Security Vulnerabilities and Their Impact upon Poirot Jun Lin Supervised by Dr. Jane Huang.

Slides:



Advertisements
Similar presentations
Module XIV SQL Injection
Advertisements

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Database Management System
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
SQL Injection and Buffer overflow
Security in SQL Jon Holmes CIS 407 Fall Outline Surface Area Connection Strings Authenticating Permissions Data Storage Injections.
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.
CSCI 6962: Server-side Design and Programming Course Introduction and Overview.
Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
SQL INJECTION COUNTERMEASURES &
Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
A Framework for Automated Web Application Security Evaluation
A Security Review Process for Existing Software Applications
Preventing SQL Injection Attacks in Stored Procedures Alex Hertz Chris Daiello CAP6135Dr. Cliff Zou University of Central Florida March 19, 2009.
AMNESIA: Analysis and Monitoring for NEutralizing SQL- Injection Attacks Published by Wiliam Halfond and Alessandro Orso Presented by El Shibani Omar CS691.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
OracleAS Reports Services. Problem Statement To simplify the process of managing, creating and execution of Oracle Reports.
Attacking Applications: SQL Injection & Buffer Overflows.
SEC835 Practical aspects of security implementation Part 1.
Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Copyright © 2013 Curt Hill Database Security An Overview with some SQL.
Effective Security in ASP.Net Applications Jatin Sharma: Summer 2005.
Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,
10/25/20151 Single Sign-On Web Service Supervisors: Viktor Kulikov Alexander Sherman Liana Lipstov Pavel Bilenko.
ASP.NET The Clock Project. The ASP.NET Clock Project The ASP.NET Clock Project is the topic of Chapter 23. By completing the clock project, you will learn.
1 Chapter Overview Performing Configuration Tasks Setting Up Additional Features Performing Maintenance Tasks.
SQL Injection Jason Dunn. SQL Overview Structured Query Language For use with Databases Purpose is to retrieve information Main Statements Select Insert.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Sumanth M Ganesh B CPSC 620.  SQL Injection attacks allow a malicious individual to execute arbitrary SQL code on your server  The attack could involve.
Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.
Building Secure Web Applications With ASP.Net MVC.
SQL – Injections Intro. Prajen Bhadel College of Information Technology & Engeneering Kathmandu tinkune Sixth semister.
Controlling Web Site Access Using Logins CS 320. Basic Approach HTML form a php page that collects the username and password  Sends them to second PHP.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Database Security Lesson Introduction ●Understand the importance of securing data stored in databases ●Learn how the structured nature of data in databases.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.
SQL Injection Anthony Brown March 4, 2008 IntroductionQuestionsBackgroundTechniquesPreventionDemoConclusions.
Library Online Resource Analysis (LORA) System Introduction Electronic information resources and databases have become an essential part of library collections.
Defending Applications Against Command Insertion Attacks Penn State Web Conference 2003 Arthur C. Jones June 18, 2003.
Error-based SQL Injection
Syo-401 Question Answer. QUESTION 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the.
Database Security. Introduction to Database Security Issues (1) Threats to databases Loss of integrity Loss of availability Loss of confidentiality To.
Microsoft Advertising 16:9 Template Light Use the slides below to start the design of your presentation. Additional slides layouts (title slides, tile.
Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID Unity Connection Provisioning API Matt Penning Unity.
SQL INJECTION Lecturer: A.Prof.Dr. DANG TRAN KHANH Student :Le Nguyen Truong Giang.
SQL Injection Attacks S Vinay Kumar, 07012D0506. Outline SQL Injection ? Classification of Attacks Attack Techniques Prevention Techniques Conclusion.
M M Waseem Iqbal.  Cause: Unverified/unsanitized user input  Effect: the application runs unintended SQL code.  Attack is particularly effective if.
Introduction SQL Injection is a very old security attack. It first came into existence in the early 1990's ex: ”Hackers” movie hero does SQL Injection.
SQL INJECTION Diwakar Kumar Dinkar M.Tech, CS&E Roll Diwakar Kumar Dinkar M.Tech, CS&E Roll
Cosc 5/4765 Database security. Database Databases have moved from internal use only to externally accessible. –Organizations store vast quantities of.
Defense In Depth: Minimizing the Risk of SQL Injection
Database and Cloud Security
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Introduction to Dynamic Web Programming
Database Security and Authorization
SQL Injection.
Theodore Lawson CSCE548 Student Presentation, Topic #2
Unix System Administration
Introduction to SQL Server 2000 Security
Lecture 2 - SQL Injection
Database Intrusion Detection in Web Applications
Security - Forms Authentication
Presentation transcript:

Security Vulnerabilities and Their Impact upon Poirot Jun Lin Supervised by Dr. Jane Huang

Security Vulnerabilities and Their Impact upon Poirot Agenda  Project Description  Poirot Introduction  Security Issues  Rose-based Access Control  SQL Injection  Other Security Problems  Reference  Project Plan  Question & Answer

Security Vulnerabilities and Their Impact upon Poirot Project Description  Background This master project is a extended project of a larger project named Poirot. Poirot is an automated traceability tool that has been developed in the RE research center. Poirot will be open-sourced in the Summer, and has already been requested by organizations such as Motorola and Siemens. Security issues are therefore important to address.

Security Vulnerabilities and Their Impact upon Poirot Project Description  Objectives To analyze security issues related to Poirot. Those issues specifically include Role-based access control, SQL injection, and other typical types of security problems. The work will involve a full evaluation of Poirot in respect to common security failures.

Security Vulnerabilities and Their Impact upon Poirot Poirot Instroduction  Poirot Is an enterprise level automated traceability tool Web based application Distributed system Use database to store traceable data

Security Vulnerabilities and Their Impact upon Poirot Poirot Instroduction  Architecture Web Brower Poirot Server Traceable Data Artifacts (XML) Broker Artifacts In case tool MR Service MR Adapter

Security Vulnerabilities and Their Impact upon Poirot Security Issues  Web Brower Poirot Server Traceable Data Artifacts (XML) Broker Artifacts In case tool MR Service MR Adapter SQL InjectionUnauthenticated access Sensitive data Disclosure, Integrity Threat Data integrity

Security Vulnerabilities and Their Impact upon Poirot Security Issues S1: Security S2: Only authorized access to project artifacts. S3: Secure communication S4: Minimize system vulnerabilities S5: Role based access control S7: Encrypt all comm- unication S8: Prevent dangerous characters from being passed to SQL queries from free text. S9: Limit system access to approved IP addresses S6: Screens timeout after 15 minutes of inactivity

Security Vulnerabilities and Their Impact upon Poirot Rose-Based Access Control  Access Control Models Discretionary Access Control (DAC) Mandatory Access Control (MAC) Task-Based Access Control (TBAC) Object-Based Access Control (OBAC) Role-Based Access Control (RBAC)

Security Vulnerabilities and Their Impact upon Poirot Rose-Based Access Control  Advantages Natively fits to Poirot Simplifies authorization administration by assigning permissions to users through roles Can easily handle large numbers of users Confirms with job positions within organization, hence promotes usability.

Security Vulnerabilities and Their Impact upon Poirot Rose-Based Access Control  Model Permission User Role Session Permission assignment User assignment Role hierarchy 1 n n m

Security Vulnerabilities and Their Impact upon Poirot Rose-Based Access Control  Permission System System configuration Projects Project Configuration Artifacts Read Write More…

Security Vulnerabilities and Their Impact upon Poirot Rose-Based Access Control  Role System Administrator Project Manager Common User ArchitectProgrammerQA … V V

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  "SQL Injection" is subset of the an unverified/insanities user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application to run SQL code that was not intended.

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Attack Intent Identifying injectable parameters Performing database finger-printing Determining database schema Extracting data Adding or modifying data Performing denial of service Evading detection Bypassing authentication Executing remote commands

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Example Html  URL  input]

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Example SQL & Code  SELECT count(*) as count FROM table WHERE field = ‘[user input]'  Granted = count > 1 ? True : False  How about: user input = whatever’ or ‘1’ = ‘1 ?  The SQL becomes: SELECT count(*) as count FROM table WHERE field = ‘whatever’ or ‘1’ = ‘1’  Result: once the table has records, the Granted will always be true.

