SlideShare a Scribd company logo

Design principles and common security related programming principles

Download as PPTX, PDF
S
Saurav Aryal

Design principles and common security related programming principles, principle of least privilege,principle of least common mechanism, trust in the system

Technology
1 of 20
• Principle Of Least Privilege – This principle restricts how privileges are granted – This principle state that “a subject should be given only those privilege that it need in order to complete its task • Principle of Fail-Safe Defaults – Restricts how privileges are initialized when a subject or object is created. – States that, unless a subject is given explicit access to an object, it should be denied access to that object. – This principle requires that the default access to an object is none Design Principles and Common Security Related Programming Problems 1
• Principle of Economy of Mechanism – Simplifies the design and implementation of security mechanisms. – State that security mechanisms should be as simple as possible • Principle of complete mediation – Requires that all accesses to be checked to ensure that they are allowed. – All access level should be checked not only the first one in order to grant permission Design Principles and Common Security Related Programming Problems 2
• Principle of Open Design – This principle suggests that complexity does not add security. – State that the security of a mechanism should not depend on the secrecy of its design or implementation to ensure security. • Principle of Separation of Privilege – This principle is restrictive because it limits access to system entities. – States that a system should not grant permission based on a single condition. Design Principles and Common Security Related Programming Problems 3
• Principle of Least Common Mechanism – This principle is restrictive because it limits sharing – States that the mechanisms used to access resources should not be shared. • Principle of Psychological Acceptability – This principle recognizes the human elements in computer security – States that security mechanism should not make the resources more difficult to access than if there is no security mechanisms were not present. Design Principles and Common Security Related Programming Problems 4
• A) Improper Choice of Initial Protection Domain – Flaws arise from incorrect setting of permissions or privileges – 1) Process Privileges • The principle of least privilege dictates that no process have more privileges than it needs to complete its task, but the process must have enough privileges to complete its task successfully • Implementation Rule 1 – Structure the process so that all sections requiring extra privileges are modules. The modules should be as small as possible and should perform only those tasks that require those privileges • Management Rule 1 – Check that the process privileges are set properly. Design Principles and Common Security Related Programming Problems 5
– 2) Access Control File Permissions. • Biba’s model emphasize that the integrity of the process relies on both the integrity of the program and integrity of the access control file. • Verifying the integrity of the access control file is critical, because that file controls the access to role accounts. • Management Rule 2 – The program that is executed to create the process, and all associated control files, must be protected from unauthorized use and modification. Any such modification must be detected. • Implementation Rule 2 – Ensure that any assumptions in the program are validated. If it is not possible, document them for the installer and maintainers, so they know the assumptions that attackers will try to invalidate. Design Principles and Common Security Related Programming Problems 6
– 3) Memory Protection • Consider sharing memory. If two subjects can alter the contents of memory, then one could change data on which the second relies. This sharing poses a security problem because the modifying process can alter variables that control the action of the other process. Each process should have a protected, unshared memory space. • Implementation Rule 3 – Ensure that the program does not share objects in memory with any other program, and that other programs cannot access the memory of a privileged. • Management Rule 3 – Configure memory to enforce the principle of least privilege. – If a section of memory is not contain executable instructions, turn execute permission off for that section of memory. If the contents of a section of memory are not be altered make that section read-only. Design Principles and Common Security Related Programming Problems 7
◦ 4) Trust in the System The program relies on the system authentication mechanisms to authenticate the user and on the user information database to map user and roles into their corresponding UIDs. It also relies on the inability of ordinary users to alter the system clock. Implementation Rule 4 Identify all systems components on which the program depends. Check for errors whenever possible, and identify those components for which error checking will not work. Design Principles and Common Security Related Programming Problems 8
B) Improper Isolation of Implementation Detail Design Principles and Common Security Related Programming Problems 9 ◦ This problem arises when an abstraction is improperly mapped into an implementation detail Implementation Rule 4 The error status of every function must be checked. Do not try to recover unless the cause of the error, and its effects, do not affect any security consideration. The program should restore the state of the system to the state before the process began, and then terminate.
– 1)Resource Exhaustion and User Identifiers • The designers and implementers decided to have the program fail if, for any reason, the query failed. This application of the principle of fail-safe defaults ensured that in case of error, the users would not get access to the role account. – 2) Validating the Access Control Entries • The expression of the access control information is therefore the result of mapping an abstraction to an implementation. • The question is whether or not the given access control information correctly implements the policy. – 3) Restricting the Protection Domain of the Role Process Design Principles and Common Security Related Programming Problems 10
• C) Improper Changes – This category describes data and instructions that change over time. The danger is that the changed values may be inconsistent with the previous values. – 1) Memory • Any process that can access shared memory can manipulate data in the memory. Unless all processes that can access the shared memory implementation a concurrent protocol for managing changes one process can change data on which a second process relies • This could cause the second process to violate the security policy. Design Principles and Common Security Related Programming Problems 11
• Implementation Rule 5 – If a process interacts with other processes, the interactions should be synchronized. In particular, all possible sequences of interactions must be known and for all such interactions, the process must enforce the required security policy. • Implementation Rule 6 – Asynchronous exception handlers should not alter any variables excepts those that are local to the exception handling module. – Exception handler should block all the exception • Implementation Rule 7 – Data that the process trusts and the data that it receives from un-trusted sources should be kept in separate areas of memory Design Principles and Common Security Related Programming Problems 12
D) Improper Naming Design Principles and Common Security Related Programming Problems 13 ◦ A It refers to an ambiguity in identifying an object ◦ If two different objects have the same name. ◦ The programmer intends the name to refer to one of the objects, but an attacker manipulates the environment and the process so that the name refers to a different object. ◦ Management Rule 5 Unique objects require unique names. Interchangeable objects may share a name. ◦ Implementation Rule 9 The process must ensure that the context in which an object is named identifies the correct object.
E)Improper Deallocation or Deletion Design Principles and Common Security Related Programming Problems 14 ◦ Failing to delete sensitive information raises the possibility of another process seeing that data at a later time. ◦ Cryptographic keywords, passwords and other authentication information should be discarded once they have been used. ◦ As a consequence of not deleting sensitive information is that dumps of memory, which may occur if the program receives an exception or crashes for some other reason. ◦ Implementation Rule 10 When the process finishes using a sensitive object, the object should be erased, the de-allocated or deleted. Any resources not needed should also be released.
F) Improper Validation Design Principles and Common Security Related Programming Problems 15 ◦ This problem arises when data is not checked for consistency and correctness. ◦ The process can check correctness only by looking for error codes or by looking for patently incorrect values. ◦ 1) Bounds Checking Errors of validation often occur when data is supposed to lie within bounds. Implementation Rule 11 Ensure that all array references access existing elements of the array. If a function that manipulates arrays cannot ensure that only valid elements are referenced, do not use that function. Find one that does, write a new version, or create a wrapper.
– 2)Type Checking • Failure to check types in another common validation problem. • Implementation Rule 12 Check the type of function and parameters. • Management Rule 6 When compiling programs, ensure that the compiler flags report inconsistencies in types. Investigate all such warnings an either fix the problem or document the warning and why it is spurious. – 3) Error Checking • Third common problem involving improper validation is failure to check return values of function. Design Principles and Common Security Related Programming Problems 16
• Implementation Rule 13 Check all function and procedure executions for errors. – 4) Checking for valid, not invalid data. • This principle requires that valid values be known and that all other values be rejected. Unfortunately, programmers often check for invalid data and assume that the rest is valid. • Implementation Rule 14 Check that a variable's values are valid. • Management Rule 7 If a trade-off between security and other factors results in a mechanism or procedure that can weaken security, document the reasons for the decision, the possible effects, and the situations in which the compromise method should be used. Design Principles and Common Security Related Programming Problems 17
– 5) Checking Input • All the data from the un-trusted sources must be checked • Implementation Rule 15 Check all user input for both form and content. In particular, check integer for values that are too big or too small, and check character data for length and valid characters. (check that a variable’s values are valid.) ◦ 6) Designing for validation Sometimes data cannot be validated completely. Implementation Rule 16 Create data structure and function in such a way that they can be validated. Design Principles and Common Security Related Programming Problems 18
G) Improper Indivisibility Design Principles and Common Security Related Programming Problems 19 ◦ It arises when an operation is considered as one unit in the abstract but is implemented as two unit. ◦ Implementation Rule 17 If two operations must be performed sequentially without an intervening operation, use a mechanism to ensure that the two cannot be divided. H) Improper Sequencing ◦ Means that operations are performed in an incorrect order. ◦ Implementation Rule 18 Describe the legal sequences of operations on a resource or object. Check that all possible sequence of the programs involved match one legal sequences
J)Improper choice of operand or operation Design Principles and Common Security Related Programming Problems 20 ◦ Preventing errors of choosing the wrong operand or operation requires that the algorithms be thought through carefully. ◦ Management Rule 8 Use software engineering and assurance techniques to ensure that operations are operands are appropriate.

