The document discusses various aspects of program security including types of flaws, malicious code, and controls against threats. It describes different types of flaws such as buffer overflows, incomplete mediation, and time-of-check to time-of-use errors. Malicious code like viruses, trojan horses, and worms are also explained. Controls during software development include following principles of modularity, encapsulation, and information hiding. Techniques like code reviews and testing aim to identify and fix flaws to enhance program security.
This document presents SAVI (Static Analysis Vulnerability Indicator), a method for ranking the vulnerability of web applications using static analysis of source code. SAVI combines results from several static analysis tools and vulnerability databases to calculate a metric called Static Analysis Vulnerability Density (SAVD) for each application. The authors tested SAVI on several open source PHP applications and found SAVD correlated significantly with future vulnerability reports, indicating static analysis can help identify post-release vulnerabilities.
Socio-technical system: Essential characteristics of socio technical systems,
Emergent System Properties, Systems Engineering, Components of system such 9
as organization, people and computers.
Critical system: Types of critical system, A simple safety critical system, Availability and Reliability, Safety and Security of Software systems.
Requirements Engineering Processes: Feasibility study, Requirements elicitation and analysis, Requirements Validations.
System Models: Models and its types, Context Models, Behavioural Models,
Data Models, Object Models, Structured Methods.
The document provides an overview of software engineering, discussing what it is, why it is important, and key concepts like the software development lifecycle, processes, and models. It introduces software engineering as a way to build software in a controlled, predictable manner by giving control over functionality, quality, and resources. It also summarizes several software development process models like waterfall, evolutionary development, and spiral.
Unit 1-overview of software engineering arvind pandey
This document discusses key concepts in software engineering. It begins with definitions of software and software engineering. It then covers differences between software engineering and computer science/system engineering. Software processes and models are explained. Costs, methods, CASE tools, attributes of good software and challenges in the field are summarized. The document also discusses professional and ethical responsibilities of software engineers, including issues like confidentiality, competence, intellectual property and computer misuse. Finally, it outlines the eight principles of the ACM/IEEE Code of Ethics for software engineers.
Unit 2-software development process notes arvind pandey
Critical systems must be dependable to avoid catastrophic failures. Dependability encompasses availability, reliability, safety, and security. Availability refers to a system's ability to deliver services when requested, while reliability means delivering services correctly. Safety ensures excessive errors do not occur, as even one failure could endanger life. Development methods for critical systems aim to formally prove correctness due to high failure costs. An insulin pump example demonstrated how software controls a medical device, requiring stringent dependability to safely regulate insulin doses.
The document discusses three standards used for classifying vulnerabilities: CVE, CWE, and CVSS. CVE provides identifiers for known vulnerabilities. CWE defines common weakness types. CVSS provides a scoring system to assess vulnerability severity levels. The Heartbleed bug is used as an example, which is identified by CVE-2014-0160, classified under CWE-200 for information exposure, and given a CVSS score of 6.4.
The document discusses integrating software security into the software development lifecycle. It recommends addressing security as early as possible, including during the requirements phase by performing threat assessments and defining security requirements. During design, it suggests involving security experts, using threat modeling to understand risks, and implementing defenses like isolation, least privilege, and defense in depth. Throughout development and testing, it advises performing security reviews, testing, and activities to find and fix vulnerabilities before deployment.
This document presents SAVI (Static Analysis Vulnerability Indicator), a method for ranking the vulnerability of web applications using static analysis of source code. SAVI combines results from several static analysis tools and vulnerability databases to calculate a metric called Static Analysis Vulnerability Density (SAVD) for each application. The authors tested SAVI on several open source PHP applications and found SAVD correlated significantly with future vulnerability reports, indicating static analysis can help identify post-release vulnerabilities.
Socio-technical system: Essential characteristics of socio technical systems,
Emergent System Properties, Systems Engineering, Components of system such 9
as organization, people and computers.
Critical system: Types of critical system, A simple safety critical system, Availability and Reliability, Safety and Security of Software systems.
Requirements Engineering Processes: Feasibility study, Requirements elicitation and analysis, Requirements Validations.
System Models: Models and its types, Context Models, Behavioural Models,
Data Models, Object Models, Structured Methods.
The document provides an overview of software engineering, discussing what it is, why it is important, and key concepts like the software development lifecycle, processes, and models. It introduces software engineering as a way to build software in a controlled, predictable manner by giving control over functionality, quality, and resources. It also summarizes several software development process models like waterfall, evolutionary development, and spiral.
Unit 1-overview of software engineering arvind pandey
This document discusses key concepts in software engineering. It begins with definitions of software and software engineering. It then covers differences between software engineering and computer science/system engineering. Software processes and models are explained. Costs, methods, CASE tools, attributes of good software and challenges in the field are summarized. The document also discusses professional and ethical responsibilities of software engineers, including issues like confidentiality, competence, intellectual property and computer misuse. Finally, it outlines the eight principles of the ACM/IEEE Code of Ethics for software engineers.
Unit 2-software development process notes arvind pandey
Critical systems must be dependable to avoid catastrophic failures. Dependability encompasses availability, reliability, safety, and security. Availability refers to a system's ability to deliver services when requested, while reliability means delivering services correctly. Safety ensures excessive errors do not occur, as even one failure could endanger life. Development methods for critical systems aim to formally prove correctness due to high failure costs. An insulin pump example demonstrated how software controls a medical device, requiring stringent dependability to safely regulate insulin doses.
The document discusses three standards used for classifying vulnerabilities: CVE, CWE, and CVSS. CVE provides identifiers for known vulnerabilities. CWE defines common weakness types. CVSS provides a scoring system to assess vulnerability severity levels. The Heartbleed bug is used as an example, which is identified by CVE-2014-0160, classified under CWE-200 for information exposure, and given a CVSS score of 6.4.
The document discusses integrating software security into the software development lifecycle. It recommends addressing security as early as possible, including during the requirements phase by performing threat assessments and defining security requirements. During design, it suggests involving security experts, using threat modeling to understand risks, and implementing defenses like isolation, least privilege, and defense in depth. Throughout development and testing, it advises performing security reviews, testing, and activities to find and fix vulnerabilities before deployment.
The document discusses technical vulnerability management and outlines the key steps in the NIST Risk Management Framework that include vulnerability analysis. It also covers establishing an effective Patch and Vulnerability Group to monitor for vulnerabilities, prioritize remediation, and deploy patches. Finally, it provides examples of different types of vulnerability analysis tools including network scanners, host scanners, and web application scanners.
Organizations are increasingly incorporating security practices into the software development lifecycle (SDLC) to improve security and reduce expensive post-release fixes. The SDLC stages now include considering security in requirements, defining security parameters in design, building with security controls, and conducting penetration testing. Implementing a secure SDLC brings security practices into software development from the beginning to prevent vulnerabilities and ensure compliance with standards.
Fuzzing101: Unknown vulnerability management for TelecommunicationsCodenomicon
This document summarizes a webinar about fuzzing and unknown vulnerability management for telecommunications. The webinar was presented by Juha-Matti Tirilä and Tero Rontti from Codenomicon and covered topics like the growing complexity and attack vectors in telecommunications, definitions of fuzzing and different fuzzing techniques, challenges with vulnerability management, and a case study on fuzzing MPEG2-TS files. The goal of unknown vulnerability management is to have a framework for applying proper security testing procedures to identify vulnerabilities before they are discovered and exploited.
Secure by design and secure software developmentBill Ross
This secure lifecycle management process (SLCMP said slickum) defines the basic and most realistic way to develop secure software. While the briefing is a bit dated slide 34 is still a very relevant process. What is below the green line is the security dynamic process that happens supporting the basic development process seen above the green line. SLCMP is supported by building a complementary and excellent information risk framework system security plan or IRASSP. SLCMP is operationally deployed.
The Security Vulnerability Assessment Process & Best PracticesKellep Charles
Conducting regular security assessments on the organizational network and computer systems has become a vital part of protecting information-computing assets. Security assessments are a proactive and offensive posture towards information security as compared to the traditional reactive and defensive stance normally implemented with the use of Access Control-Lists (ACLs) and firewalls.
Too effectively conduct a security assessment so it is beneficial to an organization, a proven methodology must be followed so the assessors and assesses are on the same page.
This presentation will evaluate the benefits of credential scanning, scanning in a virtual environment, distributed scanning as well as vulnerability management.
Ian Sommerville, Software Engineering, 9th Edition Ch 4Mohammed Romi
The document discusses requirements engineering and summarizes key topics covered in Chapter 4, including:
- The importance of specifying both functional and non-functional requirements. Non-functional requirements place constraints on system functions and development process.
- The software requirements specification document defines what the system must do and includes both user and system requirements. It should not describe how the system will be implemented.
- Requirements engineering involves eliciting, analyzing, validating and managing requirements throughout the development lifecycle. Precise, complete and consistent requirements are important for development.
Learn about threat modeling from our CTO and co-creator of the DREAD threat modeling classification, Jason Taylor. Understand more about what threat modeling is, dive into real life examples, and use techniques you can leverage at every phase of the SDLC.
