Software Development Security Flashcards
System Development Life Cycle
5 steps
Initiate
Acquire / Develop
Implement
Operate / Maintain
Dispose / Decommission
Software Testing and Validation
Verification Testing
Validation Testing
Verification Testing - Determines whether original design specifications have been met
Validation Testing - higher level view - determines whether original purpose of software has been achieved
Software Testing and Validation
Integration Testing
Acceptance Testing
Regression Testing
Integration Testing
Assesses way that modules work together. Determines if functional and security specs have been met
Acceptance Testing
Ensures customer is satisfied with functionality of software
Regression Testing
Occurs after changes made to the code to ensure they haven’t reduced functionality or security
Software Development Security Best Practices
4 Organizations
WASC
Web Application Security Consortium
OWASP
Open Web Application Security Project
BSI (a DHS initiative)
Build Security In initiative
IEC
International Electro technical Commission
WASC
provides best practices for web based applications
OWASP
monitors attacks, specifically web attacks
BSI
promotes process-agnostic approach to make security recommendations for architectures, methods, code reviews, management processes
IEC
created 27034 standard, part of ISO/IEC 27000 series. These provide guidance for integrating security into development and maintenance of software applications
Software Development Methods
Build and Fix Approach
Build and Fix
used in the past, has been discredited. Now used as a model to avoid
build version, keep modifying until user is satisfied
Software Development Methods
Waterfall Model
Waterfall model
Break process into individual steps and completely fulfill one before moving to the next.
Idea - Analysis - Design - Development - Test - Release
not many iterations between the steps
Doesn’t allow for change until the project is complete. Ok for small projects where requirements are completely understood, but dangerous for large projects.
Software Development Methods
V-Shaped Model
(Section 7, Lecture 70 for diagram)
V-Shaped Model
As you go through steps of defining requirements, you validate them.
Each of these steps is verified:
System Requirements - Diagram - Software Requirements - Software Architecture - Software Detail Design - Software Code.
Rigid, like the waterfall, doesn’t allow for much flexibility, adapting to change is difficult.
Software Development Methods
Prototyping
Rapid
Evolutionary
Operational
Use sample code to explore specific approach to solving a problem before extensive time and cost have been invested
Rapid - discarded after use
Evolutionary - created and improved upon in a lab
Operational - developed and improved in production
Software Development Methods
Incremental Model
Requirements - Design - Implement, then repeat, constantly returning to requirements and design
similar to a multi-waterfall.
Each incremental phase results in an operational deliverable
customer can respond to each build and help development team improve
Good for getting customer basic functionality quickly
Software Development Methods
Spiral Model
Start at the center and spiral out in a circle
Determine Objectives
Identify and Resolve Risks
Develop and Test
Plan Next Iteration
Each prototype allows new requirements to be addressed. Risk analysis ensures all issues are reviewed and analyzed so things don’t slip through the cracks
Software Development Methods
RAD (Rapid Application Development)
Agile
RAD
Combines prototyping and iterative procedures to accelerate the development process
less time spent upfront, emphasis is on rapidly producing prototypes so crucial knowledge can be gained through trial and error
It was created because by the time software was fully developed with other models, the requirements had changed and developers had to start over.
