SlideShare ist ein Scribd-Unternehmen logo

Computer security design principles

Als PPT, PDF herunterladen
S
Shaishav Dahal

Design Principles and Common Security Related Programming Problems

Technologie
1 von 22
Design Principles and Common Security Related Programming Problems
Agenda • Design Principles • Common Security Related Programming Problems
Design Principles • Principle Of Least Privilege – This principle restricts how privileges are granted – This principle state that “a subject should b given only those privilege that it need in order to complete its task • Principle of Fail-Safe Defaults – Restricts how privileges are initialized when a subject or object is created. – States that, unless a subject is given explicit access to an object, it should be denied access to that object. – This principle requires that the default access to an object is none
Design Principles • Principle of Economy of Mechanism – Simplifies the design and implementation of security mechanisms. – State that security mechanisms should be as simple as possible • Principle of complete mediation – Requires that all accesses to be checked to ensure that they are allowed. – All access level should be checked not only the first one in order to grant permission
Design Principles • Principle of Open Design – This principle suggests that complexity does not add security. – State that the security of a mechanism should not depend on the secrecy of its design or implementation to ensure security. • Principle of Separation of Privilege – This principle is restrictive because it limits access to system entities. – States that a system should not grant permission based on a single condition.
Design Principles • Principle of Least Common Mechanism – This principle is restrictive because it limits sharing – States that the mechanisms used to access resources should not be shared. • Principle of Psychological Acceptability – This principle recognizes the human elements in computer security – States that security mechanism should not make the resources more difficult to access than if there is no security mechanisms were not present.
Common Security Related Programming Problems • A) Improper Choice of Initial Protection Domain – Flaws arise from incorrect setting of permissions or privileges – 1) Process Privileges • The principle of least privilege dictates that no process have more privileges than it needs to complete its task, but the process must have enough privileges to complete its task successfully • Implementation Rule 1 – Structure the process so that all sections requiring extra privileges are modules. The modules should be as small as possible and should perform only those tasks that require those privileges • Management Rule 1 – Check that the process privileges are set properly.
Common Security Related Programming Problems – 2) Access Control File Permissions. • Biba’s model emphasize that the integrity of the process relies on both the integrity of the program and integrity of the access control file. • Verifying the integrity of the access control file is critical, because that file controls the access to role accounts. • Management Rule 2 – The program that is executed to create the process, and all associated control files, must be protected from unauthorized use and modification. Any such modification must be detected. • Implementation Rule 2 – Ensure that any assumptions in the program are validated. If it is not possible, document them for the installer and maintainers, so they know the assumptions that attackers will try to invalidate.
Common Security Related Programming Problems – 3) Memory Protection • Consider sharing memory. If two subjects can alter the contents of memory, then one could change data on which the second relies. This sharing poses a security problem because the modifying process can alter variables that control the action of the other process. Each process should have a protected, unshared memory space. • Implementation Rule 3 – Ensure that the program does not share objects in memory with any other program, and that other programs cannot access the memory of a privileged. • Management Rule 3 – Configure memory to enforce the principle of least privilege. – If a section of memory is not contain executable instructions, turn execute permission off for that section of memory. If the contents of a section of memory are not be altered make that section read-only.
Common Security Related Programming Problems – 4) Trust in the System • The program relies on the system authentication mechanisms to authenticate the user and on the user information database to map user and roles into their corresponding UIDs. • It also relies on the inability of ordinary users to alter the system clock. • Implementation Rule 4 – Identify all systems components on which the program depends. Check for errors whenever possible, and identify those components for which error checking will not work.
Common Security Related Programming Problems • B) Improper Isolation of Implementation Detail – This problem arises when an abstraction is improperly mapped into an implementation detail • Implementation Rule 4 – The error status of every function must be checked. Do not try to recover unless the cause of the error, and its effects, do not affect any security consideration. The program should restore the state of the system to the state before the process began, and then terminate.
Common Security Related Programming Problems – 1)Resource Exhaustion and User Identifiers • The designers and implementers decided to have the program fail if, for any reason, the query failed. This application of the principle of fail-safe defaults ensured that in case of error, the users would not get access to the role account. – 2) Validating the Access Control Entries • The expression of the access control information is therefore the result of mapping an abstraction to an implementation. • The question is whether or not the given access control information correctly implements the policy. – 3) Restricting the Protection Domain of the Role Process
