The Software Security Problem

1
Chapter 1

• The Software Security Problem

2
Goals of this course

• Become aware of common pitfalls.
• Static Analysis and tools

3
Some common approaches to security

• Defensive Programming
• Security Features (vs secure features)?
• Improving Software Quality

4
Some common approaches to security

• Defensive Programming
• Security Features (vs secure features)?
• Improving Software Quality
  (none of these approaches work!)?

5
So, what works?
6
Usual Software building cycle

• Requirements and Specifications
• Design
• Code
• Test and debug
• Integration test
• Deliver

7
Best way to detect vulnerable code

• Through a Static Analysis Tool.
• However, hand/hard work is still necesary!

8
Vulnerability Classification

• Generic vs context-specific defects
• Visible in the code vs visible only in the design
• Seven pernicious kingdoms
• Input validation and representation
• API abuse
• Security Features
• Time and State
• Error Handling
• Code Quality
• Encapsulation
• Environment

9
(No Transcript)
10
2009 CWE/SANS Top 25

• Insecure Component Interaction
• Improper Input Validation
• Improper Encoding or escaping of output
• SQL injection
• Cross-site scripting
• OS Command Injection
• Cleartext transmission of sensitive information
• Cross-Site Request forgery
• Race Condition
• Error Message Information leak

• Risky Resource Management
• Buffer overflow
• External control of state data
• External control of filename or path
• Untrusted search path
• Code injection
• Code download without integrity check.
• Improper resource shutdown or release
• Improper Initialization
• Incorrect Calculation

11
2009 CWE/SANS Top 25 (cont)?

• Porous Defenses
• Improper Access control
• Broken or risky cryptography
• Hard-coded password
• Insecure Permission assignment for critical
  resource
• Use of insufficiently random values
• Execution with Unnecesary priviledges
• Client-side enforcement of server-side security.