importance of secure application design-cost increases as the flaw identified

1. importance of secure application design
2. -cost increases as the flaw identified in the later process of SDLC
3. *0,*1,*6,*15,100*
4. -best to be done in the design phase
5. -developer will be forced to write a better code
6. -so we can mitigate as much as treat as can
7.  
8. various secure design principles
9. -SecurityThroughObsecurity-make it unknown or make the flaw unknown
10. -secure the weakest link-usually attacker will find end point instead of trying to decrypt
11. -use least privilege principles
12. -secure by default-by default password aging n complexity should be enabled
13. -fail securely-means when fail don't expose error info
14. -apply defense in depth-apply check to the entire flow
15. -do not trust user input
16. -reduce attack surface-reduce entry points as much as can
17. -enable auditing and logging
18. -seperation of duties-example system administrator should not be allowed as super-priv user
19. -fix security issues correctly-check new code introduced for not producing new flaw
20. -protect sensitive data-use the best encryption method
21. -exception handling
22. -secure memory management-check for buffer over flow-check length before pushing in
23. -protect memory or storage secrets-encryt secrets to avoid being dumped in crash dump,scrub before deletion
24. -fault tolerance-system should continue to perform despite errors
25. -fault detection-at the same time, should inform relevant party about detection-at
26. -fault removal-during design phase
27. -fault avoidance-during development
28. -loose coupling- avoid dependency
29. -high cohesion-a code that can perform many things based on parameter changes, reduce code and complexity
30. -change management n version control-
31.  
32. threat modeling
33. -once we are done with this, we will be able to see the
34. system in a very simple and secure manner !
35. -identify,analyze and mitigate the threats
36. -performed at design phase
37. -iterative process
38. -should be able to produce all flaws in the end
39.  
40. thread modeling process
41. 1. identify security objectives
42. -questionnaires
43. 2.create an application overview
44. -draw the end to end deployment architecture
45. -identify various user roles-who can do what
46. -identify use case scenarious-create,read,update,delete jobs
47. -identify technologies-os,ws,ds,languages
48. -identify application security mechanisms
49. 3.decompose the application
50. -prepare the document threat model information
51. -identify the external dependencies
52. -identify the entry points
53. -identify the assets-folders,user information such as id, NRIC
54. -identify the trust levels
55. -define trust levels to entry points
56. -define trust levels to assets
57. -check if DFD is accurately designed based on the above elements
58. -once redefined, we can find all possible ways of attacker to interrupt
59. -now all threat path can be redefined
60. 4.identify threats
61. -different possible categories
62. -categorize the threats
63. -use STRIDE
64. -categorizes based on goals n purpose of attack
65. -document the threat
66. -rate the threats
67. -use DREAD model
68.  
69. 5. identify vulnerabilities
70.  
71. secure application architecture design
72. -use tiers in the entire app design
73. -usually web, application, database