Home Page Icon
Home Page
Table of Contents for
Designing Secure Software
Close
Designing Secure Software
by Loren Kohnfelder
Designing Secure Software
Title Page
Copyright
Dedication
About the Author
Foreword
Preface
Acknowledgments
Introduction
Who Should Read This Book?
What Topics Does the Book Cover?
Part I: Concepts
Part II: Design
Part III: Implementation
Conclusion
Appendices
Good, Safe Fun
Part I: Concepts
Chapter 1: Foundations
Understanding Security
Trust
Feeling Trust
You Cannot See Bits
Competence and Imperfection
Trust Is a Spectrum
Trust Decisions
Implicitly Trusted Components
Being Trustworthy
Classic Principles
Information Security’s C-I-A
The Gold Standard
Privacy
Chapter 2: Threats
The Adversarial Perspective
The Four Questions
Threat Modeling
Work from a Model
Identify Assets
Identify Attack Surfaces
Identify Trust Boundaries
Identify Threats
Mitigate Threats
Privacy Considerations
Threat Modeling Everywhere
Chapter 3: Mitigation
Addressing Threats
Structural Mitigation Strategies
Minimize Attack Surfaces
Narrow Windows of Vulnerability
Minimize Data Exposure
Access Policy and Access Controls
Interfaces
Communication
Storage
Chapter 4: Patterns
Design Attributes
Economy of Design
Transparent Design
Exposure Minimization
Least Privilege
Least Information
Secure by Default
Allowlists over Blocklists
Avoid Predictability
Fail Securely
Strong Enforcement
Complete Mediation
Least Common Mechanism
Redundancy
Defense in Depth
Separation of Privilege
Trust and Responsibility
Reluctance to Trust
Accept Security Responsibility
Anti-Patterns
Confused Deputy
Backflow of Trust
Third-Party Hooks
Unpatchable Components
Chapter 5: Cryptography
Crypto Tools
Random Numbers
Pseudo-Random Numbers
Cryptographically Secure Pseudo-Random Numbers
Message Authentication Codes
Using MACs to Prevent Tampering
Replay Attacks
Secure MAC Communications
Symmetric Encryption
One-Time Pad
Advanced Encryption Standard
Using Symmetric Cryptography
Asymmetric Encryption
The RSA Cryptosystem
Digital Signatures
Digital Certificates
Key Exchange
Using Crypto
Part II: Design
Chapter 6: Secure Design
Integrating Security in Design
Making Design Assumptions Explicit
Defining the Scope
Setting Security Requirements
Threat Modeling
Building in Mitigations
Designing Interfaces
Designing Data Handling
Integrating Privacy into Design
Planning for the Full Software Life Cycle
Making Trade-offs
Design Simplicity
Chapter 7: Security Design Reviews
SDR Logistics
Why Conduct an SDR?
When to Conduct an SDR
Documentation Is Essential
The SDR Process
1. Study
2. Inquire
3. Identify
4. Collaborate
5. Write
6. Follow Up
Assessing Design Security
Using the Four Questions as Guidance
Where to Dig
Privacy Reviews
Reviewing Updates
Managing Disagreement
Communicate Tactfully
Case Study: A Difficult Review
Escalating Disagreements
Practice, Practice, Practice
Part III: Implementation
Chapter 8: Secure Programming
The Challenge
Malicious Influence
Vulnerabilities Are Bugs
Vulnerability Chains
Bugs and Entropy
Vigilance
Case Study: GotoFail
One-Line Vulnerability
Beware of Footguns
Lessons from GotoFail
Coding Vulnerabilities
Atomicity
Timing Attacks
Serialization
The Usual Suspects
Chapter 9: Low-Level Coding Flaws
Arithmetic Vulnerabilities
Fixed-Width Integer Vulnerabilities
Floating-Point Precision Vulnerabilities
Example: Floating-Point Underflow
Example: Integer Overflow
Safe Arithmetic
Memory Access Vulnerabilities
Memory Management
Buffer Overflow
Example: Memory Allocation Vulnerabilities
Case Study: Heartbleed
Chapter 10: Untrusted Input
Input Validation
Determining Validity
Validation Criteria
Rejecting Invalid Input
Correcting Invalid Input
Character String Vulnerabilities
Length Issues
Unicode Issues
Injection Vulnerabilities
SQL Injection
Path Traversal
Regular Expressions
Dangers of XML
Mitigating Injection Attacks
Chapter 11: Web Security
Build on a Framework
The Web Security Model
The HTTP Protocol
Digital Certificates and HTTPS
The Same Origin Policy
Web Cookies
Common Web Vulnerabilities
Cross-Site Scripting
Cross-Site Request Forgery
More Vulnerabilities and Mitigations
Chapter 12: Security Testing
What Is Security Testing?
Security Testing the GotoFail Vulnerability
Functional Testing
Functional Testing with the Vulnerability
Security Test Cases
The Limits of Security Tests
Writing Security Test Cases
Testing Input Validation
Testing for XSS Vulnerabilities
Fuzz Testing
Security Regression Tests
Availability Testing
Resource Consumption
Threshold Testing
Distributed Denial-of-Service Attacks
Best Practices for Security Testing
Test-Driven Development
Leveraging Integration Testing
Security Testing Catch-Up
Chapter 13: Secure Development Best Practices
Code Quality
Code Hygiene
Exception and Error Handling
Documenting Security
Security Code Reviews
Dependencies
Choosing Secure Components
Securing Interfaces
Don’t Reinvent Security Wheels
Contending with Legacy Security
Vulnerability Triage
DREAD Assessments
Crafting Working Exploits
Making Triage Decisions
Maintaining a Secure Development Environment
Separating Development from Production
Securing Development Tools
Releasing the Product
Afterword
Call to Action
Security Is Everyone’s Job
Baking in Security
Future Security
Improving Software Quality
Managing Complexity
From Minimizing to Maximizing Transparency
Improving Software Authenticity, Trust, and Responsibility
Delivering the Last Mile
Conclusion
Appendix A: Sample Design Document
Title – Private Data Logging Component Design Document
Section 1 – Product Description
Section 2 – Overview
2.1 Purpose
2.2 Scope
2.3 Concepts
2.4 Requirements
2.5 Non-Goals
2.6 Outstanding Issues
2.7 Alternative Designs
Section 3 – Use Cases
Section 4 – System Architecture
Section 5 – Data Design
Section 6 – API
6.1 Hello Request
6.2 Schema Definition Request
6.3 Event Log Request
6.4 Goodbye Request
Section 7 – User Interface Design
Section 8 – Technical Design
Section 9 – Configuration
Section 10 – References
Appendix B: Glossary
Appendix C: Exercises
Appendix D: Cheat Sheets
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Designing Secure Software
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset