Successfully reported this slideshow.
Your SlideShare is downloading. ×
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
Mnescot controls monitoring
Mnescot controls monitoring
Loading in …3
×

Check these out next

1 of 27 Ad
Advertisement

More Related Content

Similar to Security coding (20)

More from BITs Information Technology Consultants Co., Ltd. (10)

Advertisement

Security coding

  1. 1. 開發人員該知道? ·•資訊安全觀念 CIA ·•資訊安全策略 3A ·•環境設定與工具 ·•資安程式開發
  2. 2. Confidentiality ! Integrity ! Availability
  3. 3. Authentication ! Authorization ! Accounting
  4. 4. Secure Coding Guidelines • Avoid duplication • Restrict privileges • Establish trust boundaries • Minimize the number of permission checks • Encapsulate
  5. 5. Denial of Service • Release resources in all cases • "Zip bombs" • "Billion laughs attack" • "Log bombs" • Infinite loops: "Messages poison” • Resource limit checks should not suffer from integer overflow
  6. 6. Confidential Information • Purge sensitive information from exceptions • Do not log highly sensitive information • Consider purging highly sensitive from memory after use
  7. 7. Injection & Inclusion • Avoid dynamic SQL • SQL Injection • XML and HTML generation requires care • Cross Site Scripting(XSS) • Restrict XML inclusion • XML External Entity (XXE)
  8. 8. Accessibility & Extensibility • Limit the accessibility of classes, interfaces, methods, and fields. • Limit the accessibility of namespace. • Isolate unrelated code. • Limit the extensibility of classes and methods. • Understand how a superclass can affect subclass behavior.
  9. 9. Accessibility & Extensibility Reducing the "attack surface" of the code
  10. 10. Input Validation • Validate inputs • 有效值 • 特殊字元:URL / HTML / XML
  11. 11. Mutability • Prefer immutability for value types • Create copies of mutable output values • Make public static fields as constants • Do not expose mutable statics
  12. 12. Object Construction • Avoid exposing constructors of sensitive classes • Prevent the unauthorized construction of sensitive classes • Prevent constructors from calling methods that can be overridden
  13. 13. Serialization & Deserialization • Avoid serialization for security-sensitive classes • Guard sensitive data during serialization • View deserialization the same as object construction
  14. 14. Access Control • Understand how permissions are checked • Beware of callback (Lifecycle) methods • Callback methods are generally invoked from the system with FULL permissions • Be careful caching results of potentially privileged operations
  15. 15. Security Coding 涵蓋了? ·•Authentication & Authorization ·•Session & State management ·•Input & Output ·•File Handling ·•Error Handling ·•Auditing & Logging ·•Cryptography ·•Configuration
  16. 16. Application Logging Tips
  17. 17. 使⽤用適當⼯工具
  18. 18. 資訊分級 • ERROR • WARN • INFO • DEBUG • TRACE
  19. 19. 到底在Log啥? Debug.WriteLine("Returning orders: {0}", orders); if(MyLog.isDebugEnabled()){ MyLog.Debug("It's a secret!”); }
  20. 20. 避免副作⽤用! try { MyLog.Trace("Id=" + request.getUser().getId() ); MyLog.Trace("Accesses " + manager.getPage().getUrl().toString()); } catch(Exception e) { }
  21. 21. 簡潔描述! if(message is TextMessage) //... else MyLog.Warn("Unknown message type");
  22. 22. 精確調整輸出格式! 時戳 等級 程式名稱 訊息 {0:HH:mm:ss} {1} {2} {3}
  23. 23. 記錄⽅方法參數與回傳值! public String printDocument(Document doc, Mode mode) { MyLog.Debug("Entering printDocument(doc={0}, mode={1})", doc, mode); String id = //... MyLog.Debug("Leaving printDocument(): {0}", id); return id; }
  24. 24. 記錄例外狀況資訊! MyLog.Error("IO exception", e); throw new MyCustomException(e);
  25. 25. 易於解讀! MyLog.Debug("Request TTL set to: {0} ({1})", new DateTime(ttl), ttl); // Request TTL set to: Wed Apr 28 20:14:12 CEST 2010 (1272478452437) ! String duration = DurationFormatUtils.formatDurationWords(durationMillis, true, true); MyLog.Info("Importing took: {0}ms ({1})", durationMillis, duration); // Importing took: 123456789ms (1 day 10 hours 17 minutes 36 seconds)
  26. 26. Summary ·•Use for daily log or tracing ·•Audience ·•Easy to read ·•Easy to analysis ·•Will it cause error? ·•System performance issue
  27. 27. Why Secure Coding Training is Important? Cost% Cost%of%fixing%security%flaws%during%different%development%phases% Phases% Fixing&bugs&by&releasing&a&patch&costs&60&6mes&more&than&fixing&the&same&bug&during&the&design&stage.& Source:&h"p://www.auto.tuwien.ac.at0

×