Recommended

Information System audit
Information System auditInformation System audit
Information System auditPratapchandra
 
Test cases and bug report v3.2
Test cases and bug report v3.2Test cases and bug report v3.2
Test cases and bug report v3.2Andrey Oleynik
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)Biswajit Bhattacharjee
 
Information system and security control
Information system and security controlInformation system and security control
Information system and security controlCheng Olayvar
 
Unit Testing
Unit TestingUnit Testing
Unit TestingStanislav Tiurikov
 
Characteristic of management information system
Characteristic of management information systemCharacteristic of management information system
Characteristic of management information systemManoj Kumar
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
System Maintenance
System MaintenanceSystem Maintenance
System MaintenanceSubhash Gupta
 

Recommended

Information System audit
Information System auditInformation System audit
Information System auditPratapchandra
 
Test cases and bug report v3.2
Test cases and bug report v3.2Test cases and bug report v3.2
Test cases and bug report v3.2Andrey Oleynik
 
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)
SECURITY & CONTROL OF INFORMATION SYSTEM (Management Information System)Biswajit Bhattacharjee
 
Information system and security control
Information system and security controlInformation system and security control
Information system and security controlCheng Olayvar
 
Unit Testing
Unit TestingUnit Testing
Unit TestingStanislav Tiurikov
 
Characteristic of management information system
Characteristic of management information systemCharacteristic of management information system
Characteristic of management information systemManoj Kumar
 
Security & control in management information system
Security & control in management information systemSecurity & control in management information system
Security & control in management information systemOnline
 
System Maintenance
System MaintenanceSystem Maintenance
System MaintenanceSubhash Gupta
 
Técnicas de evaluación
Técnicas de evaluaciónTécnicas de evaluación
Técnicas de evaluaciónjoseaunefa
 
System Analysis and Design
System Analysis and Design System Analysis and Design
System Analysis and Design Matthew McKenzie
 
SDLC
SDLCSDLC
SDLCSwarnima Tiwari
 
Quality management
Quality managementQuality management
Quality managementNarayan SHARMA
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Istqb foundation level training 2018 syllabus - day1 intro
Istqb foundation level training 2018 syllabus - day1 intro Istqb foundation level training 2018 syllabus - day1 intro
Istqb foundation level training 2018 syllabus - day1 intro Hassan Muhammad
 
Requirements Review Process
Requirements Review ProcessRequirements Review Process
Requirements Review ProcessManageware
 
System Analysis and Design
System Analysis and DesignSystem Analysis and Design
System Analysis and DesignAamir Abbas
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challengesLouie Medinaceli
 
