SlideShare ist ein Scribd-Unternehmen logo

Software Security Engineering

•Als PPT, PDF herunterladen•
•
Muhammad Asim
Muhammad Asim

This presentation provides insightful ideas and techniques to secure your software or system in a top-notch fashion.

Bildung
1 von 41
Software Security Engineering
Prepared by: Muhammad Asim
What we will learn today • Security concepts • Security risk management • Design for security • System survivability
What is Security Engineering ? Security engineering is concerned with how to develop and maintain systems that can resist malicious attacks intended to damage a computer-based system or its data.
Why Security Engineering? • To make more dependable systems we need to secure over systems from the threats from malicious and technically skilled attackers as well as problems resulting from accidentals mistakes in the development process. • This has become a priority for businesses and individuals as more and more criminals try to exploit networked systems for illegal purposes.
Security Concepts
Security Concepts • Assets • Exposure • Vulnerability • Attack • Threats • Control
Security concerns • Confidentiality Ensuring that data is only accessible to authorized people and organizations • Integrity Ensuring that external attacks cannot damage data and programs • Availability Ensuring that external attacks do not compromise the availability of data and programs
Controls for security • Controls that intend to ensure that the attacks are unsuccessful. • Controls that are intended to detect and repel attacks. • Controls that support from recovery problems.
Application/infrastructure security • Application security is a software engineering problem where the system is designed to resist attacks. • Infrastructure security is a systems management problem where the purchased infrastructure is configured to resist attacks.
System layers where security may be compromised
System security management • User and permission management Adding and removing users from the system and setting up appropriate permissions for users • Software deployment and maintenance Installing application software and middleware and configuring these systems so that vulnerabilities are avoided. • Attack monitoring, detection and recovery Monitoring the system for unauthorized access, design strategies for resisting attacks and develop backup and recovery strategies.
Security Risk Management
Security risk management • Risk management is concerned with assessing the possible losses that might ensue from attacks on the system and balancing these losses against the costs of security procedures that may reduce these losses.
Note: Risk management is a business issue rather than a technical issue, so software engineers should not decide what controls should be included in a system. It is up to senior management to decide whether or not to accept the cost of security or to accept the exposure that results from the lack of security procedures.
Risk management involves • Preliminary risk assessment • Life cycle risk assessment • Operational risk assessment
Preliminary risk assessment • In preliminary risk assessment security requirements for the whole system, not just the software. • At this stage, decisions on the detailed system requirements, the system design or the implementation technology have not been made.
Preliminary risk assessment
Misuse cases Misuse cases are instances of threats to a system. •Interception threats Attacker gains access to an asset •Interruption threats Attacker makes part of a system unavailable •Modification threats A system asset are modified •Fabrication threats False information is added to a system
Asset analysis Asset Value Exposure The information system High. Required to support all clinical consultations. Potentially safety-critical. High. Financial loss as clinics may have to be canceled. Costs of restoring system. Possible patient harm if treatment cannot be prescribed. The patient database High. Required to support all clinical consultations. Potentially safety-critical. High. Financial loss as clinics may have to be cancelled. Costs of restoring system. Possible patient harm if treatment cannot be prescribed. An individual patient record Normally low although may be high for specific high-profile patients. Low direct losses but possible loss of reputation.
