Scribd
Upload
15 views27 pages

3 - 2 Softeare Security - Vulnerabilities - Threats - and Risl

Software security involves designing and implementing secure software to protect against malicious attacks and unauthorized access. The growing connectivity, complexity, and extensibility of systems have increased vulnerabilities, necessitating a focus on the CIA triad: confidentiality, integrity, and availability. Threat modeling is essential for identifying and mitigating risks in secure software development, ensuring that security measures align with business and technical goals.

Uploaded by

iwvb.31
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
15 views27 pages

3 - 2 Softeare Security - Vulnerabilities - Threats - and Risl

Software security involves designing and implementing secure software to protect against malicious attacks and unauthorized access. The growing connectivity, complexity, and extensibility of systems have increased vulnerabilities, necessitating a focus on the CIA triad: confidentiality, integrity, and availability. Threat modeling is essential for identifying and mitigating risks in secure software development, ensuring that security measures align with business and technical goals.

Uploaded by

iwvb.31
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 27

Software Security Vulnerabilities,

Threats and Risk


What is Software security?

• Software security
• An idea of design and implement secure software for the aim of protection
against malicious attacks and suspicious activities

• Protection of software after it’s already built

• Security is concerned with preventing undesired behavior

• Considers an enemy/opponent/hacker/adversary who is actively and


maliciously trying to circumvent any protective measures you put in place
Software security
• Software security is a kind of computer security that focuses on the secure design and
implementation of software

• Using the best languages, tools, and methods

• Focus of study:

Secure software: Design and implementation


Why the Problem Is Growing?
• Connectivity
• The growing connectivity of computers through the Internet has increased both the
number of attack and the ease with which an attack can be made

• Extensibility
• Systems have become extensible
• Ex: Web browsers support extensibility

• Complexity
• Growth in the size and complexity of modern software systems

• Windows XP consists of 50,000 lines of code


Software Security: The CIA Triad

• Software system is secure if it supports CIA:

o Confidentiality: keeping data and resources hidden from unauthorized people

o Integrity is ability to ensure that data is an accurate and unchanged


representation of the original secure information

o Availability of information refers to ensuring that authorized parties are able to


access the information when needed
Kinds of undesired behavior
o Denying access: Availability
• Unable to purchase products
• Unable to access banking information

o Modifying information or functionality: Integrity


• Installing unwanted software (spyware, botnet client, ...)
• Destroying records (accounts, logs, plans, ...)

o Stealing information: confidentiality


• Unauthorized access to sensitive or private information
• Corporate secrets (product plans, source code, ...)
• Personal information (credit card numbers, SSNs, ...)
Basic Terminology
• Attack occurs when someone attempts to exploit a vulnerability
• Software vulnerability is a weakness or flaw in the software exploited by an attacker, to
perform unauthorized actions within a computer system

• Exploitation is the capability of the hacker to take advantage of that vulnerability via tools
or with certain techniques
• Defects occur in the software’s design and its implementation
o A flaw is a defect in the design

o A bug is a defect in the implementation


Important Goal: Secure Software
Common Software Vulnerabilities

• Memory safety violations:


• Buffer overflows

• Input validation errors:


• Code injection
• Cross-site scripting in web applications

• SQL injection
Black Hat, White Hat
Rules and Tools
Why Software Security?
High-Level Thinking about Security
High-Level Plan for Think about security

1. Policy: the goal you want to achieve. Example only Alice should read file F.
Common goals: confidentiality, integrity, availability.

2. Threat model: assumptions about what the attacker could do. e.g. can guess
password, cannot physically grab file server

3. Mechanism: knows that your system provides to help uphold policy. e.g. user
accounts, passwords, file permissions, encryption

• Resulting goal: no way for adversary within threat model to violate policy. Note
that goal has nothing to say about mechanism.

MIT 6.858 Computer System Security


What is threat Modeling

Threat Model includes:


❑ understanding of your system
❑ identified threats.
❑ probability of threats
❑ potential harm or impacts
❑ priority and plan for mitigation the threats

Threat Modeling for Secure Software Design Robert Hurlbut


Threat Modeling Process

1. Understand the system and the data


flows.
2. Identify threats through answers to
questions: (Threats Libraries: CAPEC,
OWASP, Combining STRIDE)
3. Determine mitigations and risks:
mitigation: options (leave as-is !, remove
from product, remedy with technology
countermeasure, warn user)
4. Flow through: document what you find-> STRIDE framework
file a bug -> fix-> reevaluate.
Threat Modeling for Secure Software Design Robert Hurlbut
Secure Software Development Lifecycle
What is threat Modeling

Threat Model includes:


❑ understanding of your system
❑ identified threats.
❑ probability of threats
❑ potential harm or impacts
❑ priority and plan for mitigation the threats

Threat Modeling for Secure Software Design Robert Hurlbut


Treat Modeling

Michael Howard @Michael_howard


Jan 7, 2015
A dev team with an awesome, complete and
accurate threat model gets my admiration and not
much of my time because they don’t need it! ☺

Threat Modeling for Secure Software Design Robert Hurlbut


Typical Treat Modeling Session

✔ Gather documentation
✔ Gather your team (Developers, Architects, Project Managers,
Business stakeholders) -> not one person’s job!
✔ Understand business goals and technical goals (threat modeling
must support goals, not other way around)
✔ Agree on meeting date and time
✔ Plan for 1-2 hours focused session at a time

Important: Be honest, leave ego at the door, no blaming

Threat Modeling for Secure Software Design Robert Hurlbut


Threat Modeling Process

1. Draw your picture – understand the system


and the data flows.
2. Identify threats through answers to
questions
3. Determine mitigations and risks
4. Flow through

Threat Modeling for Secure Software Design Robert Hurlbut


Identify Threats

Threat Modeling for Secure Software Design Robert Hurlbut


STRIDE Framework – Data Flow

Threat Modeling for Secure Software Design Robert Hurlbut


Identity Threats – Ask Questions

One of the best questions:: Is there anything keeping you


up at night worrying about this system?
Threat Modeling for Secure Software Design Robert Hurlbut
Determine Mitigations and risks

❑ Mitigation Options:
▪Leave as-is
▪Remove from product
▪Remedy with technology countermeasure
▪Warn user

❑ we have to understand what is the risk


associated with the vulnerability?
Threat Modeling for Secure Software Design Robert Hurlbut
Follow through

❑ Document what you found and decisions you make.


❑ File bugs or new requirements
❑ Verify bugs fixed and new requirements implemented
❑ Did we miss anything? Review again
❑ Anything new? Review again

Threat Modeling for Secure Software Design Robert Hurlbut


Secure Software Development Lifecycle

https://www.youtube.com/watch?v=X6WhkhuIiJM

You might also like