Covers security and privacy issues for software product developers including attacks and defenses, encryption, authentication, authorisation and data protection
This document discusses software security engineering. It covers security concepts like assets, vulnerabilities and threats. It discusses why security engineering is important to protect systems from malicious attackers. The document outlines security risk management processes like preliminary risk assessment. It also discusses designing systems for security through architectural choices that provide protection and distributing assets. The document concludes by covering system survivability through building resistance, recognition and recovery capabilities into systems.
This document discusses implementing a secure software development lifecycle (SDLC). It emphasizes building security into software from the start rather than adding it later. The summary is:
The document outlines a secure SDLC process involving defining security requirements, designing for security, implementing secure coding practices, testing software security, and ongoing security monitoring. It notes that software security is a shared responsibility and discusses challenges like team pushback and measuring security benefits. The document also presents a case study of a company that implemented a secure SDLC process to address client security issues and prevent future problems.
The document discusses reducing security risks for small businesses through vulnerability assessments. It notes that small businesses are increasingly targeted by hackers. A vulnerability assessment includes a one-time scan of a business's security exposure across devices on its network to identify issues like out-of-date software. The assessment provides a report on findings prioritized by risk level and recommendations to remedy problems to help businesses strengthen their security before facing attacks.
Integrating security into the development of an application or software is necessary to decrease its risk of susceptibility to attacks and exploits. Traditional methods of security testing were performed on a finished product. However, with the rise in the intensity and the number of attack vectors, it has become necessary for organizations to include it as a part of every phase of an SDLC.
Is your application system process facing problem? With the help of System-level analysis you can save your application from failures at different levels. It analyzes how the components are interacting at multiple layers & technologies. Keep your system efficient and secure.
This document summarizes key topics from a lecture on security engineering:
1. It discusses security engineering and management, risk assessment, and designing systems for security. Application security focuses on design while infrastructure security is a management problem.
2. It outlines guidelines for secure system design including basing decisions on security policies, avoiding single points of failure, balancing security and usability, validating all inputs, and designing for deployment and recoverability.
3. It also covers risk management, assessing threats, and designing architectures with layered protection and distributed assets to minimize the effects of attacks.
This document provides an introduction to the concepts of software security. It discusses how security vulnerabilities in software can enable attacks. The goals of the course are explained as helping students understand the nature of software security vulnerabilities, principles of secure software development, and techniques for security testing, analysis, and prevention of vulnerabilities. The lecture topics are outlined and assignments are described, including threat modeling, security policy design, and analyzing buffer overflow attacks and web application vulnerabilities.
This document discusses network security and provides information on key security concepts. It covers prevention, detection, and response as the foundation of security. Integrity, confidentiality, availability, and authentication are discussed in detail. The document emphasizes that network security is as much about business processes and policies as technical controls. Overall prevention is the most important and cost-effective approach to security. Detection and response procedures should also be established in case preventative controls fail.
The document provides guidance on creating a business case for software security initiatives by estimating costs and benefits. It discusses estimating failure costs from vulnerabilities versus assumption costs of security measures. Metrics like the vulnerability lifecycle and maturity models can demonstrate security improvements. The business case should quantify risk reduction through qualitative and quantitative analysis to show initiatives are cost-beneficial.
These are slides from local security chapters meetup, Here I tried to explain the challenges in appsec and complete framework for different life cycle of secure software development cycle
Antivirus software uses techniques like malware signatures, system monitoring, and machine learning to detect and remove viruses, malware, and other threats from computers. Key types include boot sector viruses, web scripting viruses, browser hijackers, and macro viruses. Popular antivirus programs provide multiple layers of protection through features like encryption, data backup, password security, and firewalls. 360 Total Security is an antivirus program that employs engines from Bitdefender and Avira to detect threats through heuristics and cloud-based scanning. It protects against risks like ransomware and unauthorized webcam access.
This document discusses endpoint security and the limitations of antivirus software. It notes that 60-70% of malware goes undetected by antiviruses and that attackers have sophisticated methods to avoid detection. 90% of attacks exploit vulnerabilities or misconfigurations in systems. The document then promotes an endpoint security product called saner that aims to prevent attacks by proactively fixing vulnerabilities and misconfigurations. It claims saner reduces the attack surface, ensures compliance, and lowers costs compared to traditional vulnerability assessment products.
The document discusses technical vulnerability management and outlines the key steps in the NIST Risk Management Framework that include vulnerability analysis. It also covers establishing an effective Patch and Vulnerability Group to monitor for vulnerabilities, prioritize remediation, and deploy patches. Finally, it provides examples of different types of vulnerability analysis tools including network scanners, host scanners, and web application scanners.
Organizations are increasingly incorporating security practices into the software development lifecycle (SDLC) to improve security and reduce expensive post-release fixes. The SDLC stages now include considering security in requirements, defining security parameters in design, building with security controls, and conducting penetration testing. Implementing a secure SDLC brings security practices into software development from the beginning to prevent vulnerabilities and ensure compliance with standards.
Fuzzing101: Unknown vulnerability management for TelecommunicationsCodenomicon
This document summarizes a webinar about fuzzing and unknown vulnerability management for telecommunications. The webinar was presented by Juha-Matti Tirilä and Tero Rontti from Codenomicon and covered topics like the growing complexity and attack vectors in telecommunications, definitions of fuzzing and different fuzzing techniques, challenges with vulnerability management, and a case study on fuzzing MPEG2-TS files. The goal of unknown vulnerability management is to have a framework for applying proper security testing procedures to identify vulnerabilities before they are discovered and exploited.
Secure by design and secure software developmentBill Ross
This secure lifecycle management process (SLCMP said slickum) defines the basic and most realistic way to develop secure software. While the briefing is a bit dated slide 34 is still a very relevant process. What is below the green line is the security dynamic process that happens supporting the basic development process seen above the green line. SLCMP is supported by building a complementary and excellent information risk framework system security plan or IRASSP. SLCMP is operationally deployed.
The Security Vulnerability Assessment Process & Best PracticesKellep Charles
Conducting regular security assessments on the organizational network and computer systems has become a vital part of protecting information-computing assets. Security assessments are a proactive and offensive posture towards information security as compared to the traditional reactive and defensive stance normally implemented with the use of Access Control-Lists (ACLs) and firewalls.
Too effectively conduct a security assessment so it is beneficial to an organization, a proven methodology must be followed so the assessors and assesses are on the same page.
This presentation will evaluate the benefits of credential scanning, scanning in a virtual environment, distributed scanning as well as vulnerability management.
Ian Sommerville, Software Engineering, 9th Edition Ch 4Mohammed Romi
The document discusses requirements engineering and summarizes key topics covered in Chapter 4, including:
- The importance of specifying both functional and non-functional requirements. Non-functional requirements place constraints on system functions and development process.
- The software requirements specification document defines what the system must do and includes both user and system requirements. It should not describe how the system will be implemented.
- Requirements engineering involves eliciting, analyzing, validating and managing requirements throughout the development lifecycle. Precise, complete and consistent requirements are important for development.
Learn about threat modeling from our CTO and co-creator of the DREAD threat modeling classification, Jason Taylor. Understand more about what threat modeling is, dive into real life examples, and use techniques you can leverage at every phase of the SDLC.
Covers security and privacy issues for software product developers including attacks and defenses, encryption, authentication, authorisation and data protection
This document discusses software security engineering. It covers security concepts like assets, vulnerabilities and threats. It discusses why security engineering is important to protect systems from malicious attackers. The document outlines security risk management processes like preliminary risk assessment. It also discusses designing systems for security through architectural choices that provide protection and distributing assets. The document concludes by covering system survivability through building resistance, recognition and recovery capabilities into systems.
This document discusses implementing a secure software development lifecycle (SDLC). It emphasizes building security into software from the start rather than adding it later. The summary is:
The document outlines a secure SDLC process involving defining security requirements, designing for security, implementing secure coding practices, testing software security, and ongoing security monitoring. It notes that software security is a shared responsibility and discusses challenges like team pushback and measuring security benefits. The document also presents a case study of a company that implemented a secure SDLC process to address client security issues and prevent future problems.
The document discusses reducing security risks for small businesses through vulnerability assessments. It notes that small businesses are increasingly targeted by hackers. A vulnerability assessment includes a one-time scan of a business's security exposure across devices on its network to identify issues like out-of-date software. The assessment provides a report on findings prioritized by risk level and recommendations to remedy problems to help businesses strengthen their security before facing attacks.
Integrating security into the development of an application or software is necessary to decrease its risk of susceptibility to attacks and exploits. Traditional methods of security testing were performed on a finished product. However, with the rise in the intensity and the number of attack vectors, it has become necessary for organizations to include it as a part of every phase of an SDLC.
Is your application system process facing problem? With the help of System-level analysis you can save your application from failures at different levels. It analyzes how the components are interacting at multiple layers & technologies. Keep your system efficient and secure.
