KEMBAR78
lecture5-securitydesignprinciplesOf Information | PPTX
Uploaded byAsrarMushtaq4
PPTX, PDF15 views

lecture5-securitydesignprinciplesOf Information

Information Security CS SE

Design
Related topics:
Information Security
Download to read offline
Security Design Principles and Patterns
Security Design Principles • Security Design Principles have been created to help developers build highly secure applications.
Asset Clarification • Before developing any security strategies, it is essential to identify and classify the data that the application will handle. • Programmers create security controls that are appropriate for the value of the data being managed. • For example, an application processing financial information must have much tighter restrictions than a blog or web forum.
Core Pillars of Information Security • Security controls should be designed with the core pillars of information security in mind: • Confidentiality – only allow access to data for which the user is permitted • Integrity – ensure data is not tampered or altered by unauthorized users • Availability – ensure systems and data are available to authorized users when they need it
Security Architecture • Every application has application security measures designed to cover all kinds of risks, ranging from typical usage risks (accidental data erasure) through to extreme attacks (brute force attacks, injection attacks etc.). • It is recommended that developers should consider each feature on the application they are designing and ask the following questions: • Is the process surrounding this feature as safe as possible? In other words, is this a flawed process? • If I were evil, how would I abuse this feature? • Is the feature required to be on by default? If so, are there limits or options that could help reduce the risk from this feature?
Security Design Principles
1. Minimise Attack Surface Area • Every time a programmer adds a feature to their application, they are increasing the risk of a security vulnerability. • The principle of minimizing attack surface area restricts the functions that users are allowed to access, to reduce potential vulnerabilities.
Defining the Attack Surface of an Application The Attack Surface of an application is: • the sum of all paths for data/commands into and out of the application, and • the code that protects these paths (including resource connection and authentication, authorization, activity logging, data validation and encoding), and • all valuable data used in the application, including secrets and keys, intellectual property, critical business data, personal data and PII, and • the code that protects these data (including encryption and checksums, access auditing, and data integrity and operational security controls).
1. Minimise Attack Surface Area (contd.) • For example, you might code a search feature into an application. That search feature is potentially vulnerable to file inclusion attacks and SQL injection attacks. • The developer could limit access to the search function, so only registered users could use it — reducing the attack surface and the risk of a successful attack.
2. Establish Secure Defaults • This principle states that the application must be secure by default. • That means a new user must take steps to obtain higher privileges and remove additional security measures (if allowed). • Establishing safe defaults means there should be strong security rules for: • how user registrations are handled, • how often passwords must be updated, • how complex passwords should be and so on. • Application users may be able to turn off some of these features, but they should be set to a high-security level by default.
2. Establish Secure Defaults (contd.)
3. Least Privilege Design Principle • The Principle of Least Privilege (POLP) states that a user should have the minimum set of privileges required to perform a specific task. • For example, a user who is signed up to a blog application as an “author” • should not have administrative privileges that allow them to add or remove users. • They should only be allowed to post articles to the application. • The POLP can be applied to all aspects of a web application, including user rights and resource access.
4. The Principle of Defense in Depth • The principle of defense in depth states that multiple security controls that approach risks in different ways is the best option for securing an application. • So, instead of having one security control for user access, you would have multiple layers of validation, additional security auditing tools, and logging tools. a user login with just a • For example, instead of letting username and password, • you would use an IP check, • a Captcha system, • logging of their login attempts, • brute force detection and so on.
What is CAPTCHA? • This user procedure many identification has received criticisms, especially from people with disabilities, • Also from other people who feel that their everyday work is slowed down by distorted words that are difficult to read. It takes the average person approximately 10 seconds to solve a typical CAPTCHA. This CAPTCHA (Version 1) of "smwm" disguises its message from computer interpretation by twisting the letters and adding slight background color gradient.
5. Fail-Safe Defaults Design Principle • There are many reasons why an application would fail to process a transaction. • Perhaps a database connection failed, or the data inputted from a user was incorrect. • This principle states that applications should fail in a secure way. • Failure should not give the user additional privileges, • It should not show the user sensitive information like database queries or logs.
5. Fail-Safe Defaults Design Principle (contd.)
6. Don’t Trust Services • Many web applications use third-party services for accessing additional functionality or obtaining additional data. • This principle states that you should never trust these services from a security perspective. • That means the application should always check the validity of data that third-party services send and not give those services high-level permissions within the app.
7. Separation of Duties • Separation of duty, as a security principle, has as its primary objective the prevention of fraud and errors. • This objective is achieved by distributing the tasks and associated privileges for a specific business process among multiple users. • For example, a user of an e-Commerce website should not be promoted to also be an administrator as they will be able to alter orders and give themselves products. • The reverse is also true — an administrator should not have the ability to do things that customers do, like order items from the front end of the website.
7. Separation of Duties (contd.)
8. Avoid Security by Obscurity • In security engineering, security through obscurity (or security by obscurity) is the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system. • A system or component relying on obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that if the flaws are not known, that will be sufficient to prevent a successful attack. • Security experts have rejected this view, and advise that obscurity should never be the only security mechanism. • If your application requires its administration URL to be hidden so it can remain secure, then it is not secure at all. • There should be sufficient security controls in place to keep your application safe without hiding core functionality or source code.
Security by obscurity Example 1 • The key to the front door is stashed under a rock nearby, or under the welcome mat, or on top of a high railing. • These are all instances of security through obscurity, • it is right out in the open for anyone to grab, • most people will not be able to find it without huge amounts of searching. • However, a dedicated attacker can walk right in.
Security by obscurity Example 2 • Some people like to make their javascript difficult to read (and therefore hack) by using obfuscation. • Google is among the users of this technique. At the simplest level, they change the variable and method names to a single mysterious letter. The first variable is named "a", the second is named "b" and so on. • It does succeed in making the javascript exceedingly difficult to read and follow. • And it adds some protection to the intellectual property contained in the javascript code, which must be downloaded to the user's browser to be usable, therefore making it accessible to all.
Disadvantages of Obfuscation • While obfuscation can make reading, writing, and reverse-engineering a program difficult and time- consuming, it will not necessarily make it impossible. • Some anti-virus software, such as AVG AntiVirus, will also alert their users when they land on a site with code that is manually obfuscated, as one of the purposes of obfuscation can be to hide malicious code. • Certain major browsers such as Firefox and Chrome also disallow browser extensions containing obfuscated code.
Disadvantages of Obfuscation • However, some developers may employ code obfuscation for the purpose of reducing file size or increasing security. • • The average user may not expect their antivirus software to provide alerts about an otherwise harmless piece of code, especially from trusted corporations, so such a feature may actually discourage users from using legitimate software.
9. Keep Security Simple avoid the use of very sophisticated developing security controls for their • Developers should architecture when applications. • Having mechanisms that are very complex can increase the risk of errors. • In Practice: • Reuse components that you know to be trusted. • Avoid complex architecture and coding • Centralize your approaches by making the fundamentals part of your design. • Integrate your security tools within the developers already- familiar environments, including their IDE, build management, source repository, bug tracking system, etc.
10. Fix Security Issues Correctly • Ifa security issue has been identified in an application developers should : • determine the root cause of the problem • Identify the pattern of the problem • They should then repair it • test the repairs thoroughly (regression tests) • If the application uses design patterns, it is likely that the error may be present in multiple systems. • Programmers should be careful to identify all affected systems.
Thanks!

