Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.

Slides:



Advertisements
Similar presentations
Chapter 1  Introduction 1 Chapter 1: Introduction.
Advertisements

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture Outline 10 INFORMATION SYSTEMS SECURITY. Two types of auditors External auditor: The primary mission of the external auditors is to provide an.
VM: Chapter 5 Guiding Principles for Software Security.
Secure Design Principles  secure the weakest link  reduce the attack surface  practice defense in depth  minimize privilege  compartmentalize  fail.
1 Steve Chenoweth Friday, 10/21/11 Week 7, Day 4 Right – Good or bad policy? – Asking the user what to do next! From malware.net/how-to-remove-protection-system-
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
1 An Overview of Computer Security computer security.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Stephen S. Yau CSE , Fall Security Strategies.
Software Security Course Course Outline Course Overview Introduction to Software Security Common Attacks and Vulnerabilities Overview of Security.
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
SEC835 Database and Web application security Information Security Architecture.
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
Drupal Security Securing your Configuration Justin C. Klein Keane University of Pennsylvania School of Arts and Sciences Information Security and Unix.
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.
 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 1 – Overview.
The Protection of Information in Computer Systems Part I. Basic Principles of Information Protection Jerome Saltzer & Michael Schroeder Presented by Bert.
Attacking Applications: SQL Injection & Buffer Overflows.
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
Information Systems Security
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Security Requirements of NVO3 draft-hartman-nvo3-security-requirements-01 S. Hartman M. Wasserman D. Zhang 1.
Information Security What is Information Security?
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Module 11: Designing Security for Network Perimeters.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
Security Vulnerabilities in A Virtual Environment
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Ingredients of Security
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Security and Web Programming/Design. cell phones bio-facilities Sodas, junk food, and coffee Welcome to the No Smoking State.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Computer Security By Duncan Hall.
Engineering Secure Software. Does Security Even Matter?  Find two other people near you Introduce yourself What is your favorite software development.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Software Security Q: What does it mean to say that a program is secure? A: There is a sufficient amount of trust that the program maintains _____________,
CS457 Introduction to Information Security Systems
SE-1021 Software Engineering II
Information Security, Theory and Practice.
Security+ All-In-One Edition Chapter 1 – General Security Concepts
Design for Security Pepper.
Security Standard: “reasonable security”
Chapter 1: Introduction
Software Security Testing
EN Lecture Notes Spring 2016
Controlling Computer-Based Information Systems, Part II
Security Engineering.
Understanding Security Layers
development lifecycle & Principles
6. Application Software Security
Presentation transcript:

Engineering Secure Software

A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow for privacy violations e.g. secretary can view everyone’s patient records  Introducing a design flaw, e.g. giving plug-ins total access  Introducing a code-level vulnerability, e.g. buffer overflow  Missing a vulnerability in code inspections & testing  Introducing a vulnerability by regression in maintenance  Not facilitating a secure deployment, e.g. installation defaults © Andrew Meneely

Security at Every Step Requirements & Planning Abuse cases Risk Assessment Threat Modeling Design Architectural risk Secure design patterns Formalism Implementation Vulnerability Taxonomy Input/Output Handling Auditability Testing Penetration Testing Exploratory Testing Automated Testing Deployment Networking & Cryptography DefaultsPermissions Maintenance PatchingRegressionAssessment

Core Security Properties  Software security breaks into these categories Confidentiality Integrity Availability  Very broad, multi-dimensional categories  Some people add in “auditability”, but we consider that part of “integrity”

Confidentiality  The system must not disclose any information intended to be hidden E.g. your credit card information on a website  Note: open source software can still be confidential

Integrity  The system must not allow assets to be subverted by unauthorized users E.g. changing a prisoner’s release date  We must be able trust what is in the system The data being stored The functionality being executed

Availability  The system must be able to be available and operational to users E.g. bringing down Amazon.com  These are extremely hard to protect against Any system performance degradation that can be triggered by a user can be used for denial of service attacks Concurrency issues, infinite loop, or resource exhaustion

Misc. Philosophies & Proverbs  Defense in depth If they break into this, they can’t get any farther Think Middle-Age castles Original meaning of “firewall”, not today’s firewall  Least privilege Every user or module is given the least amount of privilege it needs Evil: sudo chmod –R a+rw /

More Misc. Philosophies & Proverbs  Fail securely Exceptions put the system into weird states Error message information leak Take care of those exceptions properly!  Security by obscurity You can’t rely upon being obscure to be secure ○ Crowds are good at guessing ○ Insiders are corruptible Some notable exceptions: passwords, encryption keys

Even More Misc. Philosophies & Proverbs  Detect and record Even if you can’t always sift through that data ahead of time Post-mortem analysis  Don’t trust [input | environment | dependencies | *] Know what to trust Know how to trust

Even Even More Misc. Philosophies & Proverbs  Secure by default Don’t rely on your users to use it correctly Convention over configuration  Keep it simple YAGNI Speculative generality can be risky Minimize the attack surface

Discussion Exercise: Spam Bot Server  Suppose we had a vulnerability in the RIT mail servers where you could send a special packet and it would bypass authentication for outgoing . This allowed attackers to send s using any account.  Which of CIA does this violate? Immediately? As a secondary consequence?  Using the following philosophies, discuss how each of these can be applied here: Defense in Depth Security by obscurity Detect and record Don’t trust input

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.