chapter 14 – security engineering 1 chapter 12 dependability and security specification 1
Post on 02-Jan-2016
224 Views
Preview:
TRANSCRIPT
Chapter 12 Dependability and Security Specification
1
S
Chapter 14 – Security
Engineering1
Chapter 12 Dependability and Security Specification
2
Threat Types
Interception May be hard to detect
Interruption Denial of service
Modification
Fabrication
Chapter 12 Dependability and Security Specification
3
Levels of Attack
Levels Application Infrastructure
OS Database Web server Network GUI
Attack on infrastructure may be more likely Better known vulnerabilities
Chapter 12 Dependability and Security Specification
4
Design Guidelines
#1 Base security decisions on an explicit security policy Stated, overall goal (what, not how) Examples
Only physicians registered with system can view data Only creator of a record can modify it All transactions must be logged
Chapter 12 Dependability and Security Specification
5
Design Guidelines
#2 Avoid single point of failure Single Point of Failure: One aspect of a system that if it
were to fail, the entire system would be fail. Examples / solutions
Database (if only one server) – mirrored site Web server (if only one server) – redundant server Data records loss – keep log so that data can be recreated
Layered protection (“defense in depth”0 Like multiple protections of a house Passwords: login, password, IP, biometrics,…
Chapter 12 Dependability and Security Specification
6
Design Guidelines
#3 Fail securely – If there is a failure, resulting condition should not be less secure
Example: Failure to find a file in a web directory - you need to
block browsing of web directories Reboot OS in “safe mode” – you still need to require
logon to access data, functionality
Chapter 12 Dependability and Security Specification
7
Design Guidelines
#4 Balance security and usability
Example: Excessively difficult password systems will force
users to document them (on sticky notes, text files…)
Chapter 12 Dependability and Security Specification
8
Design Guidelines
#5 Log user actions
Example: Track logon attempts, including passwords, IP
address – if analyzed can lead to attacker Track who attempts to change data (but is denied)
Chapter 12 Dependability and Security Specification
9
Design Guidelines
#6 Use redundancy and diversity to reduce risk
Example: Redundancy – second copy of web site, database, Diversity – different version of software
Chapter 12 Dependability and Security Specification
10
Design Guidelines
#7 Validate all inputs
SQL Injection – response to a form field that, when inserted into an SQL command can cause undesired actions in the database Command:
Select * from Users where id=‘xxxx’ Field:
1’ ; DROP TABLE users; select ‘a Solution: escape string
Chapter 12 Dependability and Security Specification
11
Design Guidelines
#8 Compartmentalize assets
Example: Voter targeting stem:
All clients could have accessed same database, tables. This was separated into separate database per
customer
Chapter 12 Dependability and Security Specification
12
Design Guidelines
#9 Design for deployment – plan for clear configuration
Example: Software inside of a wireless router (Airport Express)
Default security mode Default DHCP ranges Default network names
Chapter 12 Dependability and Security Specification
13
Design Guidelines
#10 Design for recoverability
Steps Features to view all configuration Minimize default privileges
Require intentional setting Localize configuration settings
(Not everywhere in system) Provide easy ways to fix vulnerabilities
Software update mechanisms Auto check for updates
Chapter 12 Dependability and Security Specification
14
Design Guidelines
#11 – Limit menus, options to only what user has permissions for
Chapter 12 Dependability and Security Specification
15
Survivability
Ability to continue to deliver service even if under attack
Chapter 12 Dependability and Security Specification
16
Survivability Strategies
Resistance
Recognition
Recovery
Chapter 12 Dependability and Security Specification
17
Activity
Discuss what you would do to address the guidelines discussed tonight
Systems Facebook Healthcare management system School grade records system
Chapter 12 Dependability and Security Specification
18
top related