Domain 8: Software Development Security

8.1 Understand and integrate security in the Software Development Life Cycle

Programming Concepts

• Machine Code is binary language built into a CPU. Just above that is assembly language, which are low level commands. Humans use source-code and convert it into machine code with compilers.

• Interpreters can translate each line of code into machine language on the fly while the program runs

• Bytecode is an intermediary form between source and machine code ready to be executed in a Java Virtual Machine

Procedural and Object-Oriented Languages

• Procedural – uses subroutines, procedures and functions, step-by-step. Examples include C and FORTRAN

• Object-oriented – define abstract objects through the uses of classes, attributes and methods. Examples include C++ and Java

• A class is a collection of common methods that define actions of objects

Computer-Aided Software Engineering (CASE)

• Programs that assist in creation and maintenance of other programs. Examples:

• compilers, assemblers, linkers, translators, loaders/debuggers, program editors, code analyzers and version control mechanisms

Databases

• Databases are structured collections of data that allow queries (searches), insertions, deletions and updates

• Database Management Systems are designed to manage the creation, querying, updating and administration of databases. Examples include MySQL, PostgreSQL, Microsoft SQL Server, etc

• Types of databases:

• Relational (RDBMS)– most common. Uses tables which are made up of rows and columns.

• A row is a database record, called a tuple. The number of rows is referred to as a table’s cardinality.

• A column is called an attribute. The number of columns is referred to a table’s degree

• Entries in relational databases are linked by relationships:

• Candidate Keys – are a subset of attributes that can be used to uniquely ID any record in a table. No two records will ever contain the same values composing a candidate key. A table will normally have more than one candidate key, and there is no limit to how many candidate keys can exist in a table

• Primary Keys – selected from the set of candidate keys for a table to be used to uniquely ID the records of a table. Each table will only have one.

• There is no limit to how many candidate keys can be in a table, however there can only be one Primary

• Polyinstantiation is the concept of allowing multiple records that seem to have the

same primary key values into a database at different classification levels. This

means it can be used to prevent unauthorized users from determining classified

info by noticing the absence of info normally available to them

• Foreign Keys – enforce relationships between two tables, also known as referential integrity. This ensures that if one table contains a foreign key, it corresponds to a still-existing primary key in the other table.

• Hierarchical

• Object-oriented – combine data with functions in an object-oriented framework. Normal databases just contain data

• Flat file

Database Normalization

• Rules that remove redundant data and improves the integrity and availabiity of the database

• Three rules:

• First Normal Form (1NF) – divide data into tables

• Second Normal Form (2NF) – move data that is partially dependent to the primary key to another table (all the shit in the table has to be on the same topic)

• Third normal Form (3NF) – remove data that is not dependent on the primary key

8.2 Identify and apply security controls in development environments

8.3 Assess the effectiveness of software security

8.4 Assess security impact of acquired software

8.5 Define and apply secure coding guidelines and standards

• During software testing, APIs, User Interfaces (UIs) and physical interfaces are tested

Application Development Methods

• Waterfall - has a feedback loop that allows progress one step backwards or forwards.

• Emphasis on early documentation

• The Modified Waterfall Model adds validation/verification to the process

• Spiral – improves on the two previous models because each step of the process goes through the entire development lifecycle

• Agile – highest priority is satisfying the customer through early and continuous delivery. It does not prioritize security.

• Agile Manifesto:

• Individuals and interactions over processes and tools

• Working software over comprehensive documentation

• Customer collaboration over contract negotiation

• Responding to change over following a plan

Software Development Lifecycle Phases

1. Initiation – Define need and purpose of project

2. Development/Acquisition – determine security requirements and incorporate them into specifications

3. Implementation – install controls, security testing, accreditation

4. Operation – backups, training, key management, audits and monitoring etc

5. Disposal – archiving and media sanitation

Software Escrow

• Third party archives source code

• Source code is revealed if product is abandoned

• Protects the purchaser should the vendor go out of business

DevOps

• Old system had strict separation of duties between devs, quality assurance and production

• DevOps is more agile with everyone working together in the entire service lifecycle

Maturity Models

• Software Capability Maturity Model (SW-CMM) – states all software development matures through phases in a sequential fashion. Intends to improve maturity and quality of software by implementing an evolutionary path from ad hoc, chaotic processes to mature, disciplined software processes.

2. Initial – developers are unorganized with no real plan. No defined software development process

3. Repeatable – lifecycle management processes are introduced. Code is reused.

4. Defined – devlopers operate according to a set of documented processes. All actions occur within constraints of those processes.

5. Managed – Quantitative measures are used to understand the development process.

6. Optimizing – Processes for defect prevention, change management, and process change are used.

Object Oriented Programming

• Java, C++, etc. Objects contain data and methods. Objects provide data hiding.

• Object – account, employee, customer, whatever

• Method – actions on an object

• Class – think of a blueprint. Defines the data and methods the object will conain. Does not contain data or methods itself, but instead defines those contained in objects

• Polymorphism – objects can take on different forms. This is common among malware that modifies its code as it propagates to avoid detection.

Coupling and Cohesion

• Coupling – how much modules depend on each other

• Cohesion – refers to how the elements of a model belong together. High cohesion reduces duplication of data

• You want low coupling and high cohesion

#CISSP