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Example User input = whatever’; drop table –- User input = whatever’; xp_cmdshell(…) --

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  SQL Injection Types Tautologies Illegal/Logically Incorrect Queries Union Query Piggy Backed Queries Stored Procedures Inference Alternate Encodings

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Tautologies Intent  Bypassing authentication, extracting data. Example  SELECT accounts FROM users WHERE login=’’ or 1=1 -- AND pass=’’

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Illegal/Logically Incorrect Queries Intent  Identifying injectable parameters, performing database finger-printing. Example  SELECT accounts FROM users WHERE login=’’ AND 1 = convert (int,(select top 1 name from sysobjects where xtype=’u’)) -- AND pass=’’  Shown Error: ”Microsoft OLE DB Provider for SQL Server (0x80040E07) Error converting nvarchar value ’CreditCards’ to a column of data type int.”

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Stored Procedures Intent  performing denial of service, executing remote commands... Example  SELECT accounts FROM users WHERE login=’admin’; SHUTDOWN; -- AND pass=’’

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Alternate Encodings Intent  Evading detection Example  SELECT accounts FROM users WHERE login=’legalUser’; exec(char(0x f776e)) -- AND pass=’’  legalUser == char(0x f776e)

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Prevention Sanitize the input Escape the input Limit database permissions and segregate users Use stored procedures for database access Configure error reporting Using tools

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Second-Order SQL Injection Assume that single quote has been handled  Replace(“ ’ ”, “ ’’ ”) Attacker add a new account:  Username : admin‘ –-  Password : password Insert SQL:  insert into users values(123,’admin’’ – - ’,’password’)

Security Vulnerabilities and Their Impact upon Poirot SQL Injection  Second-Order SQL Injection Attacker update password  Sql = “update users set password = '" + newpassword + "' where username = '" + rs.getString("username") + "'"  update users set password = 'password' where username='admin‘ -- ‘  What happen?

Security Vulnerabilities and Their Impact upon Poirot Other Security Problems   Web Brower Poirot Server Traceable Data Artifacts (XML) Broker Artifacts In case tool MR Service MR Adapter Unauthenticated access Sensitive data Data integrity

Security Vulnerabilities and Their Impact upon Poirot Reference  Poirot: TraceMaker: A Tool for Dynamically Retrieving Traceability Links, Xuchang Zou, Chuan Duan, Raffaella Settimi, Jane Cleland-Huang.  An Extensible Architecture for Enterprise-wide Automated Requirements Traceability, Jun Lin, Chan Chou Lin, Joseph Amaya, Massimo Illario, Jane Cleland-Huang,CTIRS,  Building Secure Software: How to Avoid Security Problems the Right Way, John Viega, Gary McGraw, Addison-Wesley  The Twenty Most Critical Internet Security Vulnerabilities (Updated) ~ The Experts Consensus, Version 6.01 November 28, 2005 Copyright (C) 2005, SANS Institute,  A Classification of SQL Injection Attacks and Countermeasures, William G.J. Halfond, Jeremy Viegas, and Alessandro Orso  SQL Injection Attacks by Example, Steve Friedl,

Security Vulnerabilities and Their Impact upon Poirot Project Plan  Phase 1: Analysis Initially research into Role-based access control and SQL injection, 05/29/2006 Make initial presentation, 06/02/2006 Further research into Role-based access control, SQL injection, and other typical types of security problems, 06/30/2006  Phase 2: Implementation Design: Class diagrams and sequence diagrams, 07/08/2006 Coding and unit testing, 08/05/2006 Integration testing, 08/10/2006  Phase 3: Documentation Write developer Instruction, 08/13/2006 Prepare final presentation, 08/15/2006  Completion: 08/15/2006

Security Vulnerabilities and Their Impact upon Poirot Question?

Security Vulnerabilities and Their Impact upon Poirot Thanks

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.