Software Engineering for Secure SystemsIndividual Research Project

Hiram Garcia

Security Engineering

“Security engineering is about building systems that are and can remain dependable in the face of malice, error or mischance. As a discipline, security engineering focuses on the tools, processes and methods needed to design, implement and test complete systems, and to adapt existing systems as their environment evolves.”

Requirements Engineering*A cooperative, iterative and incremental process which aims at ensuring that:1.All relevant requirements are explicitly known and understood at the required level of detail2.A sufficient agreement about the system requirements is achieved between the stakeholders involved3.All requirements are documented and specified in compliance with the defined documentation/specification formats and rules

*Requirements Engineering: Fundamentals, Principles & Techniques – Klaus Pohl

3

• Flawed requirements a major cause of project failure – one of top ten failures in Standish CHAOS Reports

• Fixing an error in later phases 10x more expensive

• Incorrect requirements Incorrect system leads to wasted costs

• System maybe unreliable for practical use disrupting normal day-to-day operations

• The primary vehicle for going from “vision” to “realization”

4

Main Kinds of Requirements

5

• Product Requirements– Capability Requirements

• local to system, specific system functionality– Level of Service Requirements

• local to system, may affect many system requirements• System Interface Requirements

– varies, affects groups system requirements• Project Requirements

– global to project, affects overall system requirements• Evolutionary Requirements

– varies, effects design and implementation

Examples of Levels of Service• Dependability

– Reliability– Availability

• Usability– Ease of learning– Ease of use

• Performance• Maintainability• Portability• Inter-operability (or binary portability)• Reusability• Security

6

Top 25 Most Dangerous Software Errors in 2011

1. SQL-injection7. Used of Hard-coded credentials8. Missing encryption of sensitive data9. Unrestricted upload of file with dangerous

type11.Execution with unnecessary privilegesNon errors: Phishing attacks, malware

SQL Injection1. Figure out how the application handles bad inputs

Insert something like hacker@programmerinterview.com‘

into an email address form field then there are basically 2 possibilities:1 - The application will first “sanitize” the input, then, the

application may run the sanitized input in the database query 2 - The application will not sanitize the input first

- This is what the hacker is hoping would happen

– Run the actual SQL injection attack

Phishing Attack

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. - Wikipedia

Phishing Attack - Amazon

Associated Press Twitter

DOW Jones Index immediately following attach.

http://abcnews.go.com/GMA/video/press-twitter-hacked-white-house-explosion-obama-injury-19029118

Types of DefensesAttack Defense

SQL-injection Parameterized Queries or Stored Procedures

Used of Hard-coded credentials Avoid hard coding

Missing encryption of sensitive data Encrypt any sensitive data

Unrestricted upload of file with dangerous type

Restrict dangerous file type uploads

Execution with unnecessary privileges Execute with elevated privileges only when required

Phishing • Challenge–response • Secret questions• Multi-factor authentication

Malware • Keep Antivirus up to date• Perform scheduled scans

Multi Factor AuthenticationRequires the presentation of two or more of the three authentication factors:•a knowledge factor ("something the user knows“) like password or pin, •a possession factor ("something the user has“) like phone call, text message or email, and •an inherence factor ("something the user is") like a finger print or retina scan.

Keywords & References

14

• Keywords • Secure Systems, Security, Software, Cloud computing• References1. “Software Engineering for Security: a Roadmap”, Premkumar T. Devanbu, Stuart Stubblebine2. “SECURITY IN SOFTWARE ARCHITECTURE: A CASE STUDY”, Adam Sachitano, Richard O. Chapman, Ph.D.,

Member, IEEE and John A. Hamilton, Jr.,Ph.D., Senior Member, IEEE3. “Secure Software Systems Engineering: The Secure Tropos Approach”, Haralambos Mouratidis4. “Requirements Engineering”, Nupul Kukreja, Barry Boehm5. Evernote hack shows that passwords aren't good enough by Tony Bradley

http://www.pcworld.com/article/2030052/evernote-hack-shows-that-passwords-arent-good-enough.html6. Twitter 2-Factor Authentication: What It Is and Why It Would Help National Security http

://abcnews.go.com/Technology/ap-twitter-hack-cited-proof-factor-authentication-desperately/story?id=19031526#.UXv727XbPHR

7. Common Weakness Enumerationhttp://cwe.mitre.org/top25/#Listing

8. Provide an example of SQL Injectionhttp://www.programmerinterview.com/index.php/database-sql/sql-injection-example/