Threat and control analysis Threat Probability Control Feasibility Unauthorized user gains access as system manager and makes system unavailable Low Only allow system management from specific locations that are physically secure. Low cost of implementation but care must be taken with key distribution and to ensure that keys are available in the event of an emergency. Unauthorized user gains access as system user and accesses confidential information High Require all users to authenticate themselves using a biometric mechanism. Log all changes to patient information to track system usage. Technically feasible but high-cost solution. Possible user resistance. Simple and transparent to implement and also supports recovery.
Security requirements • Patient information must be downloaded at the start of a clinic session to a secure area on the system client that is used by clinical staff. • Patient information must not be maintained on system clients after a clinic session has finished. • A log on a separate computer from the database server must be maintained of all changes made to the system database.
Life cycle risk assessment • Risk assessment while the system is being developed and after it has been deployed • More information is available - system platform, middleware and the system architecture and data organization. • Vulnerabilities that arise from design choices may therefore be identified.
Vulnerabilities associated with technology choices
Security requirements • A password checker shall be made available and shall be run daily. Weak passwords shall be reported to system administrators. • Access to the system shall only be allowed by approved client computers. • All client computers shall have a single, approved web browser installed by system administrators.
Operational risk assessment • Environment characteristics can lead to new system risks • Risk of interruption means that logged in computers are left unattended.
Design for Security
Design for security • Architectural design how do architectural design decisions affect the security of a system? • Good practice what is accepted good practice when designing secure systems? • Design for deployment what support should be designed into a system to avoid the introduction of vulnerabilities when a system is deployed for use?
Architectural design • Two fundamental issues have to be considered when designing an architecture for security. • Protection How should the system be organized so that critical assets can be protected against external attack? • Distribution How should system assets be distributed so that the effects of a successful attack are minimized? • These are potentially conflicting If assets are distributed, then they are more expensive to protect. If assets are protected, then usability and performance requirements may be compromised.
Protection – defense in depth
Layered protection model • Platform-level protection Top-level controls on the platform on which a system runs. • Application-level protection Specific protection mechanisms built into the application itself e.g. additional password protection. • Record-level protection Protection that is invoked when access to specific information is requested
A layered protection architecture
Distribute assets to reduce losses
Distributed assets • Distributing assets means that attacks on one system do not necessarily lead to complete loss of system service • Each platform has separate protection features and may be different from other platforms so that they do not share a common vulnerability
Distributed assets in an equity trading system
Guideline for Security Design • Base security decisions on an explicit security policy • Avoid a single point of failure • Fail securely • Balance security and usability • Be aware of the possibility of social engineering • Use redundancy and diversity to reduce risk • Validate all inputs • Compartmentalize your assets • Design for deployment • Design for recoverability
System Survivability
System Survivability dependency System survivability depends upon three factors •Resistance – avoiding problems by building capabilities into the system to repel attacks. •Recognition – detecting problems by building capabilities into the system to detect attacks and failures and assess the resultant damage. •Recovery – tolerating problems by building capabilities into the system to deliver essential services whilst under attack and to recover full functionality after an attack.
System Survivability analysis Four stage process: •System Understanding •Critical services identification •Attack simulation •Survivability analysis
System Survivability analysis
Thank you !!!