Importance of MIS
Importance of MISImportance of MIS
Importance of MISVishal Joshi
 
ISAD 313-4_ RESEARCH PROJECT.pptx
ISAD 313-4_ RESEARCH PROJECT.pptxISAD 313-4_ RESEARCH PROJECT.pptx
ISAD 313-4_ RESEARCH PROJECT.pptxDr. Rosemarie Sibbaluca-Guirre
 
V model Over view (Software Engineering)
V model Over view (Software Engineering)V model Over view (Software Engineering)
V model Over view (Software Engineering)Badar Rameez. CH.
 
software configuration management ppt
software configuration management ppt software configuration management ppt
software configuration management pptYeshiwas Getachew
 
Unit Iii
Unit IiiUnit Iii
Unit IiiRam Dutt Shukla
 
Software maintenance
Software maintenanceSoftware maintenance
Software maintenanceIndu Sharma Bhardwaj
 
System development life cycle
System development life cycleSystem development life cycle
System development life cycleFathima Binth Salam
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized EnvironmentDr. Sushil Bansode
 
Objetivos de Control de Base d Datos(ISACA,COBIT)
Objetivos de Control de Base d Datos(ISACA,COBIT)Objetivos de Control de Base d Datos(ISACA,COBIT)
Objetivos de Control de Base d Datos(ISACA,COBIT)hmitre17
 
IT Audit Methodologies
IT Audit MethodologiesIT Audit Methodologies
IT Audit MethodologiesSALIH AHMED ISLAM
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 
Computer security design principles
Computer security design principlesComputer security design principles
Computer security design principlesShaishav Dahal
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptxPiyush Jain
 

More Related Content

What's hot

Técnicas de evaluación
Técnicas de evaluaciónTécnicas de evaluación
Técnicas de evaluaciónjoseaunefa
 
System Analysis and Design
System Analysis and Design System Analysis and Design
System Analysis and Design Matthew McKenzie
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Istqb foundation level training 2018 syllabus - day1 intro
Istqb foundation level training 2018 syllabus - day1 intro Istqb foundation level training 2018 syllabus - day1 intro
Istqb foundation level training 2018 syllabus - day1 intro Hassan Muhammad
 
Requirements Review Process
Requirements Review ProcessRequirements Review Process
Requirements Review ProcessManageware
 
System Analysis and Design
System Analysis and DesignSystem Analysis and Design
System Analysis and DesignAamir Abbas
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challengesLouie Medinaceli
 
V model Over view (Software Engineering)
V model Over view (Software Engineering)V model Over view (Software Engineering)
V model Over view (Software Engineering)Badar Rameez. CH.
 
software configuration management ppt
software configuration management ppt software configuration management ppt
software configuration management pptYeshiwas Getachew
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized EnvironmentDr. Sushil Bansode
 
Objetivos de Control de Base d Datos(ISACA,COBIT)
Objetivos de Control de Base d Datos(ISACA,COBIT)Objetivos de Control de Base d Datos(ISACA,COBIT)
Objetivos de Control de Base d Datos(ISACA,COBIT)hmitre17
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in misGurjit
 

What's hot (20)

Técnicas de evaluación
Técnicas de evaluaciónTécnicas de evaluación
Técnicas de evaluación
 
System Analysis and Design
System Analysis and Design System Analysis and Design
System Analysis and Design
 
SDLC
SDLCSDLC
SDLC
 
Quality management
Quality managementQuality management
Quality management
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information System
 
Istqb foundation level training 2018 syllabus - day1 intro
Istqb foundation level training 2018 syllabus - day1 intro Istqb foundation level training 2018 syllabus - day1 intro
Istqb foundation level training 2018 syllabus - day1 intro
 
Requirements Review Process
Requirements Review ProcessRequirements Review Process
Requirements Review Process
 
System Analysis and Design
System Analysis and DesignSystem Analysis and Design
System Analysis and Design
 
