Embed Size (px)
Citation preview
Design for SecuritySota Ogo, HyunGyu Kim
Derek Willms, Chong Tae Chon
Design for SecurityAgenda
• About Security
• Breach Cases
• Best Practices
• Use Cases (Solutions)
• Challenges
• Remaining Open Questions/Issues
• Q&A
About Security• What is Security?
• The method of protecting electronic information or software from unauthorized changes or attacks
• Why is Security important?
• As an individual• Private data is stored on the Internet
• Credit Cards, Bank Accounts, money Transactions, Phone numbers, Home Address, etc.
• As a company• Build and keep trust with customers
• Prevent legal expenses
• Protect business reputation
Security
Privacy
TrustSaving
Reputation
Breach Cases• Heartland Payment System (2008)
• SQL Injection – 160 millions of credit cards leaked
• Linkedin (2012)
• Most of 6.5 million unsalted hashes in a few days
• Impairment Resources (2010)
• 2 PCs were stolen with medical records of 14,000 patients
Hundreds
of Million
Bankrupt
3+ Million
Use Cases(Solutions)• Case 1: Heartland Payment System
• SQL injection
• Frontend: Use framework or libraries to validate and encrypt user input
• Backend : Use data abstraction layer
• Case 2: Linkedin
• *Unsalted SHA-1 Hashing
• Salting
Password Security: Encrypting vs Hashing• Encrypting
• Two way function that is reversible
DecryptEncryptHello! aSd21r Hello!
• Hashing
• One way function that is irreversible
hash("hello") = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824hash("hbllo") = 58756879c05c68dfac9866712fad6a93f8146f337a69afe7dd238f3364946366hash("waltz") = c0e81794384491161f1777c232bc6bd9ec38f616560b120fda8e90f383853542
• Linkedin Hashed Password
• Salting
• Eliminates password redundancy
• Converts simple passwords to more difficult ones
• Eliminates the use of Dictionary Search
• Tae has an unsalted password of hellohash("hello") = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
• Sota, Sam, and Derek all have the same passwords but they are salted.
hash("hello" + "QxLUF1bgIAdeQX") = 9e209040c863f84a31e719795b2577523954739fe5ed3b58a75cff2127075ed1
hash("hello" + "bv5PehSMfV11Cd") = d1d3ec2e6f20fd420d50e2642992841d8338a314b8ea157c9e18477aaef226ab
hash("hello" + "YYLmfY6IehjZMQ") = a49670c3c18b9e079b9cfaf51634f563dc8ae3070db2c4a8544305df1b60f007
Use Cases(Solutions)• Case 1: Heartland Payment System
• SQL injection
• Frontend: Use framework or libraries to validate and encrypt user input
• Backend : Use data abstraction layer
• Case 2: Linkedin
• *Unsalted SHA-1 Hashing
• Distributed Credential Protection
• Case 3: Impairment Resources
• Physical theft
• Locate servers and computers in secure area
• Encrypt hard-drives and use password
Best Practices• Always design with security in mind
• Think like a potential malicious user
• High-level Principles
• Design your code modularly
• Test extensively (in an automated way if possible)
• Defense in depth: more than one subsystem before the core system
• Establish effective audit trails and logs
• Include fail safes
• Follow Industry Standards
Challenges• There are many different types of security
vulnerabilities.
• Security systems are constantly changing.
• Many websites made prior to 2008 are vulnerable to SQL injection and session hijacking.
• Software must be designed with security in mind from the start.
• An article on Think Progress,
“American banks and retailers don’t want to spend the money to upgrade to more secure technology. Instead, the U.S. spends billions of dollars to bounce back from a breach—about $5.4 million per incident, according to the study” (Williams).
Remaining Open Questions/Issues• How to keep up with evolving security threats.
• How should laws evolve to prosecute offenders of security breaches.
• Can we ever reach 100% security?
• How can we educate programmers to be conscious of security threats.
• How can we educate programmers to refrain from developing malicious programs.
Q & A
