Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security potpourri INF 123 – Software architecture (Slides from Dick Taylor and Crista Lopes) 1.

Published byElfrieda Berry Modified over 8 years ago

Similar presentations

Presentation on theme: "Security potpourri INF 123 – Software architecture (Slides from Dick Taylor and Crista Lopes) 1."— Presentation transcript:

1 Security potpourri INF 123 – Software architecture tdebeauv@uci.edu (Slides from Dick Taylor and Crista Lopes) 1

2 Potpourri 2

3 3

4 Outline Definitions Common security design decisions Trust between users Practical guidelines 4

5 DEFINITIONS 5

6 Security Non-functional property Protection aimed at preserving the system’s: – integrity, – availability, – and confidentiality. (Definition from the National Institute of Standards and Technology) 6

7 Confidentiality Only authorized parties can access the information Breach 7

8 Integrity Authorized parties can manipulate information only in the authorized ways Corruption 8 Denethor is only a steward, but he acts like a king. (He should not.)

9 Availability Authorized parties can access resources on all appropriate occasions Denial of service 9

10 SECURITY DESIGN DECISIONS 10

11 Common security design decisions Principle Of Least Authority – POLA Separation of privilege Complete mediation Fail-safe defaults Access control … 11

12 POLA AKA Principle of Least Privilege Do not give to a component more privilege (data, visibility, CPU time, bandwidth, …) than it needs 12

13 POLA 13 Something shiny! Don’t touch it!

14 POLA 14 What do you think of Sauron? He’s a good guy! I shouldn’t say more… That’s not in the script …

15 Separation of privilege Goal: avoid exploitation of privilege Run different actions in different modes Example: – network.py needs to go through the firewall – view.py does not – Open port only for network.py 15

16 Complete mediation Make sure every access is permitted 16 Access control data Frodo’s path Mordor checkpoints So easy …

17 Fail-safe defaults Deny access if explicit permission is absent Be paranoiac 17 I don’t trust him, Mr Frodo.

18 Access control Decide whether access to a protected resource should be granted or denied Discretionary access control – Based on the identity of the requestor, the resource, and whether the requestor has permission to access Mandatory access control – Policy based 18

19 Discretionary Access Control 19 Database AComponent QInterface F AliceRead-Write; Always BendYes BobRead-Write; Between 9 and 5 FoldNo CharlesNo accessSpindleNo DaveNo accessMutilateYes EveRead-only; Always NoneNo

20 Mandatory Access Control Bob: Secret Alice: Confidential Tom: Top Secret 20

21 TRUST BETWEEN USERS 21

22 22

23 Example: Ebay Open decentralized application Independent buyers/sellers Potentially malicious participants Need to counter threats Marvin (malicious) Carol Bob Alice Mallory (malicious) Decentralized Auctioning 23

24 Trust and security Trust is not binary – You trust some people – About some topics – For some time Many security threats exploit human nature – Social engineering 24

25 Security and trust 25 No trust Blind trust Computer measures Social measures

26 Impersonation Bob Alice Mallory (malicious) “I am Bob” Bob is reliable and everyone has a good opinion about Bob 26

27 Fraudulent Actions Alice “buyer” Alice pays for the items Marvin “seller” (malicious) Marvin does not ship the items 27

28 Misrepresentation Bob Alice Mallory (malicious) “Bob is unreliable” Bob is reliable and everyone has a good opinion about Bob 28

29 Collusion (!= collision) Bob Alice Mallory (malicious) “Bob is unreliable” Bob is reliable and everyone has a good opinion about Bob Marvin (malicious) 29

30 Addition of Unknowns Carol (new entrant in the system) Bob Alice Bob has no information about Carol; he is not sure whether to interact with Carol Carol is new and does not know Alice; she is not sure whether to interact with Alice 30

31 PRACTICAL GUIDELINES 31

32 In practice Never-ending game of: – Find vulnerability – Attack – Fix – Repeat No system is 100% secure Least common denominator: A system is as secure as its least secure component 32

33 Intermezzo: MD5 Message Digest algorithm 5 Transforms an arbitrary-length message into a 128-bit value – One way function MD5("The quick brown fox jumps over ") = 9e107d9d372bb6826bd81d3542a419d6 MD5(" The quick brown fox jumps over. ") = e4d909c290d0fb1ca068ffaddf22cbd0

34 Intermezzo: MD5 dictionary attack Goal: recover passwords from their encryption Brute-force – Given 9e107d9d372bb6826bd81d3542a419d6 – Iterate over MD5(words) and compare the hash Dictionary attack – Rainbow tables: map MD5 to common passwords { 9e107d9d: ‘password’, 6826bd85: ‘qwerty’, … } – http://www.cbsnews.com/news/the-25-most- common-passwords-of-2013/ http://www.cbsnews.com/news/the-25-most- common-passwords-of-2013/ 34

35 Least common denominator: example MD5 encryption for passwords Hash of passwords stored in DB But root DB password is ‘password’  Dictionary attack Attacker knows all passwords 35

36 Solutions MD5 with salt – MD5(password + salt) instead of MD5(password) – Prevent rainbow attack – But need to keep the salt around How do you protect the salt? Better password MD5 has collisions: use SHA1 instead of MD5 36

37 HTTPS = HTTP + SSL Send HTTP request to server Problem: Eavesdropping Problem: Man-in-the-middle – Malicious server pretends to be your server Solution: encrypt transmitted data 37 POST /home/login HTTP/1.1 Hostname: … Content-Type: json Content-Length: 26 { name:foo, password:OMG } 1d5fs#d3R6[5wgfr48rs&g=24fg +3t2fgfdC5.3gdf*453gdfg241df 3%2gdDf1we&4w*e348sf48q6x wBas2Aa213dJE SSL Encrypt headers and payload, but not (IP, port) (the attacker already knows my IP and that of the server to do a MITM attack)

38 Practicality Sometimes the human is the least common denominator 38

39 Password reuse 39

40 Password vs passphrase 40

41 Sanitize inputs 41 Solution: escape dangerous characters (replace ‘ by \’ or by space) PHP: mysql_real_escape_string

42 Think about the problem first … 42 Voting machines download executables from the Internet??? Yes, because they run on normal computers, with Windows OS, not as purpose-built embedded systems like ATMs.

Download ppt "Security potpourri INF 123 – Software architecture (Slides from Dick Taylor and Crista Lopes) 1."

Similar presentations

Operating System Security

Operating System Security
Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Engineering Secure Software. Uses of Risk Thus Far  Start with the functionality Use cases  abuse/misuse cases p(exploit), p(vulnerability)  Start.

Engineering Secure Software. Uses of Risk Thus Far  Start with the functionality Use cases  abuse/misuse cases p(exploit), p(vulnerability)  Start.
PACE: An Architectural Style for Trust Management in Decentralized Applications Girish Suryanarayana Justin Erenkrantz Scott Hendrickson.

PACE: An Architectural Style for Trust Management in Decentralized Applications Girish Suryanarayana Justin Erenkrantz Scott Hendrickson.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture Lecture 21.

Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture Lecture 21.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 14 Prof. Crista Lopes.

INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 14 Prof. Crista Lopes.
Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture Lecture 21.

Copyright © Richard N. Taylor, Nenad Medvidovic, and Eric M. Dashofy. All rights reserved. Security and Trust Software Architecture Lecture 21.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 17 Prof. Crista Lopes.

INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 17 Prof. Crista Lopes.
Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.

Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Cryptography 101 Frank Hecker

Cryptography 101 Frank Hecker
Chapter 31 Network Security

Chapter 31 Network Security
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Similar presentations

Ads by Google