Empfohlen

Software security engineering
Software security engineeringSoftware security engineering
Software security engineeringaizazhussain234
 
Pasta Threat Modeling
Pasta Threat ModelingPasta Threat Modeling
Pasta Threat ModelingEC-Council
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security EngineeringMarco Morana
 
8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development SecuritySam Bowne
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application SecurityRob Ragan
 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat ModelingMiriam Celi, CISSP, GISP, MSCS, MBA
 
System security
System securitySystem security
System securitysommerville-videos
 
Software security
Software securitySoftware security
Software securityRoman Oliynykov
 

Empfohlen

Software security engineering
Software security engineeringSoftware security engineering
Software security engineeringaizazhussain234
 
Pasta Threat Modeling
Pasta Threat ModelingPasta Threat Modeling
Pasta Threat ModelingEC-Council
 
Software Security Engineering
Software Security EngineeringSoftware Security Engineering
Software Security EngineeringMarco Morana
 
8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development SecuritySam Bowne
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application SecurityRob Ragan
 
Secure Coding and Threat Modeling
Secure Coding and Threat ModelingSecure Coding and Threat Modeling
Secure Coding and Threat ModelingMiriam Celi, CISSP, GISP, MSCS, MBA
 
System security
System securitySystem security
System securitysommerville-videos
 
Software security
Software securitySoftware security
Software securityRoman Oliynykov
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And AnalysisLalit Kale
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk ManagementHamed Moghaddam
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Software coding & testing, software engineering
Software coding & testing, software engineeringSoftware coding & testing, software engineering
Software coding & testing, software engineeringRupesh Vaishnav
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development SecurityKarthikeyan Dhayalan
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS ComplianceSaumya Vishnoi
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsKarthikeyan Dhayalan
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingGoutham Shetty
 
CISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk ManagementCISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk ManagementKarthikeyan Dhayalan
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Security tools
Security toolsSecurity tools
Security toolsGreater Noida Institute Of Technology
 
How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MISAaDi Malik
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 

Weitere ähnliche Inhalte

Was ist angesagt?

Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security elmuhammadmuhammad
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And AnalysisLalit Kale
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021Adam Shostack
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk ManagementHamed Moghaddam
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsKarthikeyan Dhayalan
 
Software coding & testing, software engineering
Software coding & testing, software engineeringSoftware coding & testing, software engineering
Software coding & testing, software engineeringRupesh Vaishnav
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development SecurityKarthikeyan Dhayalan
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS ComplianceSaumya Vishnoi
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsKarthikeyan Dhayalan
 
CISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk ManagementCISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk ManagementKarthikeyan Dhayalan
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 

Was ist angesagt? (20)

Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 
information security management
information security managementinformation security management
information security management
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And Analysis
 
Threat Modeling In 2021
Threat Modeling In 2021Threat Modeling In 2021
Threat Modeling In 2021
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
 
8. operations security
8. operations security8. operations security
8. operations security
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
CISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security ConceptsCISSP - Chapter 1 - Security Concepts
CISSP - Chapter 1 - Security Concepts
 
Software coding & testing, software engineering
Software coding & testing, software engineeringSoftware coding & testing, software engineering
Software coding & testing, software engineering
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and Tools
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development Security
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS Compliance
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
CISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk ManagementCISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk Management
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
 
Information security management system
Information security management systemInformation security management system
Information security management system
 
Security tools
Security toolsSecurity tools
Security tools
 

Ähnlich wie Software Security Engineering

How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MISAaDi Malik
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochQA or the Highway
 
Design and Analyze Secure Networked Systems - 2
Design and Analyze Secure Networked Systems - 2Design and Analyze Secure Networked Systems - 2
Design and Analyze Secure Networked Systems - 2Don Kim
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Knoldus Inc.
 
Management Information System Presentation
Management Information System PresentationManagement Information System Presentation
Management Information System PresentationAaDi Malik
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcingNicholas Davis
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNicholas Davis
 
Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principlesDivya Tiwari
 
chap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systemschap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information SystemsKashfUlHuda1
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptxdotco
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptRAJESH S
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in misVishal Patyal
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptxThavaselviMunusamy1
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatanceKudzi Chikwatu
 
Chapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxChapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxToxicHawk
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 

Ähnlich wie Software Security Engineering (20)

How To Secure MIS
How To Secure MISHow To Secure MIS
How To Secure MIS
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
Design and Analyze Secure Networked Systems - 2
Design and Analyze Secure Networked Systems - 2Design and Analyze Secure Networked Systems - 2
Design and Analyze Secure Networked Systems - 2
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
 
Management Information System Presentation
Management Information System PresentationManagement Information System Presentation
Management Information System Presentation
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
 
Security management concepts and principles
Security management concepts and principlesSecurity management concepts and principles
Security management concepts and principles
 
chap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systemschap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systems
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptx
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.ppt
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in mis
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptx
 
security and system mainatance
security and system mainatancesecurity and system mainatance
security and system mainatance
 
Ch14
Ch14Ch14
Ch14
 
Chapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptxChapter-2-Control-Audit-Security-ioenotes.pptx
Chapter-2-Control-Audit-Security-ioenotes.pptx
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 

Mehr von Muhammad Asim

Software Evolution
Software EvolutionSoftware Evolution
Software EvolutionMuhammad Asim
 
