Scribd
Upload
196 views39 pages

Security As A Process in Software Development Lifecycle v2.0

Security should be addressed throughout the entire software development lifecycle as a process rather than an afterthought. Key activities include threat modeling during analysis and design phases to identify vulnerabilities, applying security principles like least privilege during development, and testing for security during deployment. Threat modeling involves identifying assets, decomposing the system, finding attack points, analyzing threats, prioritizing risks, and specifying mitigations. Security must be integrated into all phases from initial planning through post-release maintenance.

Uploaded by

shruti
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
196 views39 pages

Security As A Process in Software Development Lifecycle v2.0

Security should be addressed throughout the entire software development lifecycle as a process rather than an afterthought. Key activities include threat modeling during analysis and design phases to identify vulnerabilities, applying security principles like least privilege during development, and testing for security during deployment. Threat modeling involves identifying assets, decomposing the system, finding attack points, analyzing threats, prioritizing risks, and specifying mitigations. Security must be integrated into all phases from initial planning through post-release maintenance.

Uploaded by

shruti
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 39

Security As A Process In

Software Development Lifecycle

Presented By:
Ahmed Saafan

Agenda

Security layers
Software lifecycle evolution
Security in modern software lifecycle

Analysis phase activities


Design & Development phases activities

Threat Modeling

Deployment & testing phases activities

A final word

Security Layers

Layered Security approach (security


in depth)

Physical Security
Network Security
Host (OS) Security
Application Security

Security Layers

Network Level vulnerabilities

DoS
Packet inspection , password sniffing
Identity theft (Spoofing)

Network breach mitigation techniques

Firewalls
IDSs, IPSs & IDPs
Logs Analysis

Security Layers

Host (OS) vulnerabilities

Hardware firmware vulnerabilities


Windows!!
RPC

Host threats mitigation

Choose the right one


Dont just patch, protect.

Security Layers

Application level vulnerabilities

SQL injection
Application DoS
Session Hijacking

Security Layers

Application level vulnerabilities

SQL injection
Application DoS
Session Hijacking
Cross site scripting (XSS)

XSS

Type-0 attack

Type-1 attack

Type-2 attack

Security Layers

Application level vulnerabilities

SQL injection
Application DoS
Session Hijacking
Cross site scripting (XSS)
Buffer Overflow exploits
Unhandled exceptions' exploits

Security Layers

Application level vulnerabilities

SQL injection
Application DoS
Session Hijacking
Cross site scripting (XSS)
Buffer Overflow exploits
Unhandled exceptions' exploits

Is there a mitigation technique ?

Software lifecycle evolution

Functional Programming / Flow charts

Object Oriented Programming /


Design

UML standards & modern SW lifecycle

Software lifecycle evolution

Security in modern software


lifecycle

Hit backs due to security (patches)

The need for a more secure software

Security as a process in SDLC

Analysis phase activities

Take into consideration:

Confidentiality
Integrity
Availability
Possession
Authenticity
Utility

Design & Development phases


activities

Take into consideration:

Input/Output validation

Design & Development phases


activities

Take into consideration:

Input/Output validation
Principle of least privilege / default deny
Compartmentalization (Separation of Privileges)
Threat Modeling

Threat Modeling

Steps for threat Modeling:

1.

Identify critical assets

2.

Decompose the system

Network Diagram
Functionality diagram

Threat Modeling
3.

Identify Possible points of attack

Trust Boundaries

Data Classification

Threat Modeling

Identify Threats for each node

STRIDE
Model

Threat Modeling

Step-by-step Model (Checklists)

Network Threats

Host Threats

Web services subjected to a denial of service attack


IP spoofing
Faulty configuration of firewall rules, allowing outsiders to get access to
a database and change the data
Errors in ACLs
Sensitive data that flows unencrypted through the network
Using un-patched servers allows crackers to exploit known
vulnerabilities
Lack of clearly defined trust boundaries
Improper server hardening guidelines resulting in a mismatch between
the server configuration and the security context in which its placed

Application Threats

Code thats prone to buffer overflows, SQL injection, or cross-site


scripting
Defective or missing data encryption resulting in password compromise

Threat Modeling

Attack Trees

Threat Modeling
5.

Categorize & prioritize threats

Risk = Probability of occurrence (PO)


X Bussiness impact (BI)

DREAD Model
Project Risk Analysis on threat trees

Threat Modeling
6.

Mitigate

Add Cost of mitigation to attack trees

Take decision based on risk vs. cost

Threat Modeling

Important Notes:

Consider everything that might go


wrong will go wrong

Dynamic Nature of attack trees

Threat Modeling In A Nutshell


Identify critical assets
Decompose the system

1.
2.

Network Diagram
Functionality diagram

Identify Possible points of attack

3.

Trust boundaries
Data classification

Identify threats

4.

STRIDE model OR Step-by-step model


Attack trees

Categorize and prioritize threats

5.

Risk = PO X BI
DREAD model to calculate PO & BI
Project risks on attack trees

Mitigate

6.

Add cost of mitigation to attack trees


Take decision based on risk vs cost

Design & Development phases


activities

Take into consideration:

Input/Output validation

Principle of least privilege / default deny

Compartmentalization (Separation of Privileges)

Threat Modeling

Threat Trees

Integrate security Into Quality assurance process

Sanitization of data between subsystems

Encryption of all communication must be possible

No transmission of passwords in plain text

Coding standards checklists

Logging

Deployment & testing phases


activities

Take into consideration:

IT infrastructure availability
Hardware requirements are met
Remove Trapdoors (Maintenance hooks)
External team to ensure risk mitigation
If possible, Get a black hat!
Stress testing
Regression testing
Disaster recovery/system continuity

A Final word

Security is a process and not a


product
-Bruce Schneir

Open source software (OSS) and


security

Thank you
References:

Software Engineering Security as a Process in the


SDLC , James Purcell 2007
Hack proofing your network, Syngress 2000
Improving Security across SDLC, Task force report 2004
Dont Just Patch, Protect!, Paul Wright 2007
Packet Sniffing In a Switched Environment, Tom King
2006
wikipedia.org/wiki/Session_hijacking
www.0x000000.com/?i=424 , Secure Input validation
en.wikipedia.org/wiki/Buffer_overflow
Inside the Buffer Overflow Attack:Mechanism, Method, &
Prevention, Mark E. Donaldson
Software Engineering, Sommerville 2005
Assumptions In Intrusion Analysis, by Rodney Caudle.

Thank you
References:

http://www.securityfocus.com/columnists/445 , Security
Analogies by Scott Granneman.

http://www.securityfocus.com/columnists/420, Surprises
Inside Microsoft Vista's EULA by Scott Granneman.

http://www.microsoft.com/technet/technetmag/issues/2005/01/
SessionHijacking/?topics=/technet/technetmag/issues/2005/01
/SessionHijacking

Exploiting The Otherwise Non-exploitable on windows,


by Miller Skywing

A Practical Approach To Threat Modeling, by Tom Olzak

Foundation Of Attack Trees, by Sjouke Mauw

From product to process: Bruce Schneier's take on


security , By M. E. Kaba, Network World Security

Newsletter

You might also like