Secure Software Development

Question 1

What are the stages of the software development process?

Answer 1

1. Requirements
2. Design
3. Implementation
4. Testing and Assurance

Question 2

How does security fit into the requirements phase?

Answer 2

Security requirements (relating to CIA)
Abuse cases (how system can be misused)
Architectural risk analysis (identifies flaws and associated risks, and involves threat modelling)

Question 3

How does security fit into the design phase?

Answer 3

Architectural risk analysis, security-oriented design

Question 4

How does security fit into the implementation phase?

Answer 4

Security-oriented design (implementation based on design, ensuring security requirements are met)
Code review (use tools to assess bugs, vulnerabilities and flaws)

Question 5

How does security fit into the testing/assurance phase?

Answer 5

Risk-based security tests, penetration testing

Question 6

What is Leslie Lamport’s Gold Standard?

Answer 6

Defines mechanisms provided by a system to enforce its requirements, includes
1. Authentication (verifying someone is who they claim to be)
2. Authorisation (granting access right in relation to verified identity)
3. Audit (logging and monitoring activities of a system)

Question 7

What are the capabilities in the threat model for network user?

Answer 7

Can connect to a service via the network
- Measure the size and timing of requests and responses
- Run parallel sessions
- Provide malformed input, malformed messages
- Drop or send extra messages
SQL Injection, XSS, buffer overrun/ROP payloads, CSRF

Question 8

What are the capabilities in the threat model for snooping user?

Answer 8

User on the same network as other users of some service
- Read/measure other’s messages
- Intercept, duplicate and modify messages
Session hijacking, privacy violating side channel attack, denial of service

Question 9

What are the capabilities in the threat model for co-located user?

Answer 9

User on the same machine as other users of some service
- Read/write users files and memory
- Snoop on key presses and other events
- Read/write the users display
Password theft

Question 10

What are the practical security design principles?

Answer 10

Favour simplicity(use fail safe defaults and don’t expect expert users)
Trust with reluctance (employ small, trusted computing base, grant least privilege, promote privacy, compartmentalise)
Defend in depth (use community resources, avoid security by obscurity)
Monitor and trace (detect and understand an attack and its sources)

Question 11

What are the categories of protection from security flaws?

Answer 11

Prevention (eliminate software defects by preventing them from happening)
Mitigation (reduce harm from the exploitation of unknown defects)
Detection/recovery (identify and understand an attack, and undo damage)