Security & ethical challenges
Security & ethical challengesSecurity & ethical challenges
Security & ethical challenges
 
Importance of MIS
Importance of MISImportance of MIS
Importance of MIS
 
ISAD 313-4_ RESEARCH PROJECT.pptx
ISAD 313-4_ RESEARCH PROJECT.pptxISAD 313-4_ RESEARCH PROJECT.pptx
ISAD 313-4_ RESEARCH PROJECT.pptx
 
V model Over view (Software Engineering)
V model Over view (Software Engineering)V model Over view (Software Engineering)
V model Over view (Software Engineering)
 
software configuration management ppt
software configuration management ppt software configuration management ppt
software configuration management ppt
 
Unit Iii
Unit IiiUnit Iii
Unit Iii
 
Software maintenance
Software maintenanceSoftware maintenance
Software maintenance
 
System development life cycle
System development life cycleSystem development life cycle
System development life cycle
 
Auditing in Computerized Environment
Auditing in Computerized EnvironmentAuditing in Computerized Environment
Auditing in Computerized Environment
 
Objetivos de Control de Base d Datos(ISACA,COBIT)
Objetivos de Control de Base d Datos(ISACA,COBIT)Objetivos de Control de Base d Datos(ISACA,COBIT)
Objetivos de Control de Base d Datos(ISACA,COBIT)
 
IT Audit Methodologies
IT Audit MethodologiesIT Audit Methodologies
IT Audit Methodologies
 
Security and control in mis
Security and control in misSecurity and control in mis
Security and control in mis
 

Similar to Design principles and common security related programming principles

Computer security design principles
Computer security design principlesComputer security design principles
Computer security design principlesShaishav Dahal
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptxPiyush Jain
 
Security Principles and Protection Mechanism
Security Principles and Protection MechanismSecurity Principles and Protection Mechanism
Security Principles and Protection MechanismMona Rajput
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsKarthikeyan Dhayalan
 
Fundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptxFundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptxKelvinDube4
 
Software devlopment security
Software devlopment securitySoftware devlopment security
Software devlopment securitySuraj Singh
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGSri Latha
 
Gaurdrails for LLM applications
Gaurdrails for LLM applicationsGaurdrails for LLM applications
Gaurdrails for LLM applicationsBHANU A
 
Principles for Secure Design and Software Security
Principles for Secure Design and Software Security Principles for Secure Design and Software Security
Principles for Secure Design and Software Security Mona Rajput
 
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017FRSecure
 
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, NokiaDeployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokiamfrancis
 
Enforcing Corporate Security Policies via Computational Intelligence Techniques
Enforcing Corporate Security Policies via Computational Intelligence TechniquesEnforcing Corporate Security Policies via Computational Intelligence Techniques
Enforcing Corporate Security Policies via Computational Intelligence TechniquesJuan J. Merelo
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxLokNathRegmi1
 
Net essentials6e ch10
Net essentials6e ch10Net essentials6e ch10
Net essentials6e ch10APSU
 
Implementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentorImplementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentortmbainjr131
 
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...vtunotesbysree
 

Similar to Design principles and common security related programming principles (20)

Computer security design principles
Computer security design principlesComputer security design principles
Computer security design principles
 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
 
Security Principles and Protection Mechanism
Security Principles and Protection MechanismSecurity Principles and Protection Mechanism
Security Principles and Protection Mechanism
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
Security Design Principles.ppt
Security Design Principles.ppt Security Design Principles.ppt
Security Design Principles.ppt
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
 
Fundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptxFundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptx
 
Software devlopment security
Software devlopment securitySoftware devlopment security
Software devlopment security
 
Firewall best-practices-firewall-analyzer
Firewall best-practices-firewall-analyzerFirewall best-practices-firewall-analyzer
Firewall best-practices-firewall-analyzer
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODING
 
Gaurdrails for LLM applications
Gaurdrails for LLM applicationsGaurdrails for LLM applications
Gaurdrails for LLM applications
 