More Related Content

PPT
Security Design Principles.ppt
byDrBasemMohamedElomda
 
PPTX
Security Design Principles for developing secure application .pptx
byazida3
 
PDF
Principles for Secure Design and Software Security
byMona Rajput
 
PPT
Survey Presentation About Application Security
byNicholas Davis
 
PPTX
Application Security: What do we need to know?
byJose L. Quiñones-Borrero
 
PPTX
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
byRyan Elkins
 
PPT
Secure Software Design and programming.ppt
bymartel91
 
ODP
Break it while you make it: writing (more) secure software
byLeigh Honeywell
 
Security Design Principles.ppt
byDrBasemMohamedElomda
 
Security Design Principles for developing secure application .pptx
byazida3
 
Principles for Secure Design and Software Security
byMona Rajput
 
Survey Presentation About Application Security
byNicholas Davis
 
Application Security: What do we need to know?
byJose L. Quiñones-Borrero
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
byRyan Elkins
 
Secure Software Design and programming.ppt
bymartel91
 
Break it while you make it: writing (more) secure software
byLeigh Honeywell
 

Similar to lecture5-securitydesignprinciplesOf Information

PPTX
Web Application Hacking tools .pptx
byGuna Dhondwad
 
PPT
1.Security Overview And Patching
byphanleson
 
PPTX
Security Design Concepts
byMohammed Fazuluddin
 
PDF
Secure by Design - Security Design Principles for the Rest of Us
byEoin Woods
 
PDF
The Principles of Secure Development - BSides Las Vegas 2009
bySecurity Ninja
 
PDF
Secure by Design - Security Design Principles for the Working Architect
byEoin Woods
 
