CruSec’s 2019 CISSP Study Guide - Domain 8: Software Development Security
Domain 8: Software Development Security
8.1 Understand and integrate security in the Software Development Life Cycle
Machine Code is binary language built into a CPU. Just above that is assembly language, which are low level commands. Humans use source-code and convert it into machine code with compilers.
Interpreters can translate each line of code into machine language on the fly while the program runs
Bytecode is an intermediary form between source and machine code ready to be executed in a Java Virtual Machine
Procedural and Object-Oriented Languages
Procedural – uses subroutines, procedures and functions, step-by-step. Examples include C and FORTRAN
Object-oriented – define abstract objects through the uses of classes, attributes and methods. Examples include C++ and Java
A class is a collection of common methods that define actions of objects
Computer-Aided Software Engineering (CASE)
Programs that assist in creation and maintenance of other programs. Examples:
compilers, assemblers, linkers, translators, loaders/debuggers, program editors, code analyzers and version control mechanisms
Databases are structured collections of data that allow queries (searches), insertions, deletions and updates
Database Management Systems are designed to manage the creation, querying, updating and administration of databases. Examples include MySQL, PostgreSQL, Microsoft SQL Server, etc
Types of databases:
Relational (RDBMS)– most common. Uses tables which are made up of rows and columns.
A row is a database record, called a tuple. The number of rows is referred to as a table’s cardinality.
A column is called an attribute. The number of columns is referred to a table’s degree
Entries in relational databases are linked by relationships:
• Candidate Keys – are a subset of attributes that can be used to uniquely ID any record in a table. No two records will ever contain the same values composing a candidate key. A table will normally have more than one candidate key, and there is no limit to how many candidate keys can exist in a table
Primary Keys – selected from the set of candidate keys for a table to be used to uniquely ID the records of a table. Each table will only have one.
There is no limit to how many candidate keys can be in a table, however there can only be one Primary
Polyinstantiation is the concept of allowing multiple records that seem to have the
same primary key values into a database at different classification levels. This
means it can be used to prevent unauthorized users from determining classified
info by noticing the absence of info normally available to them
Foreign Keys – enforce relationships between two tables, also known as referential integrity. This ensures that if one table contains a foreign key, it corresponds to a still-existing primary key in the other table.
Object-oriented – combine data with functions in an object-oriented framework. Normal databases just contain data
Rules that remove redundant data and improves the integrity and availabiity of the database
First Normal Form (1NF) – divide data into tables
Second Normal Form (2NF) – move data that is partially dependent to the primary key to another table (all the shit in the table has to be on the same topic)
Third normal Form (3NF) – remove data that is not dependent on the primary key
8.2 Identify and apply security controls in development environments
8.3 Assess the effectiveness of software security
8.4 Assess security impact of acquired software
8.5 Define and apply secure coding guidelines and standards
During software testing, APIs, User Interfaces (UIs) and physical interfaces are tested
Application Development Methods
Waterfall - has a feedback loop that allows progress one step backwards or forwards.
Emphasis on early documentation
The Modified Waterfall Model adds validation/verification to the process
Spiral – improves on the two previous models because each step of the process goes through the entire development lifecycle
Agile – highest priority is satisfying the customer through early and continuous delivery. It does not prioritize security.
Individuals and interactions over processes and tools
Working software over comprehensive documentation
Customer collaboration over contract negotiation
Responding to change over following a plan
Software Development Lifecycle Phases
Initiation – Define need and purpose of project
Development/Acquisition – determine security requirements and incorporate them into specifications
Implementation – install controls, security testing, accreditation
Operation – backups, training, key management, audits and monitoring etc
Disposal – archiving and media sanitation
Third party archives source code
Source code is revealed if product is abandoned
Protects the purchaser should the vendor go out of business
Old system had strict separation of duties between devs, quality assurance and production
DevOps is more agile with everyone working together in the entire service lifecycle
Software Capability Maturity Model (SW-CMM) – states all software development matures through phases in a sequential fashion. Intends to improve maturity and quality of software by implementing an evolutionary path from ad hoc, chaotic processes to mature, disciplined software processes.
Initial – developers are unorganized with no real plan. No defined software development process
Repeatable – lifecycle management processes are introduced. Code is reused.
Defined – devlopers operate according to a set of documented processes. All actions occur within constraints of those processes.
Managed – Quantitative measures are used to understand the development process.
Optimizing – Processes for defect prevention, change management, and process change are used.
Object Oriented Programming
Java, C++, etc. Objects contain data and methods. Objects provide data hiding.
Object – account, employee, customer, whatever
Method – actions on an object
Class – think of a blueprint. Defines the data and methods the object will conain. Does not contain data or methods itself, but instead defines those contained in objects
Polymorphism – objects can take on different forms. This is common among malware that modifies its code as it propagates to avoid detection.
Coupling and Cohesion
Coupling – how much modules depend on each other
Cohesion – refers to how the elements of a model belong together. High cohesion reduces duplication of data
You want low coupling and high cohesion