This document summarizes key topics from a lecture on security engineering:
1. It discusses security engineering and management, risk assessment, and designing systems for security. Application security focuses on design while infrastructure security is a management problem.
2. It outlines guidelines for secure system design including basing decisions on security policies, avoiding single points of failure, balancing security and usability, validating all inputs, and designing for deployment and recoverability.
3. It also covers risk management, assessing threats, and designing architectures with layered protection and distributed assets to minimize the effects of attacks.
This document provides an introduction to the concepts of software security. It discusses how security vulnerabilities in software can enable attacks. The goals of the course are explained as helping students understand the nature of software security vulnerabilities, principles of secure software development, and techniques for security testing, analysis, and prevention of vulnerabilities. The lecture topics are outlined and assignments are described, including threat modeling, security policy design, and analyzing buffer overflow attacks and web application vulnerabilities.
This document discusses network security and provides information on key security concepts. It covers prevention, detection, and response as the foundation of security. Integrity, confidentiality, availability, and authentication are discussed in detail. The document emphasizes that network security is as much about business processes and policies as technical controls. Overall prevention is the most important and cost-effective approach to security. Detection and response procedures should also be established in case preventative controls fail.
The document provides guidance on creating a business case for software security initiatives by estimating costs and benefits. It discusses estimating failure costs from vulnerabilities versus assumption costs of security measures. Metrics like the vulnerability lifecycle and maturity models can demonstrate security improvements. The business case should quantify risk reduction through qualitative and quantitative analysis to show initiatives are cost-beneficial.
These are slides from local security chapters meetup, Here I tried to explain the challenges in appsec and complete framework for different life cycle of secure software development cycle
Antivirus software uses techniques like malware signatures, system monitoring, and machine learning to detect and remove viruses, malware, and other threats from computers. Key types include boot sector viruses, web scripting viruses, browser hijackers, and macro viruses. Popular antivirus programs provide multiple layers of protection through features like encryption, data backup, password security, and firewalls. 360 Total Security is an antivirus program that employs engines from Bitdefender and Avira to detect threats through heuristics and cloud-based scanning. It protects against risks like ransomware and unauthorized webcam access.
This document discusses endpoint security and the limitations of antivirus software. It notes that 60-70% of malware goes undetected by antiviruses and that attackers have sophisticated methods to avoid detection. 90% of attacks exploit vulnerabilities or misconfigurations in systems. The document then promotes an endpoint security product called saner that aims to prevent attacks by proactively fixing vulnerabilities and misconfigurations. It claims saner reduces the attack surface, ensures compliance, and lowers costs compared to traditional vulnerability assessment products.
Information security software security presentation.pptxsalutiontechnology
This document discusses software security. It defines software security as practices that help protect applications from attackers by incorporating security techniques into development. It explains why software security is important for protecting critical data and system vulnerabilities. It also lists common software security vulnerabilities like bugs, data exposure, and injection flaws. The document outlines major security concerns like phishing, DDoS attacks, and supply chain attacks. It discusses tools for software security testing and best practices like access control, encryption, authentication, and employee training.
Symantec propone un'analisi approfondita sui Rogue Security Software. I RSS sono applicazioni fasulle che fingono di fornire servizi di tutela della sicurezza informatica ma che, al contrario, hanno come obiettivo quello di installare dei codici maligni che compromettono la sicurezza generale della macchina.
Panoramica - Rischi - Principali modalità di diffusione e distribuzione.
Il periodo di osservazione va da luglio 2008 a giugno 2009.
Vulnerabilities refer to flaws in a system that can be exploited by attackers. Software vulnerabilities are defects that allow attackers to gain control of systems by stealing or manipulating data. Zero-day vulnerabilities are unknown flaws without available patches, making them very dangerous for attackers to exploit. Vulnerability scanning tools inspect systems for vulnerabilities, while proper patch management is needed to fix bugs and remove vulnerabilities. Weak host configurations like default settings, open ports and unsecured accounts also pose threats. Supply chain risks include compromised third-party software and vulnerability in supplier systems. Strong security practices and certification are needed across all organizations and suppliers to minimize cyber attacks.
The document provides an overview of software security best practices. It emphasizes that security must be considered from the beginning of the development process and throughout. It discusses assessing risks, creating threat models to identify potential vulnerabilities, and using secure coding techniques and built-in security features to mitigate risks. Tools can help detect security issues during testing. The document covers topics like authentication, authorization, encryption, hashing and various Apple security features.
It's Your Move: The Changing Game of Endpoint SecurityLumension
The document discusses challenges in modern endpoint security and strategies to address them. It outlines how attackers have changed their tactics to take advantage of outdated defenses. The key moves discussed to regain control include implementing defense-in-depth endpoint security, shifting to trust-based security focused on preventing execution rather than detection, focusing on operational basics like patching and asset management, and managing devices to limit local admin risks and unwanted applications. It also provides an example of how one company addressed their security issues by implementing the Lumension Endpoint Management and Security Suite.
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to the public.
Many organizations do not realize that a vulnerable system connected to the enterprise network potentially puts the entire organization to risk by being an easy target for cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in endpoint systems. However, they do not take the next step to remove the vulnerabilities.
Read this whitepaper to know how SecPod's Saner ensures enterprise security by remediating vulnerabilities in the endpoints. Saner is a light-weight, enterprise grade, scalable solution that hardens your systems; providing protection from malware & security threats
This document discusses computer security and provides information on various topics related to protecting computers and networks. It defines computer security as a set of actions, tools, and devices that provide integrity, confidentiality, and availability. It discusses active security techniques like using strong passwords and encryption. It also discusses passive security like hardware protection and backing up data. The document outlines various types of malware like viruses, worms, spies, and Trojans. It provides information on computer security software like antivirus and firewall programs. It concludes with recommendations for web security and examples of recent cybersecurity news.
This document discusses computer security and provides information on various topics related to it. It begins by defining computer security as a set of actions, tools, and devices that provide integrity, confidentiality, and availability of a computer system. It then discusses active security techniques like using strong passwords and encryption. Malware threats like viruses, worms, Trojans, and spyware are explained. The document also covers computer security software like antivirus and firewall programs, as well as hardware. It concludes by providing tips for safe web browsing and smartphone use, and highlights recent news about cyberattacks.
Recent studies have shown that 90% of security breaches involve a software vulnerability caused by a missing patch – even if the patch is made available to public.
Most organisations do not realise that a vulnerable system connected to the enterprise network potentially puts the entire organisation to risk by being easy targets of cyber-attacks. Many service providers scan the network and provide a comprehensive report of the vulnerabilities existing in the end point systems. However, they do not take the next step of removing these vulnerabilities.
Read this whitepaper to know how Saner ensures enterprise security by remediating vulnerabilities in the endpoints.
This document discusses the importance of vulnerability management programs for organizations. It explains that connecting to the global internet exposes networks to threats from cybercriminals who can exploit vulnerabilities to break into networks and steal proprietary information. An effective vulnerability management program involves continuously monitoring networks to identify vulnerabilities and address them. The document outlines some key aspects of vulnerability management programs such as defining vulnerabilities, setting the scope, identifying options for management, and best practices.
This document discusses application security testing and provides recommendations for a comprehensive testing plan. It begins by outlining common application security vulnerabilities like injection flaws, cross-site scripting, and sensitive data exposure. It then recommends using tools like vulnerability scanning, threat modeling, code analysis, and penetration testing to test for vulnerabilities. The document concludes by describing how to test for issues in specific areas like authentication, authorization, data validation, and payment processing.
Ransomware is a type of malware that encrypts a victim's files and demands ransom payment in order to decrypt the files. It infects devices through vulnerabilities and techniques like phishing emails. Once installed, it maps and encrypts files before displaying a ransom note. Victims can protect themselves by backing up data, patching systems, and using antivirus software.
Keyloggers record keyboard inputs to steal credentials and sensitive information. They can be installed through malicious websites or applications. Users should verify email and website legitimacy, use strong unique passwords, and avoid entering information on public devices. Antivirus software and firewalls can help prevent keylogging.
Rootkits are difficult to detect malware that gains control of systems
Malware is a worldwide pandemic. It is designed to damage computer systems without
the knowledge of the owner using the system. Software‟s from reputable vendors also contain
malicious code that affects the system or leaks information‟s to remote servers. Malware‟s includes
computer viruses, spyware, dishonest ad-ware, rootkits, Trojans, dialers etc. Malware detectors are
the primary tools in defense against malware. The quality of such a detector is determined by the
techniques it uses. It is therefore imperative that we study malware detection techniques and
understand their strengths and limitations. This survey examines different types of Malware and
malware detection methods.
Cscu module 03 protecting systems using antivirusesAlireza Ghahrood
The document discusses the growing demand for antivirus software in the Northern region of India. It notes that the increased use of networks and the internet has allowed computer viruses to spread more rapidly. A number of antivirus vendors are releasing regular updates to their software to keep up with new malicious threats. The article examines how antivirus vendors are performing in the Northern region market, which segments are growing, and the future outlook of the antivirus technology industry.