Software Size Estimation
Software Size EstimationSoftware Size Estimation
Software Size EstimationMuhammad Asim
 
Crystal Methodology
Crystal MethodologyCrystal Methodology
Crystal MethodologyMuhammad Asim
 
V Model and W Model
V Model and W ModelV Model and W Model
V Model and W ModelMuhammad Asim
 
Scrum Methodology well elucidated
Scrum Methodology well elucidatedScrum Methodology well elucidated
Scrum Methodology well elucidatedMuhammad Asim
 
Islamic festivals
Islamic festivalsIslamic festivals
Islamic festivalsMuhammad Asim
 

Mehr von Muhammad Asim (6)

Software Evolution
Software EvolutionSoftware Evolution
Software Evolution
 
Software Size Estimation
Software Size EstimationSoftware Size Estimation
Software Size Estimation
 
Crystal Methodology
Crystal MethodologyCrystal Methodology
Crystal Methodology
 
V Model and W Model
V Model and W ModelV Model and W Model
V Model and W Model
 
Scrum Methodology well elucidated
Scrum Methodology well elucidatedScrum Methodology well elucidated
Scrum Methodology well elucidated
 
Islamic festivals
Islamic festivalsIslamic festivals
Islamic festivals
 

KĂźrzlich hochgeladen

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structuredhanjurrannsibayan2
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxDr. Sarita Anand
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024Elizabeth Walsh
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxPooja Bhuva
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseAnaAcapella
 

KĂźrzlich hochgeladen (20)

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
Spatium Project Simulation student brief
Spatium Project Simulation student briefSpatium Project Simulation student brief
Spatium Project Simulation student brief
 