PDF
How to Destroy a Database
byJohn Ashmead
 
PPT
3.Secure Design Principles And Process
byphanleson
 
PPTX
00. introduction to app sec v3
byEoin Keary
 
PPTX
Owasp top 10 2017
byibrahimumer2
 
PPT
Security communication
bySay Shyong
 
PPT
Application Security
byflorinc
 
PPT
Sql securitytesting
byThilak Pathirage -Senior IT Gov and Risk Consultant
 
PDF
IS Merg file is technique of Information Securiety
byALIZAIB KHAN
 
PPT
SegurançA Da InformaçãO Faat V1 4
byRodrigo Piovesana
 
PDF
Make it Fixable (Security Divas 2017)
byPatricia Aas
 
PPTX
secure coding techniques unit-iii material
bySri Latha
 
PPTX
Maloney slides
byOnkar Sule
 
PPTX
Information Security and the SDLC
byBDPA Charlotte - Information Technology Thought Leaders
 
PPTX
Secure coding practices
byScott Hurrey
 
Web Application Hacking tools .pptx
byGuna Dhondwad
 
1.Security Overview And Patching
byphanleson
 
Security Design Concepts
byMohammed Fazuluddin
 
Secure by Design - Security Design Principles for the Rest of Us
byEoin Woods
 
The Principles of Secure Development - BSides Las Vegas 2009
bySecurity Ninja
 
Secure by Design - Security Design Principles for the Working Architect
byEoin Woods
 
How to Destroy a Database
byJohn Ashmead
 
3.Secure Design Principles And Process
byphanleson
 
00. introduction to app sec v3
byEoin Keary
 
Owasp top 10 2017
byibrahimumer2
 
Security communication
bySay Shyong
 
Application Security
byflorinc
 
Sql securitytesting
byThilak Pathirage -Senior IT Gov and Risk Consultant
 
IS Merg file is technique of Information Securiety
byALIZAIB KHAN
 
SegurançA Da InformaçãO Faat V1 4
byRodrigo Piovesana
 
Make it Fixable (Security Divas 2017)
byPatricia Aas
 
secure coding techniques unit-iii material
bySri Latha
 
Maloney slides
byOnkar Sule
 
Information Security and the SDLC
byBDPA Charlotte - Information Technology Thought Leaders
 
Secure coding practices
byScott Hurrey
 

Recently uploaded

PPTX
123456789101112121212121212121212121.pptx
byMuhammadHazwanAbdulM
 
PPTX
ITC GREEN CENTRE.pptxITC GREEN CENTRE.pptx
byMehakKatyal2
 
PPTX
7 Easiest Photo Editing Software for Beginners
bySam Smith
 
PPTX
Projecting Angles of engineers cincinati
bySivaShankar828144
 
PPSX
Unit A Analysis: Cognitive Behaviour Therapy and Rational Emotive Behaviour T...
byharneetsandhu01
 
PPTX
sustainable ITC green centre building gurgaon
byMehakKatyal2
 
PPTX
aurnav ppt. thermal comfort regfdgh berzbertdygmndfxybdgbffgb cv
byMehakKatyal2
 
PDF
Measuring Success in Service Improvement Plans
byWritegenic AI
 
PPTX
halo kawan kawan semu ini adalah desain template ppt 1
byahmad149413
 
PDF
How to Choose the Right Villa Architect in Pune for Your Dream Home.pdf
bySmartspace Architects
 
PDF
Seam Allowance Calculator: Your Key to Perfect Stitching Precision!
byConverters Lab
 
PDF
Branding Guideline for small solo pop artist
byrosezubler
 
PPTX
roi-l-998-describing-myself-gaeilge-powerpoint_ver_3 (1).pptx
byNabilaMejia
 
PPTX
GDG oC GU Kickstart Session(13.10.25).pptx
byvanshikaprakash05
 
PPTX
Vernacular_Architecture_Presentation.pptx
byKingFredrickSol
 
PDF
Bank Statement, PDF & Document Editing Services
byEdit Bank Statement
 
PDF
NEO VILLA Presentation l Full Interior & Exterior Design.pdf
byNader Soubra
 
PPTX
Black and Brown Classic Vintage Portfolio Presentation.pptx
byyeseniavillarchachic
 