Principles for Secure Design and Software Security
Principles for Secure Design and Software Security Principles for Secure Design and Software Security
Principles for Secure Design and Software Security
 
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017
Slide Deck – Session 4 – FRSecure CISSP Mentor Program 2017
 
Different Types Of Testing
Different Types Of TestingDifferent Types Of Testing
Different Types Of Testing
 
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, NokiaDeployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
Deployment Download and Policy Workstream Update - Gábor Pécsy, Nokia
 
Enforcing Corporate Security Policies via Computational Intelligence Techniques
Enforcing Corporate Security Policies via Computational Intelligence TechniquesEnforcing Corporate Security Policies via Computational Intelligence Techniques
Enforcing Corporate Security Policies via Computational Intelligence Techniques
 
Chapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptxChapter_5_Security_CC.pptx
Chapter_5_Security_CC.pptx
 
Net essentials6e ch10
Net essentials6e ch10Net essentials6e ch10
Net essentials6e ch10
 
Implementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentorImplementing AppSec Policies with TeamMentor
Implementing AppSec Policies with TeamMentor
 
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
VTU 5TH SEM CSE SOFTWARE ENGINEERING SOLVED PAPERS - JUN13 DEC13 JUN14 DEC14 ...
 

More from Saurav Aryal

Information quality
Information qualityInformation quality
Information qualitySaurav Aryal
 
Socio economic dimensions
Socio economic dimensionsSocio economic dimensions
Socio economic dimensionsSaurav Aryal
 
Issues of plagiarism in classroom
Issues of plagiarism in classroomIssues of plagiarism in classroom
Issues of plagiarism in classroomSaurav Aryal
 
Appraisal interview
Appraisal interviewAppraisal interview
Appraisal interviewSaurav Aryal
 
Natural language processing
Natural language processingNatural language processing
Natural language processingSaurav Aryal
 
Leading strategic change
Leading strategic changeLeading strategic change
Leading strategic changeSaurav Aryal
 

More from Saurav Aryal (6)

Information quality
Information qualityInformation quality
Information quality
 
Socio economic dimensions
Socio economic dimensionsSocio economic dimensions
Socio economic dimensions
 
Issues of plagiarism in classroom
Issues of plagiarism in classroomIssues of plagiarism in classroom
Issues of plagiarism in classroom
 
Appraisal interview
Appraisal interviewAppraisal interview
Appraisal interview
 
Natural language processing
Natural language processingNatural language processing
Natural language processing
 
Leading strategic change
Leading strategic changeLeading strategic change
Leading strategic change
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Design principles and common security related programming principles