This document discusses various security issues related to computer systems and networks. It covers authentication methods, threats like Trojan horses and viruses, intrusion detection techniques, and encryption standards. It also describes security classifications from the Department of Defense and how Windows NT implements configurable security policies ranging from minimal to discretionary protection.
This document discusses various security issues related to computer systems and networks. It covers authentication methods, threats like Trojan horses and viruses, intrusion detection techniques, and encryption standards. It also describes security classifications used by the Department of Defense and security features in Windows NT.
This document discusses various security issues related to computer systems and networks. It covers authentication methods, threats like Trojan horses and viruses, intrusion detection techniques, and encryption standards. It also describes security classifications used by the Department of Defense and security features in Windows NT.
The document discusses various types of program security issues including:
1) Buffer overflow errors which occur when a program tries to store more data in a buffer than it was designed for, potentially allowing attackers to insert malicious code.
2) Incomplete mediation where programs do not properly check all user inputs, enabling attacks such as changing price values.
3) Time-of-check to time-of-use errors where access checks become out of date due to delays between the check and actual use.
Similar to IT6701-Information Management Unit 2 (20)
Cs8092 computer graphics and multimedia unit 5SIMONTHOMAS S
This document discusses multimedia authoring tools and techniques. It covers several topics:
1. Types of multimedia authoring tools including card/page based tools, icon based tools, and time based tools. Popular examples are discussed.
2. Key features and capabilities of authoring tools including editing, programming, interactivity, playback, delivery, and project organization.
3. Authoring system metaphors like hierarchical, flow control, and different technologies focused on like hypermedia.
4. Considerations for multimedia production, presentation, and automatic authoring. Professional development tools are also outlined.
Cs8092 computer graphics and multimedia unit 4SIMONTHOMAS S
This document provides an overview of multimedia system design and multimedia file handling. It discusses multimedia basics and system architecture. Key topics covered include defining objects for multimedia systems, multimedia data interface standards, compression and decompression, data and file format standards, and multimedia I/O technologies. It also examines digital voice and audio, video, image and animation, and full motion video. Storage and retrieval technologies are also mentioned.
Cs8092 computer graphics and multimedia unit 3SIMONTHOMAS S
The document discusses various methods for representing 3D objects in computer graphics, including polygon meshes, curved surfaces defined by equations or splines, and sweep representations. It also covers 3D transformations like translation, rotation, and scaling. Key representation methods discussed are polygonal meshes, NURBS curves and surfaces, and extruded and revolved shapes. Transformation operations covered are translation using addition of a offset vector, and rotation using a rotation matrix.
Cs8092 computer graphics and multimedia unit 2SIMONTHOMAS S
This document discusses two-dimensional graphics transformations and matrix representations. It covers topics such as translation, rotation, scaling, reflections, shearing, and representing composite transformations using matrix multiplication. Homogeneous coordinates are also introduced as a way to represent 2D points using 3-dimensional vectors and matrices for transformations.
Cs8092 computer graphics and multimedia unit 1SIMONTHOMAS S
This document discusses illumination models and color models in computer graphics. It begins by introducing illumination models which determine the perceived color and intensity at points on a surface given lighting conditions. It then covers various lighting models including point light sources, damping of light intensity over distance, and the Phong illumination model for specular reflection. It also discusses surface illumination factors like reflection, transmission and absorption of light. Basic illumination models are presented combining ambient, diffuse and specular reflection. The document concludes by covering rendering of polygons using constant, Gouraud and Phong shading to interpolate colors across surfaces.
Take minutes, post minutes, track action items
Responsible for inter-group communication
Liaison with other teams
Coordinate interfaces
Responsible for quality of work products
Enforce standards and guidelines
Review work products before delivery
Responsible for team motivation and morale
Responsible for resource allocation within the team
Responsible for risk management within the team
Responsible for scope management within the team
Responsible for schedule management within the team
Responsible for budget management within the team
Responsible for configuration management within the team
The document discusses the project management process and inspection process. It provides details on the typical roles and responsibilities of a project manager, including planning, monitoring, communication facilitation, and postmortem analysis. It also outlines the steps for risk management, including identification, analysis, planning, and review. Finally, it describes the inspection process for reviewing work products, including planning, individual review, group review meetings, rework, and roles like moderator and scribe.
This document discusses risk management concepts including risk assessment, prioritization, and planning. It provides formulas for calculating risk exposure based on potential damage and probability of occurrence. It also includes qualitative descriptors for probability and impact levels and introduces a probability-impact matrix for risk analysis. Finally, it outlines different approaches for dealing with risks, such as acceptance, avoidance, reduction, transfer, and mitigation.
The document discusses various software project life cycle models and cost estimation techniques. It begins by describing agile methods like Scrum and Extreme Programming that emphasize iterative development, communication, and customer involvement. It then covers traditional models like waterfall and incremental development. Key estimation techniques discussed include function points, COCOMO, and analogy-based estimation. The document provides details on calculating sizes and estimating effort for different models.
The document discusses software project management activities and methodologies. It describes the typical activities covered in project management, including feasibility studies, planning, execution, and the software development life cycle. The software development life cycle includes requirements analysis, architecture design, coding and testing, integration, qualification testing, installation, and acceptance support. The document also discusses plans, methods, and methodologies, categorizing different types of projects, and identifying stakeholders.
The document discusses data retention policies and handling of confidential and sensitive data. It provides details on:
1) Data retention policies - their purpose, requirements, scope and how they are managed. Different retention periods are defined depending on the type of data.
2) Laws and regulations around data retention in India, particularly for telecommunication companies. Specific requirements for retaining call detail records, network logs, and other subscriber information are outlined.
3) Types of sensitive data, including personal, business, and classified information. Guidelines for properly handling sensitive data through access policies, authentication, training, and other security practices.
The document discusses principles of information architecture and its framework. It describes the responsibilities of information architects in collecting information from various sources, organizing large amounts of data on websites, understanding user needs, and testing user experiences. It also defines different dimensions of information architecture including contents, context, users. Components of information architecture discussed include labeling systems, navigation systems, organization systems, and searching systems.
The document discusses master data management (MDM) including its definition, need, and implementation process. MDM aims to create and maintain consistent and accurate master data across systems. It discusses key aspects like the different types of data, MDM architecture styles, and domains. The implementation involves identifying data sources, developing data models, deploying tools, and maintaining processes to manage master data effectively.
The document discusses IT6701 - Information Management, which covers topics such as database modeling, management and development, information governance, and information architecture. It describes objectives, units, database design, data modeling, entity relationship models, normalization, Java database connectivity, stored procedures, and big data technologies including Hadoop, HDFS, MapReduce, Hive and enhancements.
Quick sort is an internal sorting technique that uses the divide and conquer approach. It works by picking a pivot element and partitioning the array so that elements less than the pivot are moved left and greater elements right. The pivot is placed in its correct position, then quick sort is recursively applied to the left and right subarrays. It has a best case of O(n log n) and average case of O(n log n), but worst case of O(n^2).
Breadth first traversal (BFS) is a graph traversal algorithm that begins at a starting node and explores all neighboring nodes at the present distance from the node before proceeding to nodes at the next distance. It uses a queue to keep track of nodes to visit at each level. The key steps are to enqueue the starting node, dequeue nodes and enqueue any unvisited neighbors, repeating until the queue is empty. BFS can be used to check if a graph is connected or not. Depth first search (DFS) recursively explores as far as possible along each branch before backtracking. It involves marking the starting node visited, recursively searching adjacent unvisited nodes, and marking nodes visited along the way.
Binary search trees have nodes where the left child is less than the root node and the right child is greater than the root. Nodes are inserted by traversing the tree recursively to find an empty spot. Values are found by checking and traversing left or right based on whether the value is less than or greater than the current node. Minimum and maximum values are found by traversing all the way left or right. Nodes are deleted by checking if they have 0, 1, or 2 children and adjusting pointers accordingly or replacing with a child node.
The document defines and describes a stack data structure. A stack follows LIFO (last in, first out) and FILO (first in, last out) principles. Elements can be inserted using push and deleted using pop. Stacks have only one end for insertion/deletion and can be implemented using arrays or linked lists. The document provides code examples to implement stacks using arrays and linked lists and describes some applications of stacks like evaluating expressions and balancing symbols.
This document discusses using linked lists to represent polynomials and perform operations like addition and subtraction on them. It also discusses radix sort, which sorts integers based on their digits, and multi-linked lists, which have multiple links between nodes allowing for multiple lists to be embedded in a single data structure. Linked lists allow storing polynomial terms with coefficient and power, and traversing the lists to add/subtract terms with the same power and output a new polynomial list. Radix sort requires multiple passes equal to the largest number's digits to sort based on each digit place value. Multi-lists generalize linked lists by having nodes with multiple pointers connecting separate embedded lists.