PPTX
World War II D-Day Invasion XLLLLHistory - 12th Grade .pptx
byEolaSantos1
 
PDF
Nader Soubra - Graphic Portfolio 2025.pdf
byNader Soubra
 
123456789101112121212121212121212121.pptx
byMuhammadHazwanAbdulM
 
ITC GREEN CENTRE.pptxITC GREEN CENTRE.pptx
byMehakKatyal2
 
7 Easiest Photo Editing Software for Beginners
bySam Smith
 
Projecting Angles of engineers cincinati
bySivaShankar828144
 
Unit A Analysis: Cognitive Behaviour Therapy and Rational Emotive Behaviour T...
byharneetsandhu01
 
sustainable ITC green centre building gurgaon
byMehakKatyal2
 
aurnav ppt. thermal comfort regfdgh berzbertdygmndfxybdgbffgb cv
byMehakKatyal2
 
Measuring Success in Service Improvement Plans
byWritegenic AI
 
halo kawan kawan semu ini adalah desain template ppt 1
byahmad149413
 
How to Choose the Right Villa Architect in Pune for Your Dream Home.pdf
bySmartspace Architects
 
Seam Allowance Calculator: Your Key to Perfect Stitching Precision!
byConverters Lab
 
Branding Guideline for small solo pop artist
byrosezubler
 
roi-l-998-describing-myself-gaeilge-powerpoint_ver_3 (1).pptx
byNabilaMejia
 
GDG oC GU Kickstart Session(13.10.25).pptx
byvanshikaprakash05
 
Vernacular_Architecture_Presentation.pptx
byKingFredrickSol
 
Bank Statement, PDF & Document Editing Services
byEdit Bank Statement
 
NEO VILLA Presentation l Full Interior & Exterior Design.pdf
byNader Soubra
 
Black and Brown Classic Vintage Portfolio Presentation.pptx
byyeseniavillarchachic
 