  • 1. • Principle Of Least Privilege – This principle restricts how privileges are granted – This principle state that “a subject should be given only those privilege that it need in order to complete its task • Principle of Fail-Safe Defaults – Restricts how privileges are initialized when a subject or object is created. – States that, unless a subject is given explicit access to an object, it should be denied access to that object. – This principle requires that the default access to an object is none Design Principles and Common Security Related Programming Problems 1
  • 2. • Principle of Economy of Mechanism – Simplifies the design and implementation of security mechanisms. – State that security mechanisms should be as simple as possible • Principle of complete mediation – Requires that all accesses to be checked to ensure that they are allowed. – All access level should be checked not only the first one in order to grant permission Design Principles and Common Security Related Programming Problems 2
  • 3. • Principle of Open Design – This principle suggests that complexity does not add security. – State that the security of a mechanism should not depend on the secrecy of its design or implementation to ensure security. • Principle of Separation of Privilege – This principle is restrictive because it limits access to system entities. – States that a system should not grant permission based on a single condition. Design Principles and Common Security Related Programming Problems 3
  • 4. • Principle of Least Common Mechanism – This principle is restrictive because it limits sharing – States that the mechanisms used to access resources should not be shared. • Principle of Psychological Acceptability – This principle recognizes the human elements in computer security – States that security mechanism should not make the resources more difficult to access than if there is no security mechanisms were not present. Design Principles and Common Security Related Programming Problems 4
  • 5. • A) Improper Choice of Initial Protection Domain – Flaws arise from incorrect setting of permissions or privileges – 1) Process Privileges • The principle of least privilege dictates that no process have more privileges than it needs to complete its task, but the process must have enough privileges to complete its task successfully • Implementation Rule 1 – Structure the process so that all sections requiring extra privileges are modules. The modules should be as small as possible and should perform only those tasks that require those privileges • Management Rule 1 – Check that the process privileges are set properly. Design Principles and Common Security Related Programming Problems 5
  • 6. – 2) Access Control File Permissions. • Biba’s model emphasize that the integrity of the process relies on both the integrity of the program and integrity of the access control file. • Verifying the integrity of the access control file is critical, because that file controls the access to role accounts. • Management Rule 2 – The program that is executed to create the process, and all associated control files, must be protected from unauthorized use and modification. Any such modification must be detected. • Implementation Rule 2 – Ensure that any assumptions in the program are validated. If it is not possible, document them for the installer and maintainers, so they know the assumptions that attackers will try to invalidate. Design Principles and Common Security Related Programming Problems 6
  • 7. – 3) Memory Protection • Consider sharing memory. If two subjects can alter the contents of memory, then one could change data on which the second relies. This sharing poses a security problem because the modifying process can alter variables that control the action of the other process. Each process should have a protected, unshared memory space. • Implementation Rule 3 – Ensure that the program does not share objects in memory with any other program, and that other programs cannot access the memory of a privileged. • Management Rule 3 – Configure memory to enforce the principle of least privilege. – If a section of memory is not contain executable instructions, turn execute permission off for that section of memory. If the contents of a section of memory are not be altered make that section read-only. Design Principles and Common Security Related Programming Problems 7
  • 8. ◦ 4) Trust in the System The program relies on the system authentication mechanisms to authenticate the user and on the user information database to map user and roles into their corresponding UIDs. It also relies on the inability of ordinary users to alter the system clock. Implementation Rule 4 Identify all systems components on which the program depends. Check for errors whenever possible, and identify those components for which error checking will not work. Design Principles and Common Security Related Programming Problems 8
  • 9. B) Improper Isolation of Implementation Detail Design Principles and Common Security Related Programming Problems 9 ◦ This problem arises when an abstraction is improperly mapped into an implementation detail Implementation Rule 4 The error status of every function must be checked. Do not try to recover unless the cause of the error, and its effects, do not affect any security consideration. The program should restore the state of the system to the state before the process began, and then terminate.
  • 10. – 1)Resource Exhaustion and User Identifiers • The designers and implementers decided to have the program fail if, for any reason, the query failed. This application of the principle of fail-safe defaults ensured that in case of error, the users would not get access to the role account. – 2) Validating the Access Control Entries • The expression of the access control information is therefore the result of mapping an abstraction to an implementation. • The question is whether or not the given access control information correctly implements the policy. – 3) Restricting the Protection Domain of the Role Process Design Principles and Common Security Related Programming Problems 10