Common Security Related Programming Problems • C) Improper Changes – This category describes data and instructions that change over time. The danger is that the changed values may be inconsistent with the previous values. – 1) Memory • Any process that can access shared memory can manipulate data in the memory. Unless all processes that can access the shared memory implementation a concurrent protocol for managing changes one process can change data on which a second process relies • This could cause the second process to violate the security policy.
Common Security Related Programming Problems • Implementation Rule 5 – If a process interacts with other processes, the interactions should be synchronized. In particular, all possible sequences of interactions must be known and for all such interactions, the process must enforce the required security policy. • Implementation Rule 6 – Asynchronous exception handlers should not alter any variables excepts those that are local to the exception handling module. – Exception handler should block all the exception • Implementation Rule 7 – Data that the process trusts and the data that it receives from un-trusted sources should be kept in separate areas of memory
Common Security Related Programming Problems • D) Improper Naming – A It refers to an ambiguity in identifying an object – If two different objects have the same name. – The programmer intends the name to refer to one of the objects, but an attacker manipulates the environment and the process so that the name refers to a different object. – Management Rule 5 • Unique objects require unique names. Interchangeable objects may share a name. – Implementation Rule 9 • The process must ensure that the context in which an object is named identifies the correct object.
Common Security Related Programming Problems • E) Improper Deallocation or Deletion – Failing to delete sensitive information raises the possibility of another process seeing that data at a later time. – Cryptographic keywords, passwords and other authentication information should be discarded once they have been used. – As a consequence of not deleting sensitive information is that dumps of memory, which may occur if the program receives an exception or crashes for some other reason. – Implementation Rule 10 • When the process finishes using a sensitive object, the object should be erased, the de-allocated or deleted. Any resources not needed should also be released.
Common Security Related Programming Problems • F) Improper Validation – This problem arises when data is not checked for consistency and correctness. – The process can check correctness only by looking for error codes or by looking for patently incorrect values. – 1) Bounds Checking • Errors of validation often occur when data is supposed to lie within bounds. • Implementation Rule 11 – Ensure that all array references access existing elements of the array. If a function that manipulates arrays cannot ensure that only valid elements are referenced, do not use that function. Find one that does, write a new version, or create a wrapper.
Common Security Related Programming Problems – 2)Type Checking • Failure to check types in another common validation problem. • Implementation Rule 12 – Check the type of function and parameters. • Management Rule 6 – When compiling programs, ensure that the compiler flags report inconsistencies in types. Investigate all such warnings an either fix the problem or document the warning and why it is spurious. – 3) Error Checking • Third common problem involving improper validation is failure to check return values of function.
Common Security Related Programming Problems • Implementation Rule 13 – Check all function and procedure executions for errors. – 4) Checking for valid, not invalid data. • This principle requires that valid values be known and that all other values be rejected. Unfortunately, programmers often check for invalid data and assume that the rest is valid. • Implementation Rule 14 – Check that a variable's values are valid. • Management Rule 7 – If a trade-off between security and other factors results in a mechanism or procedure that can weaken security, document the reasons for the decision, the possible effects, and the situations in which the compromise method should be used.
Common Security Related Programming Problems – 5) Checking Input • All the data from the un-trusted sources must be checked • Implementation Rule 15 – Check all user input for both form and content. In particular, check integer for values that are too big or too small, and check character data for length and valid characters. (check that a variable’s values are valid.) – 6) Designing for validation • Sometimes data cannot be validated completely. • Implementation Rule 16 – Create data structure and function in such a way that they can be validated.
Common Security Related Programming Problems • G) Improper Indivisibility – It arises when an operation is considered as one unit in the abstract but is implemented as two unit. – Implementation Rule 17 • If two operations must be performed sequentially without an intervening operation, use a mechanism to ensure that the two cannot be divided. • H) Improper Sequencing – Means that operations are performed in an incorrect order. – Implementation Rule 18 – Describe the legal sequences of operations on a resource or object. Check that all possible sequence of the programs involved match one legal sequences
Common Security Related Programming Problems • J) Improper choice of operand or operation – Preventing errors of choosing the wrong operand or operation requires that the algorithms be thought through carefully. – Management Rule 8 • Use software engineering and assurance techniques to ensure that operations are operands are appropriate.