This document discusses structures in C programming. It defines a structure as a collection of variables under a single name that provides a way to group related data. Structures allow heterogeneous data of different types to be stored together. The document covers defining and declaring structure types and variables, initializing structure members, using pointers to structures, and aggregate and segregate operations on structures like accessing members and taking the address of a structure.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
A review on techniques and modelling methodologies used for checking electrom...nooriasukmaningtyas
The proper function of the integrated circuit (IC) in an inhibiting electromagnetic environment has always been a serious concern throughout the decades of revolution in the world of electronics, from disjunct devices to today’s integrated circuit technology, where billions of transistors are combined on a single chip. The automotive industry and smart vehicles in particular, are confronting design issues such as being prone to electromagnetic interference (EMI). Electronic control devices calculate incorrect outputs because of EMI and sensors give misleading values which can prove fatal in case of automotives. In this paper, the authors have non exhaustively tried to review research work concerned with the investigation of EMI in ICs and prediction of this EMI using various modelling methodologies and measurement setups.
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMSIJNSA Journal
The smart irrigation system represents an innovative approach to optimize water usage in agricultural and landscaping practices. The integration of cutting-edge technologies, including sensors, actuators, and data analysis, empowers this system to provide accurate monitoring and control of irrigation processes by leveraging real-time environmental conditions. The main objective of a smart irrigation system is to optimize water efficiency, minimize expenses, and foster the adoption of sustainable water management methods. This paper conducts a systematic risk assessment by exploring the key components/assets and their functionalities in the smart irrigation system. The crucial role of sensors in gathering data on soil moisture, weather patterns, and plant well-being is emphasized in this system. These sensors enable intelligent decision-making in irrigation scheduling and water distribution, leading to enhanced water efficiency and sustainable water management practices. Actuators enable automated control of irrigation devices, ensuring precise and targeted water delivery to plants. Additionally, the paper addresses the potential threat and vulnerabilities associated with smart irrigation systems. It discusses limitations of the system, such as power constraints and computational capabilities, and calculates the potential security risks. The paper suggests possible risk treatment methods for effective secure system operation. In conclusion, the paper emphasizes the significant benefits of implementing smart irrigation systems, including improved water conservation, increased crop yield, and reduced environmental impact. Additionally, based on the security analysis conducted, the paper recommends the implementation of countermeasures and security approaches to address vulnerabilities and ensure the integrity and reliability of the system. By incorporating these measures, smart irrigation technology can revolutionize water management practices in agriculture, promoting sustainability, resource efficiency, and safeguarding against potential security threats.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
ACEP Magazine edition 4th launched on 05.06.2024Rahul
This document provides information about the third edition of the magazine "Sthapatya" published by the Association of Civil Engineers (Practicing) Aurangabad. It includes messages from current and past presidents of ACEP, memories and photos from past ACEP events, information on life time achievement awards given by ACEP, and a technical article on concrete maintenance, repairs and strengthening. The document highlights activities of ACEP and provides a technical educational article for members.
2. UNIT II DATA SECURITY AND
PRIVACY
• Program Security, Malicious code and controls
against threats; OS level protection; Security –
Firewalls, Network Security Intrusion
detection systems. Data Privacy principles.
Data Privacy Laws and compliance.
3. Introduction
• to devise ways to prevent the weaknesses from being
exploited.
• Aspects:
– Confidentiality - accessed only by authorized parties.
(privacy)
– Integrity - assets can be modified only by authorized parties
or only in authorized ways.
– Availability - accessible to authorized parties at appropriate
times
4. Introduction
• Security related terms:
– Computer Security : collection of tools designed to
protect data.
– Network Security: to protect data during
transmission
– Internet Security: to protect data during
transmission over a collection of inter-connected
networks.
– Data Security: preventing data from theft.
5. Program Security
• How do we keep programs free from flaws?
• How do we protect computing resources
against programs that contain flaws?
larger issue in program security - Trust
6. Program Security
security implies some degree of trust that the
program enforces expected confidentiality,
integrity, and availability.
to assess security - to ask people to name the
characteristics of software that contribute to
its overall security.
7. Program Security
Fixing Faults:
Bug: a mistake in interpreting a requirement, a
syntax error in a piece of code, or the (as-yet-
unknown) cause of a system crash.
Error: When a human makes a mistake.
the error may lead to a fault, or an incorrect step,
command, process, or data definition in a
computer program.
8. Program Security
Fixing Faults:
Failure: a departure from the system's required
behavior.
a fault is an inside view of the system, as seen by
the eyes of the developers, whereas a failure is an
outside view: a problem that the user sees.
9. Program Security
Fixing Faults:
Penetrate and Patch:
searched for and repaired faults.
the patch efforts were largely useless, making the
system less secure rather than more secure because
they frequently introduced new faults.
10. Program Security
Fixing Faults:
Reasons:
The pressure to repair a specific problem encouraged a
narrow focus on the fault itself and not on its context.
The fault often had nonobvious side effects in places
other than the immediate area of the fault.
Fixing one problem often caused a failure somewhere
else.
The fault could not be fixed properly because system
functionality or performance would suffer as a
consequence.
11. Program Security
Unexpected Behavior:
programs to see whether they behave as their
designers intended or users expected – Program
security flaws.
A flaw can be either a fault or failure, and a
vulnerability usually describes a class of flaws,
such as a buffer overflow.
12. Program Security
Unexpected Behavior:
Program security flaws can derive from any kind
of software fault.
a misunderstanding of program requirements to a
one-character error in coding or even typing
13. Program Security
Types of flaws:
Intentional flaws (harmful)
Malicious flaws
Non- Malicious flaws (not very serious)
14. Program Security
Types of flaws:
Inadvertent flaws:
validation error (incomplete or inconsistent): permission
checks
domain error: controlled access to data
serialization and aliasing: program flow order
inadequate identification and authentication: basis for
authorization
boundary condition violation: failure on first or last case
other exploitable logic errors
15. Program Security
Types of flaws: Non- Malicious flaws (not
very serious)
Buffer Overflows:
A buffer (or array or string) is a space in which data can
be held.
Example: char sample[10];
16. Program Security
Buffer Overflows:
First two only effect the
user.
Malicious programmer
focuses
on accessing the second two
.
17. Program Security
Types of flaws: Non- Malicious flaws (not
very serious)
Buffer Overflows: Security Implication
the attacker may replace code in the system space.
the attacker may make use of the stack pointer or the
return register
18. Program Security
Types of flaws: Non- Malicious flaws (not
very serious)
Incomplete Mediation:
http://www.somesite.com/subpage/userinput.asp?parm1
=(808)555-1212 &parm2=2009Jan17.
to prevent the use of nonsense data, the program can
restrict choices only to valid ones.
The sensitive data (namely, the parameter values) are in
an exposed, uncontrolled condition.
19. Program Security
Types of flaws: Non- Malicious flaws (not
very serious)
Incomplete Mediation: Security Implications
unchecked data values represent a serious potential
vulnerability.
20. Program Security
Types of flaws: Non- Malicious flaws
Incomplete Mediation: Security Implications
Things, Inc., was a very large, international vendor of
consumer products, called Objects. The company was
ready to sell its Objects through a web site, using what
appeared to be a standard e-commerce application. The
management at Things decided to let some of its in-
house developers produce the web site so that its
customers could order Objects directly from the web.
21. Program Security
Types of flaws: Non- Malicious flaws
Incomplete Mediation: Security Implications
http://www.things.com/order.asp?custID=101&part=55
5A&qy=20&price=10&ship=boat&shipcost=5&total=2
05
22. Program Security
Types of flaws: Non- Malicious flaws (not
very serious)
Time-of-Check to Time-of-Use Errors :
involves synchronization.
To improve efficiency, modern processors and
operating systems usually change the order in which
instructions and procedures are executed.
23. Program Security
Types of flaws: Non- Malicious flaws (not
very serious)
Time-of-Check to Time-of-Use Errors :
Access Control – only those who should access an
object are allowed that access. Ex: Sculpture
between the time the access was checked and the
time the result of the check was used, a change
occurred, invalidating the result of the check.
24. Program Security
Types of flaws: Non- Malicious flaws
Time-of-Check to Time-of-Use Errors :
Security Implications:
to ensure that critical parameters are not exposed during any
loss of control.
to ensure serial integrity - to allow no interruption (loss of
control) during the validation.
25. Program Security
Types of flaws:
Malicious flaws
The programs operate on data, taking action only
when data and state changes trigger it.
behaves in unexpected ways.
Ex: Installing a new software
writing a message on a computer screen, stopping
a running program, generating a sound, or erasing
a stored file.
26. Program Security
Malicious Code - Types
undesired effects in programs.
A virus:
a program that can replicate itself and pass on
malicious code to other nonmalicious programs by
modifying them.
27. Program Security
Malicious Code – Types
Virus:
Transient virus: depends on the life of its host
Resident virus: locates itself in memory
Document virus: embedded in a formatted
document.
Boot sector virus: reading a fixed number of bytes
from a fixed location on the disk
28. Program Security
Malicious Code – Types
Virus:
Macro virus: a user to execute a serious of
commands and repeat them with just invoking a
single macro feature.
Polymorphic virus: virus can keep changing its
form.