  • 11. • C) Improper Changes – This category describes data and instructions that change over time. The danger is that the changed values may be inconsistent with the previous values. – 1) Memory • Any process that can access shared memory can manipulate data in the memory. Unless all processes that can access the shared memory implementation a concurrent protocol for managing changes one process can change data on which a second process relies • This could cause the second process to violate the security policy. Design Principles and Common Security Related Programming Problems 11
  • 12. • Implementation Rule 5 – If a process interacts with other processes, the interactions should be synchronized. In particular, all possible sequences of interactions must be known and for all such interactions, the process must enforce the required security policy. • Implementation Rule 6 – Asynchronous exception handlers should not alter any variables excepts those that are local to the exception handling module. – Exception handler should block all the exception • Implementation Rule 7 – Data that the process trusts and the data that it receives from un-trusted sources should be kept in separate areas of memory Design Principles and Common Security Related Programming Problems 12
  • 13. D) Improper Naming Design Principles and Common Security Related Programming Problems 13 ◦ A It refers to an ambiguity in identifying an object ◦ If two different objects have the same name. ◦ The programmer intends the name to refer to one of the objects, but an attacker manipulates the environment and the process so that the name refers to a different object. ◦ Management Rule 5 Unique objects require unique names. Interchangeable objects may share a name. ◦ Implementation Rule 9 The process must ensure that the context in which an object is named identifies the correct object.
  • 14. E)Improper Deallocation or Deletion Design Principles and Common Security Related Programming Problems 14 ◦ Failing to delete sensitive information raises the possibility of another process seeing that data at a later time. ◦ Cryptographic keywords, passwords and other authentication information should be discarded once they have been used. ◦ As a consequence of not deleting sensitive information is that dumps of memory, which may occur if the program receives an exception or crashes for some other reason. ◦ Implementation Rule 10 When the process finishes using a sensitive object, the object should be erased, the de-allocated or deleted. Any resources not needed should also be released.
  • 15. F) Improper Validation Design Principles and Common Security Related Programming Problems 15 ◦ This problem arises when data is not checked for consistency and correctness. ◦ The process can check correctness only by looking for error codes or by looking for patently incorrect values. ◦ 1) Bounds Checking Errors of validation often occur when data is supposed to lie within bounds. Implementation Rule 11 Ensure that all array references access existing elements of the array. If a function that manipulates arrays cannot ensure that only valid elements are referenced, do not use that function. Find one that does, write a new version, or create a wrapper.
  • 16. – 2)Type Checking • Failure to check types in another common validation problem. • Implementation Rule 12 Check the type of function and parameters. • Management Rule 6 When compiling programs, ensure that the compiler flags report inconsistencies in types. Investigate all such warnings an either fix the problem or document the warning and why it is spurious. – 3) Error Checking • Third common problem involving improper validation is failure to check return values of function. Design Principles and Common Security Related Programming Problems 16
  • 17. • Implementation Rule 13 Check all function and procedure executions for errors. – 4) Checking for valid, not invalid data. • This principle requires that valid values be known and that all other values be rejected. Unfortunately, programmers often check for invalid data and assume that the rest is valid. • Implementation Rule 14 Check that a variable's values are valid. • Management Rule 7 If a trade-off between security and other factors results in a mechanism or procedure that can weaken security, document the reasons for the decision, the possible effects, and the situations in which the compromise method should be used. Design Principles and Common Security Related Programming Problems 17
  • 18. – 5) Checking Input • All the data from the un-trusted sources must be checked • Implementation Rule 15 Check all user input for both form and content. In particular, check integer for values that are too big or too small, and check character data for length and valid characters. (check that a variable’s values are valid.) ◦ 6) Designing for validation Sometimes data cannot be validated completely. Implementation Rule 16 Create data structure and function in such a way that they can be validated. Design Principles and Common Security Related Programming Problems 18
  • 19. G) Improper Indivisibility Design Principles and Common Security Related Programming Problems 19 ◦ It arises when an operation is considered as one unit in the abstract but is implemented as two unit. ◦ Implementation Rule 17 If two operations must be performed sequentially without an intervening operation, use a mechanism to ensure that the two cannot be divided. H) Improper Sequencing ◦ Means that operations are performed in an incorrect order. ◦ Implementation Rule 18 Describe the legal sequences of operations on a resource or object. Check that all possible sequence of the programs involved match one legal sequences
  • 20. J)Improper choice of operand or operation Design Principles and Common Security Related Programming Problems 20 ◦ Preventing errors of choosing the wrong operand or operation requires that the algorithms be thought through carefully. ◦ Management Rule 8 Use software engineering and assurance techniques to ensure that operations are operands are appropriate.