Empfohlen

Cryptography
CryptographyCryptography
CryptographyShivanand Arur
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography pptThushara92
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYJyothishmathi Institute of Technology and Science Karimnagar
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 

Empfohlen

Cryptography
CryptographyCryptography
CryptographyShivanand Arur
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Network security cryptography ppt
Network security cryptography pptNetwork security cryptography ppt
Network security cryptography pptThushara92
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYJyothishmathi Institute of Technology and Science Karimnagar
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Firewall ppt
Firewall pptFirewall ppt
Firewall pptOECLIB Odisha Electronics Control Library
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information securitySsendiSamuel
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
IP Security
IP SecurityIP Security
IP SecurityKeshab Nath
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
S/MIME
S/MIMES/MIME
S/MIMEmaria azam
 
Network security
Network securityNetwork security
Network securityGichelle Amon
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
Security Design Principles.ppt
Security Design Principles.ppt Security Design Principles.ppt
Security Design Principles.pptDrBasemMohamedElomda
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introductionDr.Florence Dayana
 
1 security goals
1 security goals1 security goals
1 security goalsdrewz lin
 
Chapter 11 laws and ethic information security
Chapter 11 laws and ethic information securityChapter 11 laws and ethic information security
Chapter 11 laws and ethic information securitySyaiful Ahdan
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1RAMESHBABU311293
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networksG Prachi
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric keyTriad Square InfoSec
 
Security policy
Security policySecurity policy
Security policyDhani Ahmad
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 
MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2Abi Reddy
 
Secure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of UsSecure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of UsEoin Woods
 

Weitere ähnliche Inhalte

Was ist angesagt?

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information securitySsendiSamuel
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and functionNisarg Amin
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 
1 security goals
1 security goals1 security goals
1 security goalsdrewz lin
 
Chapter 11 laws and ethic information security
Chapter 11 laws and ethic information securityChapter 11 laws and ethic information security
Chapter 11 laws and ethic information securitySyaiful Ahdan
 
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1RAMESHBABU311293
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networksG Prachi
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 

Was ist angesagt? (20)

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
101 Basic concepts of information security
101 Basic concepts of information security101 Basic concepts of information security
101 Basic concepts of information security
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
IP Security
IP SecurityIP Security
IP Security
 
Firewall and its types and function
Firewall and its types and functionFirewall and its types and function
Firewall and its types and function
 
S/MIME
S/MIMES/MIME
S/MIME
 
Network security
Network securityNetwork security
Network security
 
Security threats
Security threatsSecurity threats
Security threats
 
Security Design Principles.ppt
Security Design Principles.ppt Security Design Principles.ppt
Security Design Principles.ppt
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption Standard
 
Chapter- I introduction
Chapter- I introductionChapter- I introduction
Chapter- I introduction
 
1 security goals
1 security goals1 security goals
1 security goals
 
Chapter 11 laws and ethic information security
Chapter 11 laws and ethic information securityChapter 11 laws and ethic information security
Chapter 11 laws and ethic information security
 
Web Security
Web SecurityWeb Security
Web Security
 
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1CRYPTOGRAPHY & NETWORK SECURITY - unit 1
CRYPTOGRAPHY & NETWORK SECURITY - unit 1
 
Database security and security in networks
Database security and security in networksDatabase security and security in networks
Database security and security in networks
 
Symmetric and asymmetric key
Symmetric and asymmetric keySymmetric and asymmetric key
Symmetric and asymmetric key
 
Security policy
Security policySecurity policy
Security policy
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
 

Andere mochten auch

MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2Abi Reddy
 
Secure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of UsSecure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of UsEoin Woods
 
Pecha Kucha, How principles break rules
Pecha Kucha, How principles break rulesPecha Kucha, How principles break rules
Pecha Kucha, How principles break rulesHerman Kopinga
 
3 chapter three - designing a telecoms regulatory framework for converged m...
3 chapter three - designing a telecoms regulatory framework for converged m...3 chapter three - designing a telecoms regulatory framework for converged m...
3 chapter three - designing a telecoms regulatory framework for converged m...Jeremmy Okonjo
 
International Telecommunication Laws-PPT
International Telecommunication Laws-PPTInternational Telecommunication Laws-PPT
International Telecommunication Laws-PPTJayakar Bathula Jayakar
 