29. Program Security
Malicious Code – Types
Trojan Horse:
has a non obvious malicious effect.
logic bomb:
goes off when a specified condition occurs.
Trapdoor or backdoor:
a program by which someone can access the
program other than by the obvious, direct call,
perhaps with special privileges.
30. Program Security
Malicious Code – Types
Worm:
a program that spreads copies of itself through a
network.
Rabbit:
self-replicates without bound, with the intention of
exhausting some computing resource
31. Program Security
Malicious Code – Types
Virus Signatures:
Code must be stored somewhere, and the code
must be in memory to execute.
the virus executes in a particular way, using certain
methods to spread.
Virus scanner:
Detect and delete the virus
35. Program Security
Malicious Code”
Prevention of virus Infection:
Use only commercial software acquired from
reliable, well-established vendors.
Test all new software on an isolated computer
Open attachments only when you know them to
be safe
Make a recoverable system image and store it
safely.
Make and retain backup copies of executable
system files.
Use virus detectors (often called virus scanners)
regularly and update them daily.
36. Program Security
Targeted Malicious Code:
malicious code is written for a particular system,
for a particular application, and for a particular
purpose.
Trapdoors:
an undocumented entry point to a module.
computing systems are complex structures,
programmers usually develop and test
systems in a methodical, organized, modular manner.
unit testing, integration testing.
Poor error checking.
37. Program Security
Targeted Malicious Code:
Trapdoors – Causes:
trapdoors can persist in production programs
because the developers.
forget to remove them
intentionally leave them in the program for testing
intentionally leave them in the program for
maintenance of the finished program,
38. Program Security
Targeted Malicious Code:
Salami Attack
merges bits of seemingly inconsequential data to yield
powerful results
Ex: the small amounts are shaved from each
computation and accumulated elsewhere such as in the
programmer's bank account
39. Program Security
Targeted Malicious Code:
Privilege Escalation:
Programs run in a context: Their access rights and
privileges are controlled by that context.
malicious code to be launched by a user with lower
privileges but run with higher privileges.
Interface Illusions:
spoofing attack in which all or part of a web page is
false.
The object of the attacker is to convince the user to do
something inappropriate.
40. Program Security
Targeted Malicious Code:
Man-in-the-Middle Attacks :
a malicious program interjects itself between two other
programs, typically between a user's input and an
application's result.
Timing Attacks :
the time it takes a computer to perform a task depends
on the size of the task.
41. Covert Channels
extraordinary paths of communication is
covert channels.
programs that communicate information to
people who should not receive it.
The communication travels unnoticed,
accompanying other, perfectly proper,
communications.
communications are hidden in an open
channel
42. Covert Channels
Creating covert channels:
producing a specific output report or displaying
desired values.
Encoding the data values in another report by
varying the format of the output.
Omitting the printing of certain values
printing certain specific values
Changing the number of lines per page.
43. Covert Channels
Storage Channels:
pass information by using the presence or absence
of objects in storage.
Ex: file lock channel.
In multiuser systems, files can be "locked" to
prevent two people from writing to the same file at
the same time.
44. Covert Channels
Timing Channels:
pass information by using the speed at which
things happen. Actually, timing channels are
shared resource channels in which the shared
resource is time.
analyzing the resources of a system,
the other works at the source code level.
45. Covert Channels
Shared Resource Matrix:
finding all shared resources and determining
which processes can write to and read from the
resources.
a matrix of resources (rows) and processes
that can access them (columns)
The matrix entries are R for "can read (or
observe) the resource" and M for "can set (or
modify, create, delete) the resource.
46. Covert Channels
Information Flow Method:
analysis can be automated within a compiler so that
information flow potentials can be detected while a
program is under development.
Explicit flow: the statement B:=A, which assigns the
value of A to the variable B, obviously supports an
information flow from A to B.
Implicit flow: The conditional statement IF D=1
THEN B:=A has two flows: from A to B because of
the assignment, but also from D to B, because the
value of B can change if and only if the value of D is
1.
47. Controls Against Program Threats
controls during software development the
specifying, designing, writing, and testing of
the program to find and eliminate the sorts of
exposures.
Types of controls:
Developmental Controls
operating system
administrative
48. Controls Against Program Threats
Developmental Controls:
The Nature of Software Development:
specify the system
design the system
implement the system
test the system
review the system
document the system
manage the system
maintain the system
49. Controls Against Program Threats
Developmental Controls:
Modularity, Encapsulation, and Information
Hiding:
Modules: to create a design or code in small, self-
contained units
If a component is isolated from the effects of other
components, then it is easier to trace a problem to the
fault that caused it and to limit the damage the fault
causes.
50. Controls Against Program Threats
Developmental Controls:
Modularity:
the process of dividing a task into subtasks, Each
component performs a separate, independent part of the
task.
Conditions:
single-purpose
small
simple
independent
52. Controls Against Program Threats
Developmental Controls:
Modularity:
High Cohesion and lo coupling
Coupling: the degree with which a component depends
on other components in the system.
low or loose coupling is better than high or tight
coupling
53. Controls Against Program Threats
Developmental Controls:
Encapsulation:
hides a component's implementation details, but it does
not necessarily mean complete isolation
"technique for packaging the information [inside a
component] in such a way as to hide what should be
hidden and make visible what is intended to be visible."
54. Controls Against Program Threats
Developmental Controls:
Information Hiding:
a component as a kind of black box, with certain well-
defined inputs and outputs and a well-defined function.
Other components' designers do not need to know how
the module completes its function.
desirable because developers cannot easily and
maliciously alter the components of others if they do not
know how the components work.
55. Controls Against Program Threats
Developmental Controls:
Review
Walk-through
Inspection
A wise engineer who finds a fault can deal
with it in at least three ways:
1. by learning how, when, and why errors occur
2. by taking action to prevent mistakes
3. by scrutinizing products to find the instances and
effects of errors that were missed
56. Controls Against Program Threats
Developmental Controls:
Testing:
a process activity that homes in on product quality
Unit testing
Integration testing
System testing
function test
performance test
acceptance test
regression testing
Perspective: Black-box testing and white-box testing
57. Controls Against Program Threats
Developmental Controls:
Good Design:
using a philosophy of fault tolerance
having a consistent policy for handling failures
capturing the design rationale and history
using design patterns
Designers should try to anticipate faults and
handle them in ways that minimize disruption and
maximize safety and security
58. Controls Against Program Threats
Developmental Controls:
Good Design:
failures include
failing to provide a service
providing the wrong service or data
corrupting data
Handling Problem:
Retrying
Correcting
Reporting
Configuration Management
59. Controls Against Program Threats
Developmental Controls:
Standards of Program Development
standards of design, including using specified design
tools, languages, or methodologies, using design
diversity, and devising strategies for error handling and
fault tolerance
standards of documentation, language, and coding
style, including layout of code on the page, choices of
names of variables, and use of recognized program
structures
60. Controls Against Program Threats
Developmental Controls:
Standards of Program Development
standards of programming, including mandatory peer
reviews, periodic code audits for correctness, and
compliance with standards
standards of testing, such as using program verification
techniques, archiving test results for future reference,
using independent testers, evaluating test thoroughness,
and encouraging test diversity
61. Protection in General-Purpose
Operating Systems
Operating system functions can be categorized
as,
access control
identity and credential management
information flow
audit and integrity protection
62. Protection in General-Purpose
Operating Systems
History:
No system s/w - User entered pgms in binary
Executives - Assist single user with preparation and
cleanup. Entirely passive:
Waited for user’s request
Provided service on demand
Monitors-Assisted multiple users in
multiprogramming systems. Protect one user from
interference (malicious or acceidental or malicious) by
another
63. Protection in General-Purpose
Operating Systems
Multiprogramming - Protected Objects:
memory
sharable I/O devices, such as disks
serially reusable I/O devices, such as printers and
tape drives
sharable programs and subprocedures
networks
sharable data
64. Protection in General-Purpose
Operating Systems
Security Methods of Operating Systems:
Separation: keeping one user's objects separate from other
users.
physical separation - different processes use different physical
objects, such as separate printers for output requiring different
levels of security
temporal separation - different security requirements are executed
at different times
logical separation - cannot access objects outside its permitted
domain
cryptographic separation - conceal their data and computations
65. Protection in General-Purpose
Operating Systems
Level of Security in OS:
Do not protect: Operating systems with no
protection.
Isolate: different processes running concurrently
are unaware of the presence of each other.
Share all or share nothing: the owner of an object
declares it to be public or private.
Share via access limitation: checks the
allowability of each user's potential access to an
object
66. Protection in General-Purpose
Operating Systems
Level of Security in OS:
Share by capabilities: dynamic creation of sharing
rights for objects.
Limit use of an object: limits not just the access to
an object but the use made of that object after it
has been accessed.
67. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
protection can be built into the hardware
mechanisms that control efficient use of memory,
so solid protection can be provided at essentially
no additional cost.
68. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Fence:
single-user operating systems to prevent a faulty
user program from destroying part of the resident
portion of the operating system.
a method to confine users to one side of a
boundary
69. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Fence:
predefined memory address n between OS and
user
predefined amount of space was always reserved
for the operating system, whether it was needed or
not
70. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Fence:
Fence Register: the address of the end of the
operating system.
the location of the fence could be changed
71. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Relocation:
the process of taking a program written as if it
began at address 0.
the relocation factor - the starting address of the
memory assigned for the program.
The fence register can be a hardware relocation
device.
both relocates the address and guarantees that no
one can access a location lower than the fence
address
72. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Base/Bounds Registers:
A variable fence register – base register.
provide a lower bound (a starting address) but not
an upper one.
bounds register, is an upper address limit
Each pgm address forced to be above base address
Each pgm address checked to be below bounds
address
73. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Tagged Architecture:
Problem with base/bounds registers
high granularity of access rights
Can allow another module to access all or none of
its data
Tagged Architecture: every word of machine
memory has one or more extra bits to identify the
access rights to that word
74. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Tagged Architecture:
Access bits set by OS
Tested every time instruction accesses its location
Tag Word
R 0001
RW 0137
R 4091
R 0002
X
75. Protection in General-Purpose
Operating Systems
Memory and Address Protection:
Segmentation:
dividing a program into separate piece
Each segment has a unique name.
<name, offset>
name is the name of the segment
offset is its location within the segment
76. Control of Access to General Objects
Access Control:
providing security in an OS.
can grant or revoke access for certain resources like
file, program and data.
Goals:
Check every access - to revoke a user's privilege to
access an object.
Enforce least privilege - a subject should have access
to the smallest number of objects necessary to perform
some task.
Verify acceptable usage - to check that the activity to
be performed on an object is appropriate.
77. Control of Access to General Objects
Access Control – Implementation:
Directory:
simple way of protection.
Every file has a unique owner who possesses
"control" access rights and to revoke access to any
person at any time.
Each user has a file directory, which lists all the files
to which that user has access.
the operating system must maintain all file directories
rights to files are the common read, write, and execute
familiar on many shared systems
78. Control of Access to General Objects
Access Control – Implementation:
Directory:
user to grant and revoke access rights
Advantages:
easy to implement because it uses one list per user,
naming all the objects that user is allowed to access
Disadvantages:
the list becomes too large if many shared objects.
revocation of access is difficult
involves pseudonyms leads to multiple permission
that are not necessarily consistent.
79. Control of Access to General Objects
Access Control – Implementation:
Directory:
80. Control of Access to General Objects
Access Control – Implementation:
Access Control List:
one such list for each object, and the list shows all
subjects who should have access to the object and
what their access is.
Protection classes:
user - a specific subject,
group - who had a common interest
compartment - an untrusted object
81. Control of Access to General Objects
Access Control – Implementation:
Access Control List:
82. Control of Access to General Objects
Access Control – Implementation:
Access Control Matrix:
a table in which each row
represents a subject, each column represents an
object, and each entry is the set of access rights for
that subject to that object.
represented as a list of triples, <subject, object,
rights>
83. Control of Access to General Objects
Access Control – Implementation:
Access Control Matrix:
BIBLIO
G
TEMP F HELP.T
XT
C_COM
P
LINKER SYS_CL
OCK
PRINTE
R
USER A ORW ORW ORW R X X R W
USER B R - - R X X R W
USER S RW - R R X X R W
USER T - - - R X X R W
SYS_MG
R
- - - RW OX OX ORW O
USER_S
VCS
- - - O X X R W
84. Control of Access to General Objects
Access Control – Implementation:
Capability:
an unforgeable token that gives the possessor
certain rights to an object.
users can create objects, such as files, data
segments, or subprocesses, and can also specify
the acceptable kinds of operations, such as read,
write, and execute.
capabilities can be encrypted under a key
available only to the access control mechanism.
85. Control of Access to General Objects
Access Control – Implementation:
Capability:
One possible access right to an object is transfer
or propagate.
Domain: the collection of objects to which the
process has access
86. Control of Access to General Objects
File Protection Mechanisms:
Basic Forms of Protection:
AllNone Protection:
trust combined with ignorance.
Unacceptable for many reasons: Lack of trust, Too
coarse, Rise of sharing
Group Protection
identifying groups of users who had some common
relationship.
Windows: Administrators, Power Users, Users, and
Guests.
Unix: the user, group and other users
87. Control of Access to General Objects
File Protection Mechanisms:
Individual Permissions:
Persistent Permission:
uses a name, a token or a secret.
User access permissions can be required for any access
or only for modifications (write access)
Temporary Acquired Permission
The Unix designers added a permission called set
userid (suid).
Per-Object and Per-User Protection
The access control lists or access control matrices
described earlier provide very flexible protection
88. Control of Access to General Objects
User Authentication
An operating system bases much of its protection
on knowing who a user of the system is.
Authentication Mechanism:
Something the user knows: Passwords, PIN
numbers
Something the user has: Token and cards
Something the user is: biometrics, are based on a
physical characteristic of the user, such as a
fingerprint, the pattern of a person's voice, or a
face (picture)
89. Control of Access to General Objects
User Authentication
Passwords as Authenticators:
Passwords are mutually agreed-upon code words,
assumed to be known only to the user and the system.
difficulties of use:
Loss: no one will be able to replace a lost or forgotten
password
Use: each access to a file can be inconvenient and time
consuming.
Disclosure: If a password is disclosed to an unauthorized
individual, the file becomes immediately accessible.
Revocation: To revoke one user's access right to a file,
someone must change the password
90. Control of Access to General Objects
User Authentication
Additional Authentication Information:
Multifactor authentication:
two-factor authentication
Attacks on Passwords:
Passwords are somewhat limited as protection devices
because of the relatively small number of bits of
information they contain
91. Control of Access to General Objects
User Authentication
Password guessing steps:
no password
the same as the user ID is, or is derived from, the user's name
common word list (for example, "password," "secret," "private")
plus common names and patterns (for example, "asdfg," "aaaaaa")
short college dictionary
complete English word list
common non-English language dictionaries
short college dictionary with capitalizations (PaSsWorD) and
substitutions (0 for O, and so forth)
92. Control of Access to General Objects
User Authentication
Password Selection Criteria:
Use characters other than just AZ
Choose long passwords.
Avoid actual names or words.
Choose an unlikely password
Change the password regularly.
Don't write it down.
Don't tell anyone else.
93. Control of Access to General Objects
User Authentication
One-Time Passwords:
changes every time it is used.
the system assigns a static mathematical function.
The system provides an argument to the function, and
the user computes and returns the function value -
challengeresponse systems
94. Control of Access to General Objects
User Authentication
One-Time Passwords – functions:
f(x) = x + 1
f(x) = r(x)
f(E(x)) = E(D(E(x)) + 1).
95. Control of Access to General Objects
User Authentication
The Authentication Process:
users occasionally mistype their passwords.
A user who receives a message of INCORRECT LOGIN
will carefully retype the login and gain access to the system.
A legitimate user will not complain if the login process takes
5 or 10 seconds.
Systems commonly disconnect a user after a small number
of failed logins, forcing the user to reestablish a connection
with the system.
96. Control of Access to General Objects
User Authentication
Fixing Flaws in the Authentication Process :
Some people give out their passwords for the asking.
Other passwords have been obtained just by someone
watching a user typing in the password.
Second level of protection - another round of
passwords or a challengeresponse interchange.
97. Control of Access to General Objects
User Authentication
Biometrics: Authentication Not Using Passwords:
based on some physical characteristic of the human
body.
to recognize the following biometrics: fingerprints,
hand geometry (shape and size of fingers), retina and
iris (parts of the eye), voice, handwriting, blood vessels
in the finger, and face.
98. Control of Access to General Objects
User Authentication
Biometrics: Authentication Not Using Passwords:
Identification versus Authentication.
Biometrics are very reliable for authentication but much less
reliable for authentication.
99. Control of Access to General Objects
User Authentication
All biometric readers operate in two phases:
First, a user registers with the reader, during which
time a characteristic of the user (for example, the
geometry of the hand) is captured and reduced to a
template or pattern.
Second, the user later seeks authentication from the
system, during which time the system remeasures the
hand and compares the new measurements with the
stored template.
100. Control of Access to General Objects
User Authentication
Problems with Biometrics
Biometrics are relatively new, and some people find
their use intrusive.
Biometric recognition devices are costly
Variation reduces accuracy
Biometrics can become a single point of failure.
101. Firewalls
a device that filters all traffic between a
protected or "inside" network and a less
trustworthy or "outside" network.
runs on a dedicated device
executable code, an attacker could
compromise that code and execute from the
firewall's device.
102. Firewalls
Purpose:
to keep "bad" things outside a protected
environment.
the challenge of protecting a network with a
firewall is determining which security policy meets
the needs of the installation.
ensuring the validity of inside addresses.
A packet filter sits between the inside network and
the outside net, so it can know if a packet from the
outside is forging an inside address.
