Topic 11B Flashcards
Cloud an web Application Security concepts
Input validation
is an essential protection technique used in software and web development that addresses the issue of untrusted input.
Untrusted input describes how an attacker can provide specially crafted data to an application to manipulate its behavior.
Injection attacks exploit the input mechanisms
Allowlisting
This method only permits inputs that match a predetermined and approved set of values or patterns.
Blocklisting
This approach explicitly blocks known harmful inputs, such as certain special characters or patterns commonly used in attacks
Data Type Checks
These checks ensure the input data is of the expected type, such as a string, integer, or date.
Range Checks
These validate that numeric inputs fall within expected ranges.
Regular Expressions
Also known as regex, these are used to match input to expected patterns or signs of malicious activity.
Encoding
This helps to safely and reliably prevent special characters in input from being interpreted as executable commands or scripts.
Cookies
small pieces of data stored on a computer by a web browser while accessing a website. They maintain session states, remember user preferences, and track user behavior and other settings
To secure cookies:
developers must follow certain well-documented principles, such as using the ‘Secure’ attribute for all cookies to ensure they are only sent over HTTPS connections and protected from interception via eavesdropping,
using the ‘HttpOnly’ attribute to prevent client-side scripts from accessing cookies and protect against cross-site scripting attacks,
using the ‘SameSite’ attribute to limit when cookies are sent to mitigate cross-site request forgery attacks.
Cookies should expire
Static code analysis
scrutinizing source code to identify potential vulnerabilities, errors, and noncompliant coding practices before the program is finalized.
Code signing
use digital signatures to verify the integrity and authenticity of software code. ;
Code signing serves a dual purpose: ensuring that software has not been tampered with since signing and confirming the software publisher’s identity.
provides assurance about the origin of code and verifies code integrity, it does not inherently assure the safety or security of the code itself.
Data exposure
is a fault that allows privileged information (such as a token, password, or personal data) to be read without being subject to the appropriate access controls.
errors and exceptions
This means that the application performs in a controlled way when something unpredictable happens.
An error or exception could be caused by invalid user input, a loss of network connectivity, another server or process failing, and so on.
structured exception handler (SEH)
A mechanism to account for unexpected error conditions that might arise during code execution.
there should also be a catchall handler that will deal with the unexpected. The main goal must be for the application not to fail in a way that allows the attacker to execute code or perform some sort of injection attack
an application’s interpreter may default to a standard handler and display default error messages when something goes wrong. These may reveal platform information
Memory Management
arbitrary code attacks depend on the target application having faulty memory management procedures. This allows the attacker to execute their own code in the space marked out by the target application.
There are known unsecure practices for memory management that should be avoided and checks for processing untrusted input, such as strings, to ensure that it cannot overwrite areas of memory.