3 Telecom+Network Part1
3 Telecom+Network Part13 Telecom+Network Part1
3 Telecom+Network Part1Alfred Ouyang
 
modelingtools
modelingtoolsmodelingtools
modelingtoolslearnt
 
IS740 Chapter 06
IS740 Chapter 06IS740 Chapter 06
IS740 Chapter 06iDocs
 
Penetration Testing Execution Standard
Penetration Testing Execution StandardPenetration Testing Execution Standard
Penetration Testing Execution StandardIftach Ian Amit
 
Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11BarrBoy
 
Documentation for developers
Documentation for developersDocumentation for developers
Documentation for developersMichael Marotta
 
Ch 6 Logical D B Design
Ch 6 Logical D B DesignCh 6 Logical D B Design
Ch 6 Logical D B Designguest8fdbdd
 
Telecommunications Policies Standards and Regulations Notes
Telecommunications Policies Standards and Regulations NotesTelecommunications Policies Standards and Regulations Notes
Telecommunications Policies Standards and Regulations NotesHaris Hassan
 
Database Modeling Using Entity.. Weak And Strong Entity Types
Database Modeling Using Entity.. Weak And Strong Entity TypesDatabase Modeling Using Entity.. Weak And Strong Entity Types
Database Modeling Using Entity.. Weak And Strong Entity Typesaakanksha s
 
inductive and deductive method
inductive and deductive methodinductive and deductive method
inductive and deductive methodAiza delos Reyes
 

Andere mochten auch (20)

MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2MN691 Assignment 3 - Final Report 2
MN691 Assignment 3 - Final Report 2
 
Secure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of UsSecure by Design - Security Design Principles for the Rest of Us
Secure by Design - Security Design Principles for the Rest of Us
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - Security
 
Pecha Kucha, How principles break rules
Pecha Kucha, How principles break rulesPecha Kucha, How principles break rules
Pecha Kucha, How principles break rules
 
3 chapter three - designing a telecoms regulatory framework for converged m...
3 chapter three - designing a telecoms regulatory framework for converged m...3 chapter three - designing a telecoms regulatory framework for converged m...
3 chapter three - designing a telecoms regulatory framework for converged m...
 
International Telecommunication Laws-PPT
International Telecommunication Laws-PPTInternational Telecommunication Laws-PPT
International Telecommunication Laws-PPT
 
3 Telecom+Network Part1
3 Telecom+Network Part13 Telecom+Network Part1
3 Telecom+Network Part1
 
modelingtools
modelingtoolsmodelingtools
modelingtools
 
IS740 Chapter 06
IS740 Chapter 06IS740 Chapter 06
IS740 Chapter 06
 
Penetration Testing Execution Standard
Penetration Testing Execution StandardPenetration Testing Execution Standard
Penetration Testing Execution Standard
 
Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11
 
Documentation for developers
Documentation for developersDocumentation for developers
Documentation for developers
 
Deadlocks
Deadlocks Deadlocks
Deadlocks
 
Ch 6 Logical D B Design
Ch 6 Logical D B DesignCh 6 Logical D B Design
Ch 6 Logical D B Design
 
Telecommunications Policies Standards and Regulations Notes
Telecommunications Policies Standards and Regulations NotesTelecommunications Policies Standards and Regulations Notes
Telecommunications Policies Standards and Regulations Notes
 
Database Modeling Using Entity.. Weak And Strong Entity Types
Database Modeling Using Entity.. Weak And Strong Entity TypesDatabase Modeling Using Entity.. Weak And Strong Entity Types
Database Modeling Using Entity.. Weak And Strong Entity Types
 
Sad
SadSad
Sad
 
Penetration test
Penetration testPenetration test
Penetration test
 
Information Security and the SDLC
Information Security and the SDLCInformation Security and the SDLC
Information Security and the SDLC
 
inductive and deductive method
inductive and deductive methodinductive and deductive method
inductive and deductive method
 

Ähnlich wie Computer security design principles

Design principles and common security related programming principles
Design principles and common security related programming principlesDesign principles and common security related programming principles
Design principles and common security related programming principlesSaurav Aryal
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsKarthikeyan Dhayalan
 
Security Principles and Protection Mechanism
Security Principles and Protection MechanismSecurity Principles and Protection Mechanism
Security Principles and Protection MechanismMona Rajput
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptxPiyush Jain
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Fundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptxFundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptxKelvinDube4
 