103. Firewalls
Design:
a reference monitor must be
always invoked
tamperproof
small and simple enough for rigorous analysis
105. Firewalls
Types of Firewalls - Packet Filtering Gateway
controls access to packets on the basis of packet
address (source or destination) or specific transport
protocol type (such as HTTP web traffic).
Packet filter rule has two parts:
Selection criteria
Action field
106. Firewalls
Types of Firewalls - Stateful Inspection Firewall
maintains state information from one packet to another in
the input stream.
to break an attack into multiple packets by forcing some
packets to have very short lengths so that a firewall cannot
detect the signature of an attack split across two or more
packets.
track the sequence of packets and conditions from one
packet to another.
107. Firewalls
Types of Firewalls - Application Proxy
simulates the (proper) effects of an application so
that the application receives only requests to act
properly.
A proxy gateway is a two-headed device: It looks
to the inside as if it is the outside (destination)
connection, while to the outside it responds just as
the insider would.
108. Firewalls
Types of Firewalls – Guard
decides what services to perform on the user's
behalf in accordance with its available knowledge,
such as whatever it can reliably know of the
(outside) user's identity, previous interactions, and
so forth.
is limited only by what is computable.
109. Firewalls
Types of Firewalls – Personal Firewalls
protect a (sub)network of multiple hosts.
an application program that runs on a workstation
to block unwanted traffic, usually from the
network.
screens traffic on a single workstation.
Combining a virus scanner with a personal
firewall is both effective and efficient.
provide reasonable protection to clients.
110. Firewalls
Types of Firewalls – Comparison
Packet
Filtering
Stateful
Inspection
Application
Proxy
Guard Personal
Firewall
Simplest More complex Even more
complex
Most complex Similar to packet
filtering firewall
Sees only
addresses and
service protocol
Type
Can see either
addresses or data
Sees full data
portion of
Packet
Sees full text of
Communication
Can see full data
portion of packet
Auditing difficult Auditing
possible
Can audit
Activity
Can audit
activity
usually
Does audit
activity
111. Firewalls
Types of Firewalls – Comparison
Packet
Filtering
Stateful
Inspection
Application
Proxy
Guard Personal
Firewall
Screens based
on connection
Rules
Screens based on
information
across packets in
either header or
data field
Screens based
on behavior of
Proxies
Screens based on
interpretation of
message content
Typically,
screens based
on information in
a single packet,
using header or
data
Complex
addressing rules
can make
configuration
Tricky
Usually
preconfigured to
detect certain
attack signatures
Simple proxies
can substitute
for complex
addressing
Rules
Complex guard
functionality can
limit assurance
Usually starts in
"deny all
inbound" mode,
to which user
adds trusted
addresses as
they appear
112. Network Security
Introduction to Network:
A connection between hosts and routers to
facilitate exchange of information.
Types:
Circuit switched network: a dedicated circuit
established to exchange data.
Packet switched network: the data between the
hosts and the routers is transferred as chunks.
113. Network Security
Different layers in protocol stack:
Layer Purpose / work Done Protocols
Application
Responsible for handling the data sent
between applications between two hosts on a
network
HTTP, SMTP,FTP
Transport
Responsible for managing the end to end
logical connection
TCP and UDP
Network Routing data through a network Internet protocol
Link Layer
Transfers data over individual links on a
network
Ethernet
Physical
Sends binary data over the communication
media
-
114. Network Security
Physical Layer:
Possible attacks on the physical layer are as
follows:
Cable cuts
Wireless link jamming
Application of high voltages to copper cables.
115. Network Security
Data Link Layer:
consists of Ethernet, WLAN.
MAC addresses - 48 bits
24 bits represents the manufacturer
another 24 bits represents the interface produced by the
manufacturer.
116. Network Security
Data Link Layer:
CAM table overflow:
Content Addressable Memory.
responsible for maintaining a mapping between the
physical ports of a switch to the MAC address of the
hosts connected to it.
limited in size.
attack: fill table with fake/invalid MAC addresses.
117. Network Security
Data Link Layer:
MAC address spoofing:
all the traffic intended to flow to the victim will be
redirected to the host.
DHCPAttacks:
DHCP starvation attacks
Fake DHCP server
ARP Attack:
to find the MAC addresses if the IP addresses are known.
120. Intrusion Detection Systems
a device, typically another separate computer,
that monitors activity to identify malicious or
suspicious events.
receives raw inputs from sensors.
It saves those inputs, analyzes them, and takes
some controlling action.
122. Intrusion Detection Systems
Functions:
monitoring users and system activity
auditing system configuration for vulnerabilities and
misconfigurations
assessing the integrity of critical system and data files.
recognizing known attack patterns in system activity
identifying abnormal activity through statistical analysis
managing audit trails and highlighting user violation of policy or
normal activity
correcting system configuration errors
installing and operating traps to record information about
intruders
123. Intrusion Detection Systems
Goals:
Filter on packet state
Filter on packet content
Maintain connection state
Use minimum number of signatures that can target
maximum number of threats
Filter the packets in real-time
Conseal itself from being discovered by the
attacker.
124. Intrusion Detection Systems
Types:
Signature-based intrusion detection systems:
simple pattern-matching
match a pattern corresponding to a known attack type.
a series of TCP SYN packets sent to many different
ports in succession and at times close to one another
125. Intrusion Detection Systems
Types:
Signature-based intrusion detection systems:
Problem:
An attacker will try to modify a basic attack in such a way that
it will not match the known signature of that attack.
the attacker may convert lowercase to uppercase letters or
convert a symbol such as "blank space" to its character code
equivalent %20.
Statistical analysis:
to obtain sample measurements of key indicators
126. Intrusion Detection Systems
Types:
Heuristic Intrusion Detection:
behavior that is out of the ordinary.
The inference engine of an intrusion detection system
performs continuous analysis of the system, raising an
alert when the system's dirtiness exceeds a threshold
127. Intrusion Detection Systems
Types:
Heuristic Intrusion Detection:
Inference engines work in two ways:
State based:
the system going through changes of overall state or
configuration.
Others try to map current activity onto a model of
unacceptable activity and raise an alarm when the
activity resembles the model.
128. Intrusion Detection Systems
Types:
Heuristic Intrusion Detection:
Inference engines work in two ways:
Model based:
to build a dynamic model of behavior.
to accommodate variation and evolution in a person's
actions over time.
compares real activity with a known representation of
normality.
129. Intrusion Detection Systems
Types - where it is placed?
network based IDSs:
detects system attacks by capturing and analyzing
packets on a network switch.
matching multiple packets against a database of
attack patterns or against a model of malicious
activity.
131. Intrusion Detection Systems
Types - where it is placed?
Host based IDSs:
IDSs are installed at every computer in the
network and operate on information collected from
them.
Contains OS logs, audit and files.
133. Intrusion Detection Systems
Stealth Mode:
the attacker should not be able to detect the IDS.
Interface:
to monitor the interface.
Sensitivity is a criterion that defines how malicious an
event is considered by the IDS.
134. Intrusion Detection Systems
Goals:
Responding to Alarms:
Monitor, collect data, perhaps increase amount of data collected
Protect, act to reduce exposure
Call a human
False Results:
False positives means the administrator will be less confident of
the IDS's warnings, perhaps leading to a real alarm's being ignored.
false negatives mean that real attacks are passing the IDS without
action.
135. Intrusion Detection Systems
Strength:
cheaper and easier to administer
Limitations:
Sensitivity
An IDS does not run itself; someone has to
monitor its track record and respond to its alarms.
136. Data Privacy Principles
the prevention of the data mining and the
unauthorized use of personal information,
which are illegal in many parts of the world.
Types:
Internet privacy
Financial privacy
Medical privacy
Locational privacy
137. Data Privacy Principles
Types: Internet privacy
reading of one’s email by third parties
Tracking of users browser history by third parties.
Collection, Storage and sharing of personal data
by some websites.
138. Data Privacy Principles
Types: Financial privacy
amount of assets held
positions held in stocks and shares
various purchases
139. Data Privacy Principles
Types: Medical privacy
A person not wish to disclose his/her medical records
due to various reasons.
Informational – control over personal info.
Physical – physical inaccessibility to others
Psychological – respects patients cultural beliefs,
inner thoughts, values, feelings and religious
practices
140. Data Privacy Principles
Types: Locational privacy
knowing his/her mobility trace.
competitor sales force
attendance of a particular church
presence in hotel
141. Data Privacy Principles
Collection limitation
Data quality
Purpose specification
use limitation
Security safeguards
Openness
Individual Participation
Accountability
142. Data Privacy Principles
Collection limitation
data should be obtained by lawful an fair
Data quality
data should be relevant to the purposes
should be accurate, complete and up to date
Purpose specification
purpose of data collection should be specified
use limitation
should not be disclosed, made available or otherwise used
for purposes other than specified above.
143. Data Privacy Principles
Security safeguards
against such risks as loss or unauthorized access,
destruction and modification
Openness
general policy of practices
Individual Participation
Accountability
measures give effect to the principles stated.