Build -> Demonstrate -> Refine -> repeat
Software Development Methods
Cleanroom Model
JAD (Joint Analyses Development)
aka (Joint Application Development)
Cleanroom
strict, formal steps and structured method. Attempts to prevent errors through extensive testing
JAD
uses team approach and workshops to agree on requirements and resolve differences
Software Development Methods
Traditional vs RAD model comparison
Traditional has discrete steps
RAD has quick analysis and design, then prototyping. Continue that until you get a good implementation
Software Development Methods
Agile vs Waterfall methods
Waterfall goes through each step before moving to the next, no returning to previous steps
Agile can jump back to earlier steps
Software Development Methods
Capability Maturity Model Integration
Level 1 - initial - reacting
Level 2 - managed - processes started but reacting
Level 3 - defined - projects tailored from std processes
Level 4 - quantitatively managed - measured processes
Level 5 - optimizing - process improvement
Programming Languages
Machine
Assembly
High-Level
Very-High-Level
Natural
Machine - deliver instructions directly to processor
Assembly - uses symbols or mnemonics to represent sections of binary code
High-Level - uses abstract statements (if then else) and are processor independent
Very High - abstract algorithms that hide some complexity from the programmer
Natural - use these to create software that can solve problems on its own, instead of needing a programmer
Object Oriented Programming
Modularity
Definition
Reusability
Maps
modularity in design through autonomous objects
definition of internal components without impacting other parts of system
reusability of components
readily maps to business needs
Programming Concepts
Polymorphism
Cohesion
Coupling
Data Structure
Polymorphism - capability of different objects with a common name to react to same message or input with a different output
cohesion - how many different tasks a model can carry out
Coupling - how much interaction one module requires from another to do its job
Data Structure - logical relationship between elements of data
Distributed Object Oriented Systems
CORBA
Common Object Request Broker Architecture
COM
Component Object Model
CORBA
open object oriented standard developed by Object Management Group (OMG). Uses Object Request Broker (ORB) to implement exchanges among objects in a heterogenous distributed environment
COM
model for communication between processes on the same computer
Distributed Object Oriented Systems
DCOM
Distributed Component Object Model
OLE
Object Linking and Embedding
Java EE
Java Enterprise Edition
SOA
Service Oriented Architecture
DCOM
model for communicating between processes in different parts of the network
OLE
method for sharing objects on local computer that uses COM as its foundation
Java EE
a DCOM that relies on Java
SOA
operates on theory of providing web-based communication without each application needing redundant code to be written per application
Mobile Code
definition and two examples
Transferred across network, executed on remote system or device
Java applet
ActiveX
Database Architecture and Models
3 Models
Relational
Hierarchical
Network
Relational
Uses attributes and tuples (columns, rows) to organize data in two dimensional tables. Each cell where attribute and tuple intersect, is a record
Hierarchical
Data organized into hierarchy. An object can have one child, multiple children or none. Children are objects that are subsets of the parent
Network
Like hierarchical, data organized into hierarchy but the objects can have multiple parents
Database Architecture and Models
Object Oriented Model
Object Relational Model
Object Oriented
Has capability to handle variety of data types, more dynamic than relational
Object Relational
Marriage of Object Oriented and Relational Models. A relational database with a software interface written in an OOP language
Database Interface Languages
Open Database Connectivity (ODBC)
Java Database Connectivity (JDBC)
XML
Object Linking and Embedding Database (OLE DB)
ODBC - API that allows communication with databases locally or remotely
JDBC - allows Java applications to communicate with database
XML - DB API allows XML applications to interact with more traditional databases like relational ones
OLE DB - replaces ODBC extending its functionality to non-relational databases
Data Warehouses and Data Mining
Data Warehousing
Data Mining
Data Warehousing
combines data from multiple databases in a central location called a warehouse, where you perform analysis
Data Mining
using special tools to organize data into a format that lets you make business decisions from the content
Database Threats
Aggregation
Inference
Aggregation - combining information, particularly from lower levels that let you learn about higher levels
Inference - piecing information together
If a user doesn’t have access to a set certain objects but does have access to some of them individually, they can piece that data together and learn something they don’t have access to
Database and Application Access Control
Content-Dependent access control
Context-Dependent access control
Content-Dependent access control
bases access on sensitivity of data. Cost of this is an increased processing overhead. Example - department manager knows salaries of those in his department but not others.
Context-Dependent access control
bases access on multiple factors to prevent inference. Can be function of factors like location, time of data, previous access history
Database and Application Access Control
Content-Dependent access control
Context-Dependent access control
Content-Dependent access control
bases access on sensitivity of data. Cost of this is an increased processing overhead. Example - department manager knows salaries of those in his department but not others.