IT6701 Information Management - Unit II
IT6701 Information Management - Unit II IT6701 Information Management - Unit II
IT6701 Information Management - Unit II pkaviya
 
Software devlopment security
Software devlopment securitySoftware devlopment security
Software devlopment securitySuraj Singh
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGSri Latha
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureKarthikeyan Dhayalan
 
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...vtunotesbysree
 
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, NokiaDeployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokiamfrancis
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 
cupdf.com_1-developing-safety-critical-systems-chapter-5-storey.ppt
cupdf.com_1-developing-safety-critical-systems-chapter-5-storey.pptcupdf.com_1-developing-safety-critical-systems-chapter-5-storey.ppt
cupdf.com_1-developing-safety-critical-systems-chapter-5-storey.pptYoussefElsamman
 
Gaurdrails for LLM applications
Gaurdrails for LLM applicationsGaurdrails for LLM applications
Gaurdrails for LLM applicationsBHANU A
 
UNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptx
UNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptxUNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptx
UNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptxSKILL2021
 

Ähnlich wie Computer security design principles (20)

Design principles and common security related programming principles
Design principles and common security related programming principlesDesign principles and common security related programming principles
Design principles and common security related programming principles
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
 
Security Principles and Protection Mechanism
Security Principles and Protection MechanismSecurity Principles and Protection Mechanism
Security Principles and Protection Mechanism
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
Fundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptxFundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptx
 
IT6701 Information Management - Unit II
IT6701 Information Management - Unit II IT6701 Information Management - Unit II
IT6701 Information Management - Unit II
 
Software devlopment security
Software devlopment securitySoftware devlopment security
Software devlopment security
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODING
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architecture
 
Lec # 1 chapter 2
Lec # 1 chapter 2Lec # 1 chapter 2
Lec # 1 chapter 2
 
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
 
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, NokiaDeployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
 
Testing
TestingTesting
Testing
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
 
cupdf.com_1-developing-safety-critical-systems-chapter-5-storey.ppt
cupdf.com_1-developing-safety-critical-systems-chapter-5-storey.pptcupdf.com_1-developing-safety-critical-systems-chapter-5-storey.ppt
cupdf.com_1-developing-safety-critical-systems-chapter-5-storey.ppt
 
Gaurdrails for LLM applications
Gaurdrails for LLM applicationsGaurdrails for LLM applications
Gaurdrails for LLM applications
 
4_5949547032388570388.ppt
4_5949547032388570388.ppt4_5949547032388570388.ppt
4_5949547032388570388.ppt
 
STE Unit-2.pptx
STE Unit-2.pptxSTE Unit-2.pptx
STE Unit-2.pptx
 
UNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptx
UNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptxUNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptx
UNIT 1C CHARACTERISTICS _ QUALITY ATT OF ES.pptx
 

Mehr von Shaishav Dahal

Orgnizational relation
Orgnizational relationOrgnizational relation
Orgnizational relationShaishav Dahal
 
The Information Economy
The Information EconomyThe Information Economy
The Information EconomyShaishav Dahal
 
The bell la padula model
The bell la padula modelThe bell la padula model
The bell la padula modelShaishav Dahal
 

Mehr von Shaishav Dahal (11)

Orgnizational relation
Orgnizational relationOrgnizational relation
Orgnizational relation
 
The Information Economy
The Information EconomyThe Information Economy
The Information Economy
 
Supply chain drivers
Supply chain driversSupply chain drivers
Supply chain drivers
 
Hrmsk
HrmskHrmsk
Hrmsk
 
Fuzzy logic
Fuzzy logicFuzzy logic
Fuzzy logic
 
Ecollage
EcollageEcollage
Ecollage
 
Chapter1 (1)
Chapter1 (1)Chapter1 (1)
Chapter1 (1)
 
Kritagya 3508
Kritagya 3508Kritagya 3508
Kritagya 3508
 
Sabby1
Sabby1Sabby1
Sabby1
 
Customer
CustomerCustomer
Customer
 
The bell la padula model
The bell la padula modelThe bell la padula model
The bell la padula model
 

Kürzlich hochgeladen

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Kürzlich hochgeladen (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Computer security design principles

