle by Michael Howard, Steve Lipner June 28, 2006 ISBN-10: ISBN-13: Writing Secure Code, Second Edition by Michael Howard, David C. LeBlanc December 4, 2002 ISBN-10: ISBN-13: Writing Secure Code for Vista by Michael Howard, David C. LeBlanc April 11, 2007 ISBN-10: ISBN-13:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.