Context-Dependent access control
bases access on multiple factors to prevent inference. Can be function of factors like location, time of data, previous access history
Database and Application Access Control
Database Views
Database Locks
PolyInstallation
Database View
given set of data user can see whey access database
Database Lock
Prevents multiple users from editing the same data until the first user finishes
PolyInstallation
Process to prevent data inference violations. Enables a relation to contain multiple tuples (rows) with same primary keys with each instance distinguished by a security level. It prevents users from inferring existence of higher level data
Monitoring for Problems
Online Transaction Processing (OLTP) System
OLTP is used to monitor for problems like processes that stop working.
Monitoring for Problems
ACID test for OLTP ensures that each transaction has 4 properties before it is committed
Atomicity
Consistency
Isolation
Durability
Atomicity - either all operations are complete or the database changes are rolled back
Consistency - transaction follows integrity process that ensures data is consistent in all places where it exists
Isolation - Transaction doesn’t interact with other transactions until it’s complete
Durability - After it’s verified, transaction is committed and cannot be rolled back
Knowledge Based Systems
Use AI to emulate human logic
Use rules-based programming to determine reactions through if-then statements and inference engine to match patterns and facts
Software Threats and Security
Virus Types
Boot Sector Parasitic Stealth Polymorphic Macro Multipartite
multipartite - has multiple characterisitcs
Software Threats and Security
Worms
Trojan Horse
Logic Bomb
Spyware / Adware
Worms - spread without user intervention
Trojan Horse - program that says it will do one thing, but does another
Logic Bomb - executes when certain event occurs
Spyware / Adware - tracks you to tailor ads and spam
Software Threats and Security
Botnet
Network of computers that have been taken over by hacker.
Software Threats and Security
Rootkit
Can install a backdoor
remote all entries from security logs (log scrubbing)
replace default tools with compromised versions (trojans)
Can change OS
Software Threats and Security
Buffer Overflow
Escalation of Privileges
Backdoor
Buffer Overflow
Occurs when too much data accepted into a process. Can cause an error event where commands can be executed
Escalation of Privileges
Exploiting a bug or vulnerability to allow a user to receive privileges he isn’t entitled to
Backdoor
software installed by hacker that lets them return later without going through normal authentication process
Software Threats and Security
Malware Protection
Antivirtus
Antimalware
Security Policies
One of the best ways is to include standards of safe internet use to your policies. Also training.
Software Threats and Security
Software Security Effectiveness
certification
accreditation
Certification - process of evaluating software for its security effectiveness for the customers needs. Ratings can be a part of this.
Accreditation - formal acceptance of adequacy of a system’s overall security by the management
Agile methodology
emphasis on continuous feedback and cross-functional teamwork
Don’t use prototypes, they break product down into individual features that are constantly being delivered
Agile methodologies often use “User Stories” - a sentence that describes what the user wants and why. “As I customer I want to xxx so that yyy”
Lets you take parts of all SDLC models and combine them to meet unique project needs
Scrum methodology
Widely adopted Agile methodology. Good for projects of any size, very lean and customer-focused
Allows project to be reset by allowing features to be added, changed, removed at defined points (“scrums” in rugby). Customer is closely involved, so no surprises
change points happen at end of each “sprint” a typically 2-week interval
Extreme Programming
Constant code reviewing. Only minimum amount of coding is used. Reduces errors and complexity
Kanban methodology
wall of columns: Planned, In Progress, Done
Helps teams react to changing or unknown requirements, like all Agile models
production scheduling system from Toyota
Capabilities Maturity Model Integration
5 maturity levels
Guidelines for developing software and products.
5 maturity levels, each builds on the previous one
- Initial
- Repeatable
- Defined
- Managed
- Optimizing