  • 1. Design Principles and Common Security Related Programming Problems
  • 2. Agenda • Design Principles • Common Security Related Programming Problems
  • 3. Design Principles • Principle Of Least Privilege – This principle restricts how privileges are granted – This principle state that “a subject should b given only those privilege that it need in order to complete its task • Principle of Fail-Safe Defaults – Restricts how privileges are initialized when a subject or object is created. – States that, unless a subject is given explicit access to an object, it should be denied access to that object. – This principle requires that the default access to an object is none
  • 4. Design Principles • Principle of Economy of Mechanism – Simplifies the design and implementation of security mechanisms. – State that security mechanisms should be as simple as possible • Principle of complete mediation – Requires that all accesses to be checked to ensure that they are allowed. – All access level should be checked not only the first one in order to grant permission
  • 5. Design Principles • Principle of Open Design – This principle suggests that complexity does not add security. – State that the security of a mechanism should not depend on the secrecy of its design or implementation to ensure security. • Principle of Separation of Privilege – This principle is restrictive because it limits access to system entities. – States that a system should not grant permission based on a single condition.
  • 6. Design Principles • Principle of Least Common Mechanism – This principle is restrictive because it limits sharing – States that the mechanisms used to access resources should not be shared. • Principle of Psychological Acceptability – This principle recognizes the human elements in computer security – States that security mechanism should not make the resources more difficult to access than if there is no security mechanisms were not present.
  • 7. Common Security Related Programming Problems • A) Improper Choice of Initial Protection Domain – Flaws arise from incorrect setting of permissions or privileges – 1) Process Privileges • The principle of least privilege dictates that no process have more privileges than it needs to complete its task, but the process must have enough privileges to complete its task successfully • Implementation Rule 1 – Structure the process so that all sections requiring extra privileges are modules. The modules should be as small as possible and should perform only those tasks that require those privileges • Management Rule 1 – Check that the process privileges are set properly.
  • 8. Common Security Related Programming Problems – 2) Access Control File Permissions. • Biba’s model emphasize that the integrity of the process relies on both the integrity of the program and integrity of the access control file. • Verifying the integrity of the access control file is critical, because that file controls the access to role accounts. • Management Rule 2 – The program that is executed to create the process, and all associated control files, must be protected from unauthorized use and modification. Any such modification must be detected. • Implementation Rule 2 – Ensure that any assumptions in the program are validated. If it is not possible, document them for the installer and maintainers, so they know the assumptions that attackers will try to invalidate.
  • 9. Common Security Related Programming Problems – 3) Memory Protection • Consider sharing memory. If two subjects can alter the contents of memory, then one could change data on which the second relies. This sharing poses a security problem because the modifying process can alter variables that control the action of the other process. Each process should have a protected, unshared memory space. • Implementation Rule 3 – Ensure that the program does not share objects in memory with any other program, and that other programs cannot access the memory of a privileged. • Management Rule 3 – Configure memory to enforce the principle of least privilege. – If a section of memory is not contain executable instructions, turn execute permission off for that section of memory. If the contents of a section of memory are not be altered make that section read-only.
  • 10. Common Security Related Programming Problems – 4) Trust in the System • The program relies on the system authentication mechanisms to authenticate the user and on the user information database to map user and roles into their corresponding UIDs. • It also relies on the inability of ordinary users to alter the system clock. • Implementation Rule 4 – Identify all systems components on which the program depends. Check for errors whenever possible, and identify those components for which error checking will not work.
  • 11. Common Security Related Programming Problems • B) Improper Isolation of Implementation Detail – This problem arises when an abstraction is improperly mapped into an implementation detail • Implementation Rule 4 – The error status of every function must be checked. Do not try to recover unless the cause of the error, and its effects, do not affect any security consideration. The program should restore the state of the system to the state before the process began, and then terminate.
  • 12. Common Security Related Programming Problems – 1)Resource Exhaustion and User Identifiers • The designers and implementers decided to have the program fail if, for any reason, the query failed. This application of the principle of fail-safe defaults ensured that in case of error, the users would not get access to the role account. – 2) Validating the Access Control Entries • The expression of the access control information is therefore the result of mapping an abstraction to an implementation. • The question is whether or not the given access control information correctly implements the policy. – 3) Restricting the Protection Domain of the Role Process