Software Security Engineering

  • 3. What we will learn today • Security concepts • Security risk management • Design for security • System survivability
  • 4. What is Security Engineering ? Security engineering is concerned with how to develop and maintain systems that can resist malicious attacks intended to damage a computer-based system or its data.
  • 5. Why Security Engineering? • To make more dependable systems we need to secure over systems from the threats from malicious and technically skilled attackers as well as problems resulting from accidentals mistakes in the development process. • This has become a priority for businesses and individuals as more and more criminals try to exploit networked systems for illegal purposes.
  • 7. Security Concepts • Assets • Exposure • Vulnerability • Attack • Threats • Control
  • 8. Security concerns • Confidentiality Ensuring that data is only accessible to authorized people and organizations • Integrity Ensuring that external attacks cannot damage data and programs • Availability Ensuring that external attacks do not compromise the availability of data and programs
  • 9. Controls for security • Controls that intend to ensure that the attacks are unsuccessful. • Controls that are intended to detect and repel attacks. • Controls that support from recovery problems.
  • 10. Application/infrastructure security • Application security is a software engineering problem where the system is designed to resist attacks. • Infrastructure security is a systems management problem where the purchased infrastructure is configured to resist attacks.
  • 11. System layers where security may be compromised
  • 12. System security management • User and permission management Adding and removing users from the system and setting up appropriate permissions for users • Software deployment and maintenance Installing application software and middleware and configuring these systems so that vulnerabilities are avoided. • Attack monitoring, detection and recovery Monitoring the system for unauthorized access, design strategies for resisting attacks and develop backup and recovery strategies.
  • 14. Security risk management • Risk management is concerned with assessing the possible losses that might ensue from attacks on the system and balancing these losses against the costs of security procedures that may reduce these losses.
  • 15. Note: Risk management is a business issue rather than a technical issue, so software engineers should not decide what controls should be included in a system. It is up to senior management to decide whether or not to accept the cost of security or to accept the exposure that results from the lack of security procedures.
  • 16. Risk management involves • Preliminary risk assessment • Life cycle risk assessment • Operational risk assessment
  • 17. Preliminary risk assessment • In preliminary risk assessment security requirements for the whole system, not just the software. • At this stage, decisions on the detailed system requirements, the system design or the implementation technology have not been made.
  • 19. Misuse cases Misuse cases are instances of threats to a system. •Interception threats Attacker gains access to an asset •Interruption threats Attacker makes part of a system unavailable •Modification threats A system asset are modified •Fabrication threats False information is added to a system
  • 20. Asset analysis Asset Value Exposure The information system High. Required to support all clinical consultations. Potentially safety-critical. High. Financial loss as clinics may have to be canceled. Costs of restoring system. Possible patient harm if treatment cannot be prescribed. The patient database High. Required to support all clinical consultations. Potentially safety-critical. High. Financial loss as clinics may have to be cancelled. Costs of restoring system. Possible patient harm if treatment cannot be prescribed. An individual patient record Normally low although may be high for specific high-profile patients. Low direct losses but possible loss of reputation.
  • 21. Threat and control analysis Threat Probability Control Feasibility Unauthorized user gains access as system manager and makes system unavailable Low Only allow system management from specific locations that are physically secure. Low cost of implementation but care must be taken with key distribution and to ensure that keys are available in the event of an emergency. Unauthorized user gains access as system user and accesses confidential information High Require all users to authenticate themselves using a biometric mechanism. Log all changes to patient information to track system usage. Technically feasible but high-cost solution. Possible user resistance. Simple and transparent to implement and also supports recovery.
  • 22. Security requirements • Patient information must be downloaded at the start of a clinic session to a secure area on the system client that is used by clinical staff. • Patient information must not be maintained on system clients after a clinic session has finished. • A log on a separate computer from the database server must be maintained of all changes made to the system database.
  • 23. Life cycle risk assessment • Risk assessment while the system is being developed and after it has been deployed • More information is available - system platform, middleware and the system architecture and data organization. • Vulnerabilities that arise from design choices may therefore be identified.
  • 25. Security requirements • A password checker shall be made available and shall be run daily. Weak passwords shall be reported to system administrators. • Access to the system shall only be allowed by approved client computers. • All client computers shall have a single, approved web browser installed by system administrators.
  • 26. Operational risk assessment • Environment characteristics can lead to new system risks • Risk of interruption means that logged in computers are left unattended.
  • 28. Design for security • Architectural design how do architectural design decisions affect the security of a system? • Good practice what is accepted good practice when designing secure systems? • Design for deployment what support should be designed into a system to avoid the introduction of vulnerabilities when a system is deployed for use?
  • 29. Architectural design • Two fundamental issues have to be considered when designing an architecture for security. • Protection How should the system be organized so that critical assets can be protected against external attack? • Distribution How should system assets be distributed so that the effects of a successful attack are minimized? • These are potentially conflicting If assets are distributed, then they are more expensive to protect. If assets are protected, then usability and performance requirements may be compromised.
  • 31. Layered protection model • Platform-level protection Top-level controls on the platform on which a system runs. • Application-level protection Specific protection mechanisms built into the application itself e.g. additional password protection. • Record-level protection Protection that is invoked when access to specific information is requested
  • 33. Distribute assets to reduce losses
  • 34. Distributed assets • Distributing assets means that attacks on one system do not necessarily lead to complete loss of system service • Each platform has separate protection features and may be different from other platforms so that they do not share a common vulnerability
  • 35. Distributed assets in an equity trading system
  • 36. Guideline for Security Design • Base security decisions on an explicit security policy • Avoid a single point of failure • Fail securely • Balance security and usability • Be aware of the possibility of social engineering • Use redundancy and diversity to reduce risk • Validate all inputs • Compartmentalize your assets • Design for deployment • Design for recoverability
  • 38. System Survivability dependency System survivability depends upon three factors •Resistance – avoiding problems by building capabilities into the system to repel attacks. •Recognition – detecting problems by building capabilities into the system to detect attacks and failures and assess the resultant damage. •Recovery – tolerating problems by building capabilities into the system to deliver essential services whilst under attack and to recover full functionality after an attack.
  • 39. System Survivability analysis Four stage process: •System Understanding •Critical services identification •Attack simulation •Survivability analysis