World War II D-Day Invasion XLLLLHistory - 12th Grade .pptx
byEolaSantos1
 
Nader Soubra - Graphic Portfolio 2025.pdf
byNader Soubra
 

lecture5-securitydesignprinciplesOf Information

  • 1.
  • 2.
    Security Design Principles •Security Design Principles have been created to help developers build highly secure applications.
  • 3.
    Asset Clarification • Beforedeveloping any security strategies, it is essential to identify and classify the data that the application will handle. • Programmers create security controls that are appropriate for the value of the data being managed. • For example, an application processing financial information must have much tighter restrictions than a blog or web forum.
  • 4.
    Core Pillars ofInformation Security • Security controls should be designed with the core pillars of information security in mind: • Confidentiality – only allow access to data for which the user is permitted • Integrity – ensure data is not tampered or altered by unauthorized users • Availability – ensure systems and data are available to authorized users when they need it
  • 5.
    Security Architecture • Everyapplication has application security measures designed to cover all kinds of risks, ranging from typical usage risks (accidental data erasure) through to extreme attacks (brute force attacks, injection attacks etc.). • It is recommended that developers should consider each feature on the application they are designing and ask the following questions: • Is the process surrounding this feature as safe as possible? In other words, is this a flawed process? • If I were evil, how would I abuse this feature? • Is the feature required to be on by default? If so, are there limits or options that could help reduce the risk from this feature?
  • 6.
  • 7.
    1. Minimise AttackSurface Area • Every time a programmer adds a feature to their application, they are increasing the risk of a security vulnerability. • The principle of minimizing attack surface area restricts the functions that users are allowed to access, to reduce potential vulnerabilities.
  • 8.
    Defining the AttackSurface of an Application The Attack Surface of an application is: • the sum of all paths for data/commands into and out of the application, and • the code that protects these paths (including resource connection and authentication, authorization, activity logging, data validation and encoding), and • all valuable data used in the application, including secrets and keys, intellectual property, critical business data, personal data and PII, and • the code that protects these data (including encryption and checksums, access auditing, and data integrity and operational security controls).
  • 9.
    1. Minimise AttackSurface Area (contd.) • For example, you might code a search feature into an application. That search feature is potentially vulnerable to file inclusion attacks and SQL injection attacks. • The developer could limit access to the search function, so only registered users could use it — reducing the attack surface and the risk of a successful attack.
  • 10.
    2. Establish SecureDefaults • This principle states that the application must be secure by default. • That means a new user must take steps to obtain higher privileges and remove additional security measures (if allowed). • Establishing safe defaults means there should be strong security rules for: • how user registrations are handled, • how often passwords must be updated, • how complex passwords should be and so on. • Application users may be able to turn off some of these features, but they should be set to a high-security level by default.
  • 11.
    2. Establish SecureDefaults (contd.)
  • 12.
    3. Least PrivilegeDesign Principle • The Principle of Least Privilege (POLP) states that a user should have the minimum set of privileges required to perform a specific task. • For example, a user who is signed up to a blog application as an “author” • should not have administrative privileges that allow them to add or remove users. • They should only be allowed to post articles to the application. • The POLP can be applied to all aspects of a web application, including user rights and resource access.
  • 13.
    4. The Principleof Defense in Depth • The principle of defense in depth states that multiple security controls that approach risks in different ways is the best option for securing an application. • So, instead of having one security control for user access, you would have multiple layers of validation, additional security auditing tools, and logging tools. a user login with just a • For example, instead of letting username and password, • you would use an IP check, • a Captcha system, • logging of their login attempts, • brute force detection and so on.
  • 14.
    What is CAPTCHA? •This user procedure many identification has received criticisms, especially from people with disabilities, • Also from other people who feel that their everyday work is slowed down by distorted words that are difficult to read. It takes the average person approximately 10 seconds to solve a typical CAPTCHA. This CAPTCHA (Version 1) of "smwm" disguises its message from computer interpretation by twisting the letters and adding slight background color gradient.
  • 15.
    5. Fail-Safe DefaultsDesign Principle • There are many reasons why an application would fail to process a transaction. • Perhaps a database connection failed, or the data inputted from a user was incorrect. • This principle states that applications should fail in a secure way. • Failure should not give the user additional privileges, • It should not show the user sensitive information like database queries or logs.
  • 16.
    5. Fail-Safe DefaultsDesign Principle (contd.)
  • 17.
    6. Don’t TrustServices • Many web applications use third-party services for accessing additional functionality or obtaining additional data. • This principle states that you should never trust these services from a security perspective. • That means the application should always check the validity of data that third-party services send and not give those services high-level permissions within the app.
  • 18.
    7. Separation ofDuties • Separation of duty, as a security principle, has as its primary objective the prevention of fraud and errors. • This objective is achieved by distributing the tasks and associated privileges for a specific business process among multiple users. • For example, a user of an e-Commerce website should not be promoted to also be an administrator as they will be able to alter orders and give themselves products. • The reverse is also true — an administrator should not have the ability to do things that customers do, like order items from the front end of the website.
  • 19.
    7. Separation ofDuties (contd.)
  • 20.
    8. Avoid Securityby Obscurity • In security engineering, security through obscurity (or security by obscurity) is the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system. • A system or component relying on obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that if the flaws are not known, that will be sufficient to prevent a successful attack. • Security experts have rejected this view, and advise that obscurity should never be the only security mechanism. • If your application requires its administration URL to be hidden so it can remain secure, then it is not secure at all. • There should be sufficient security controls in place to keep your application safe without hiding core functionality or source code.
  • 21.
    Security by obscurity Example1 • The key to the front door is stashed under a rock nearby, or under the welcome mat, or on top of a high railing. • These are all instances of security through obscurity, • it is right out in the open for anyone to grab, • most people will not be able to find it without huge amounts of searching. • However, a dedicated attacker can walk right in.
  • 22.
    Security by obscurity Example2 • Some people like to make their javascript difficult to read (and therefore hack) by using obfuscation. • Google is among the users of this technique. At the simplest level, they change the variable and method names to a single mysterious letter. The first variable is named "a", the second is named "b" and so on. • It does succeed in making the javascript exceedingly difficult to read and follow. • And it adds some protection to the intellectual property contained in the javascript code, which must be downloaded to the user's browser to be usable, therefore making it accessible to all.
  • 23.
    Disadvantages of Obfuscation •While obfuscation can make reading, writing, and reverse-engineering a program difficult and time- consuming, it will not necessarily make it impossible. • Some anti-virus software, such as AVG AntiVirus, will also alert their users when they land on a site with code that is manually obfuscated, as one of the purposes of obfuscation can be to hide malicious code. • Certain major browsers such as Firefox and Chrome also disallow browser extensions containing obfuscated code.
  • 24.
    Disadvantages of Obfuscation •However, some developers may employ code obfuscation for the purpose of reducing file size or increasing security. • • The average user may not expect their antivirus software to provide alerts about an otherwise harmless piece of code, especially from trusted corporations, so such a feature may actually discourage users from using legitimate software.
  • 25.
    9. Keep SecuritySimple avoid the use of very sophisticated developing security controls for their • Developers should architecture when applications. • Having mechanisms that are very complex can increase the risk of errors. • In Practice: • Reuse components that you know to be trusted. • Avoid complex architecture and coding • Centralize your approaches by making the fundamentals part of your design. • Integrate your security tools within the developers already- familiar environments, including their IDE, build management, source repository, bug tracking system, etc.
  • 26.
    10. Fix SecurityIssues Correctly • Ifa security issue has been identified in an application developers should : • determine the root cause of the problem • Identify the pattern of the problem • They should then repair it • test the repairs thoroughly (regression tests) • If the application uses design patterns, it is likely that the error may be present in multiple systems. • Programmers should be careful to identify all affected systems.
  • 27.