  • 13. Common Security Related Programming Problems • C) Improper Changes – This category describes data and instructions that change over time. The danger is that the changed values may be inconsistent with the previous values. – 1) Memory • Any process that can access shared memory can manipulate data in the memory. Unless all processes that can access the shared memory implementation a concurrent protocol for managing changes one process can change data on which a second process relies • This could cause the second process to violate the security policy.
  • 14. Common Security Related Programming Problems • Implementation Rule 5 – If a process interacts with other processes, the interactions should be synchronized. In particular, all possible sequences of interactions must be known and for all such interactions, the process must enforce the required security policy. • Implementation Rule 6 – Asynchronous exception handlers should not alter any variables excepts those that are local to the exception handling module. – Exception handler should block all the exception • Implementation Rule 7 – Data that the process trusts and the data that it receives from un-trusted sources should be kept in separate areas of memory
  • 15. Common Security Related Programming Problems • D) Improper Naming – A It refers to an ambiguity in identifying an object – If two different objects have the same name. – The programmer intends the name to refer to one of the objects, but an attacker manipulates the environment and the process so that the name refers to a different object. – Management Rule 5 • Unique objects require unique names. Interchangeable objects may share a name. – Implementation Rule 9 • The process must ensure that the context in which an object is named identifies the correct object.
  • 16. Common Security Related Programming Problems • E) Improper Deallocation or Deletion – Failing to delete sensitive information raises the possibility of another process seeing that data at a later time. – Cryptographic keywords, passwords and other authentication information should be discarded once they have been used. – As a consequence of not deleting sensitive information is that dumps of memory, which may occur if the program receives an exception or crashes for some other reason. – Implementation Rule 10 • When the process finishes using a sensitive object, the object should be erased, the de-allocated or deleted. Any resources not needed should also be released.
  • 17. Common Security Related Programming Problems • F) Improper Validation – This problem arises when data is not checked for consistency and correctness. – The process can check correctness only by looking for error codes or by looking for patently incorrect values. – 1) Bounds Checking • Errors of validation often occur when data is supposed to lie within bounds. • Implementation Rule 11 – Ensure that all array references access existing elements of the array. If a function that manipulates arrays cannot ensure that only valid elements are referenced, do not use that function. Find one that does, write a new version, or create a wrapper.
  • 18. Common Security Related Programming Problems – 2)Type Checking • Failure to check types in another common validation problem. • Implementation Rule 12 – Check the type of function and parameters. • Management Rule 6 – When compiling programs, ensure that the compiler flags report inconsistencies in types. Investigate all such warnings an either fix the problem or document the warning and why it is spurious. – 3) Error Checking • Third common problem involving improper validation is failure to check return values of function.
  • 19. Common Security Related Programming Problems • Implementation Rule 13 – Check all function and procedure executions for errors. – 4) Checking for valid, not invalid data. • This principle requires that valid values be known and that all other values be rejected. Unfortunately, programmers often check for invalid data and assume that the rest is valid. • Implementation Rule 14 – Check that a variable's values are valid. • Management Rule 7 – If a trade-off between security and other factors results in a mechanism or procedure that can weaken security, document the reasons for the decision, the possible effects, and the situations in which the compromise method should be used.
  • 20. Common Security Related Programming Problems – 5) Checking Input • All the data from the un-trusted sources must be checked • Implementation Rule 15 – Check all user input for both form and content. In particular, check integer for values that are too big or too small, and check character data for length and valid characters. (check that a variable’s values are valid.) – 6) Designing for validation • Sometimes data cannot be validated completely. • Implementation Rule 16 – Create data structure and function in such a way that they can be validated.
  • 21. Common Security Related Programming Problems • G) Improper Indivisibility – It arises when an operation is considered as one unit in the abstract but is implemented as two unit. – Implementation Rule 17 • If two operations must be performed sequentially without an intervening operation, use a mechanism to ensure that the two cannot be divided. • H) Improper Sequencing – Means that operations are performed in an incorrect order. – Implementation Rule 18 – Describe the legal sequences of operations on a resource or object. Check that all possible sequence of the programs involved match one legal sequences
  • 22. Common Security Related Programming Problems • J) Improper choice of operand or operation – Preventing errors of choosing the wrong operand or operation requires that the algorithms be thought through carefully. – Management Rule 8 • Use software engineering and assurance techniques to ensure that operations are operands are appropriate.