Download Lecture16 - The University of Texas at Dallas

Applications Development Security
Dr. Bhavani Thuraisingham
The University of Texas at Dallas (UTD)
July 2011
Domain Agenda
• System Lifecycle Security
• Applications Security Issues
• Database Security
Secure Systems Development Policies
• Organizations require more secure development
• Security climate has changes
Organizational Standards
• Systems Security Engineering-Compatibility Maturity Model
Integration (SSE-CMMI)
• Web Application Security Consortium (WASC)
• Build Security in (BSI)
• International Organization for Standardization (ISO)/ International
Electro-Technical Commission (IEC 27034)
Software Configuration Management
(SCM)
•
•
•
•
Versioning
Technologist
Protection of code
Protection of project
– Scope-creep Vs. Statement of work
• Process integrity
System Lifecycle
•
•
•
•
Project
Management-based methodology
Capability maturity model integration
SLC vs. SDLC
– System lifecycle
– System development lifecycle
Project Management Controls
• Complexity of systems and projects
• Controls built into software
Secure Development Environment
•
•
•
•
•
•
“We need security? Then we’ll use SSL.”
“We need strong authentication? PKI will solve all our problems.”
“We use a secret/military-grad encryption.”
“We had a hacking contest and no one broke it.”
“We have an excellent firewall.”
“We’ll add it later; let’s have the features first.”
Secure Development: Physical
• Protect source code
–
–
–
–
From tampering
Pirating
Accidental loss
Protection against attacks
Personnel Security
• Hiring controls
• Changes in employment
• Protection of privacy from employees
– Privacy impact rating
Separation of Test Data
from Production
• Never test on a production system
• Never use real data
Software Development Methods
•
•
•
•
Waterfall
Spiral method
Clean-room
Structured Programming
Development
• Iterative development
• Joint analysis development
• Prototyping
Software Development Methods (cont.)
• Modified prototype model
• Exploratory model
• Rapid application
development
• Reuse model
• Computer aided software
engineering
• Component-based
development
• Extreme programming
• Agile development
Programming Language Examples
Interpreted
•
•
•
•
•
REXX
PostScript
Perl
Ruby
Python
Compiled
•
•
•
•
•
•
•
•
•
•
Fortran
COBOL
BASIC
Pascal
C
Ada
C++
Java
C#
Visual Basic
Program Utilities
• Assembler
• Compiler
• Interpreter
Secure Coding Issues
•
•
•
•
•
•
•
•
•
Buffer overflow
SQL injections
Cross-site scripting XSS
Dangling pointer
Invalid hyperlink
Secure web applications
JavaScript attacks vs. sandbox
Application Programming Interface (API)
Open Source
Application Security Principles
•
•
•
•
•
•
Validate all input and output
Fail secure (closed)
Fail safe
Make it simple
Defense in depth
Only as secure as your weakest link
Object-oriented Programming
• OOP concepts
–
–
–
–
–
–
Classes
Objects
Message
Inheritance
Polymorphism
Polyinstantiation
Domain Agenda
• System Lifecycle Security
• Applications Security Issues
• Database Security
Applications Security Issues
• Building security in
• Adding defense-in-depth
Transaction Processing
• Transaction
– Integrity
– Availability
– Confidentiality
Malware and Attack Types
•
•
•
•
•
•
•
•
•
•
Injection
Input manipulation / malicious file execution
Brouthentication management
Cryptographic
Denial of service
Hijacking
Information disclosure
Infrastructure
Mis-configuration
Race condition
Malware
•
•
•
•
•
•
•
•
•
Keystroke logging
Adware and spyware
SPAM
Phishing
Botnets
Remote access Trojan
URL manipulation
Maintenance hooks
Privileged programs
Distributed Programming
•
•
•
•
Distributed Component Object Model (DCOM)
Simple Object Access Protocol (SOAP)
Common Object-Request Broker Architecture (CORBA)
Enterprise Java Beans (EJB)
Domain Agenda
• System Lifecycle Security
• Applications Security Issues
• Database Security
Database Security
• Database and data warehousing environment
– Eliminate duplication of data
– Consistency of data
– Network access
Database Management Systems
(DBMS) Models
• Hierarchical DBMS
–
–
–
–
Stores records in a single table
Parent/child relationships
Limited to a single tree
Difficult to link branches
Relational DBMS Model
•
•
•
•
Most frequently used model
Data are structured in tables
Columns are “variables” (attributes)
Rows contain the specific instances (records) or data
Data Warehouse
• Consolidated view of enterprise data
• Data mart
• Designed to support decision making through data mining
Knowledge Discovery in Databases (KDD)
• Methods of identifying patterns in data
• KDD and AI techniques
–
–
–
–
–
–
–
Probabilistic models
Statistical approach
Classification approach
Deviation and trend analysis
Neural networks
Expert system approach
Hybrid approach
Database Security Issues
•
•
•
•
•
Inference
Aggregation
Unauthorized access
Improper modification of data
Metadata
•
•
•
•
•
•
•
Query attacks
Bypass attacks
Interception of data
Web security
Data contamination
Polyinstantiation
Data mining
Database Controls
•
•
•
•
•
Access controls
Grants
Cascading permissions
Lock controls
Backup and recovery
View-based Access Controls
• Constrained views
• Sensitive data is hidden from unauthorized users
• Controls located in the front-end application (user interface)
Transaction Controls
•
•
•
•
•
•
Content-based access control
Commit statement
Three-phase commit
Database rollback
Journal / logs
Error controls
The ACID Test
•
•
•
•
Atomicity
Consistency
Isolation
Durability
Application and Database Languages:
Security Issues
•
•
•
•
•
Poorly designed
More privileges than necessary
DBA account use
Lack of audit
Input validation
Database Interface Languages
•
•
•
•
•
Structured Query Language (SQL)
Open Database Connectivity (ODBC)
Extensible Markup Language (XML)
Object Linking and Embedding (OLE)
Active X Data Object (ADO)