Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- importance of secure application design
- -cost increases as the flaw identified in the later process of SDLC
- *0,*1,*6,*15,100*
- -best to be done in the design phase
- -developer will be forced to write a better code
- -so we can mitigate as much as treat as can
- various secure design principles
- -SecurityThroughObsecurity-make it unknown or make the flaw unknown
- -secure the weakest link-usually attacker will find end point instead of trying to decrypt
- -use least privilege principles
- -secure by default-by default password aging n complexity should be enabled
- -fail securely-means when fail don't expose error info
- -apply defense in depth-apply check to the entire flow
- -do not trust user input
- -reduce attack surface-reduce entry points as much as can
- -enable auditing and logging
- -seperation of duties-example system administrator should not be allowed as super-priv user
- -fix security issues correctly-check new code introduced for not producing new flaw
- -protect sensitive data-use the best encryption method
- -exception handling
- -secure memory management-check for buffer over flow-check length before pushing in
- -protect memory or storage secrets-encryt secrets to avoid being dumped in crash dump,scrub before deletion
- -fault tolerance-system should continue to perform despite errors
- -fault detection-at the same time, should inform relevant party about detection-at
- -fault removal-during design phase
- -fault avoidance-during development
- -loose coupling- avoid dependency
- -high cohesion-a code that can perform many things based on parameter changes, reduce code and complexity
- -change management n version control-
- threat modeling
- -once we are done with this, we will be able to see the
- system in a very simple and secure manner !
- -identify,analyze and mitigate the threats
- -performed at design phase
- -iterative process
- -should be able to produce all flaws in the end
- thread modeling process
- 1. identify security objectives
- -questionnaires
- 2.create an application overview
- -draw the end to end deployment architecture
- -identify various user roles-who can do what
- -identify use case scenarious-create,read,update,delete jobs
- -identify technologies-os,ws,ds,languages
- -identify application security mechanisms
- 3.decompose the application
- -prepare the document threat model information
- -identify the external dependencies
- -identify the entry points
- -identify the assets-folders,user information such as id, NRIC
- -identify the trust levels
- -define trust levels to entry points
- -define trust levels to assets
- -check if DFD is accurately designed based on the above elements
- -once redefined, we can find all possible ways of attacker to interrupt
- -now all threat path can be redefined
- 4.identify threats
- -different possible categories
- -categorize the threats
- -use STRIDE
- -categorizes based on goals n purpose of attack
- -document the threat
- -rate the threats
- -use DREAD model
- 5. identify vulnerabilities
- secure application architecture design
- -use tiers in the entire app design
- -usually web, application, database
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement