Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 10 Security and Encryption. Objectives Explain the nature of a threat model Be able to construct a threat model Be aware of common threats to.

Published byJared Gordon Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 10 Security and Encryption. Objectives Explain the nature of a threat model Be able to construct a threat model Be aware of common threats to."— Presentation transcript:

1 Chapter 10 Security and Encryption

2 Objectives Explain the nature of a threat model Be able to construct a threat model Be aware of common threats to web applications and how to prevent attacks Explain the principles for developing a secure web application

3 Security Characteristics for Computer Systems Confidentiality: data and communication are private Integrity: data are free of tampering and damage Availability: an application can be used when it is needed Authentication: each party to a transaction can be reliably identified Authorization: each user is given only appropriate privileges Accountability: each user is bound to his/her actions (cannot repudiate them)

4 Threat Modeling – Definitions Threat: a potential misuse of an application (event) that will cause harm if it does occur Attack: an actual attempt to misuse an application Vulnerability: a flaw within an application that enables an attack to succeed

5 Building a Threat Model A complete threat model includes a list of threats, including for each: –Threat description –Attacker profile (skill, resources, motivation) –Means of attack –Likely damage if the attack succeeds

6 Threat Model Component Online Ticketing System Threat: Attacker gains root control of system Possible methods: Buffer overflow attack Objectives: Gain root authority, enabling attacker to run arbitrary commands Attacker (goal, experience, resources): Attacker is a professional criminal, seeking to gain financially from theft of tickets or to cause financial harm to company. Attacker may have access to a botnet, and information about recently discovered vulnerabilities. Likely harm: Attacker steals tickets, causing financial loss to the system, or attacker compromises the system, causing down-time and ultimate loss of business.

7 Common Attacks on Web Applications Buffer Overflow Cross-Site Scripting Denial of Service Insider Misuse Password Guessing Sniffing Spoofing SQL Injection

8 Buffer Overflow Buffer: a memory allocation intended to hold input or output Buffer overflow: input is too large; excess input overflows into subsequent memory If the overflow area contains instructions, the attacker can effectively take control of the application by rewriting critical parts

9 Protection against Buffer Overflow 1.Use safe languages (Java, C#, etc.) that do not allow buffer overflow (C++ is the WORST choice) 2.If the language allows overflows, check each buffer operation against size limits.

10 Cross-Site Scripting (XSS) The attacker embeds malicious HTML code in a public website The victim (another user) clicks on a link in that code, causing the victim's cookie to be sent to the attacker's website The attacker then uses the victims cookie to misuse the victim's open session –improper transaction, theft of information,etc.

11 Attacker's server Cross-Site Scripting Application Website (e-commerce, bank, etc.) attacker victim 1. embed malicious HTML 2a. click on malicious link 2b. send victim's cookie (as a result of clicking the link) 3. misuse victim's session

12 Protection Against XSS Any text posted by users (comments, reviews, etc.), must be filtered Only legal characters should be allowed; delimiters in particular should not be allowed All illigeal characters should be deleted or replaced by escape characters –for example, replace by < and >

13 Denial of Service The attacker bombards the victim's server with spurious internet traffic, so that it is unable to carry out normal operations bot Attacker's botnet Server IP Traffic legitimate user

14 Protection Against DOS Attack Use multiple internet portals, from different vendors Use a firewall to filter suspicious IP traffic

15 Insider Misuse Corporate insiders are the source of many attacks, including –theft –espionage –sabotage (revenge) Security mechanisms are often directed at external attackers only, leaving the door open to inside attacks

16 Protection Against Insider Misuse A so-called "demilitarized zone" protects the application with firewalls from both outside and inside attack Insiders are restricted to authorized and monitored access only

17 Password Guessing People often create passwords from familiar words, dates, names, etc. Password guessing uses combinations of these in repeated attempts to login Account-ids may be guessed also, or may be derived from scanning other sources (e.g., email addresses)

18 Protection Against Password Guessing Insist on strong passwords –include digits, special symbols Delay response for a few seconds after a failed login, to slow down guessing Lock the user's account for a short period after repeated failed attempts –e.g., 1-hour lock after five consecutive failed attempts

19 Sniffing Internet traffic also passes through local networks, where it can be monitored Sensitive information that is transmitted in plain text (unencrypted) can be read by other parties on a local network or at an intermediate internet hub Internet Gateway Internet Workstation local area network

20 Protection against Sniffing Use HTTPS for any transactions containing sensitive information –login credentials –financial information –personal information –etc.

21 Spoofing The attacker creates a phony website that spoofs a real website (bank, etc.) Victims are tricked into logging in to the phony site The attacker uses stolen credentials to access victims' accounts With real-time spoofing, the attacker's website communicates with the spoofed website

22 Protection Against Spoofing Educate users never to click on emailed hyperlinks, and to use their own bookmarks or a typed URL instead Use a challenge-response test to verify user identify –(doesn't help with real-time spoofing)

23 SQL Injection Attacker inserts SQL into an input field The application embeds the inserted syntax into its own SQL commands The attackers SQL is executed xyz Userid: Password: 1' OR 'x'='x String sqlCommand = "SELECT user FROM users" + "WHERE userid = ' " + userid_in + " AND password = ' " + password_in; Resulting SQL Command: SELECT user FROM users WHERE userid = 'xyz' AND password = '1' OR 'x' = 'x' Always TRUE!

24 Protection Against SQL Injection Filter input when received Allow only legal characters For example, boolean validPassword = Pattern.matches("[a-zA-Z0-9~!@#$%^&*]+); if (! validPassword) { … reject login attempt … } Java regular expression defining legal password characters

25 Secure HTTP (HTTPS) HTTPS uses Transport Layer Security (TLS) to encrypt the contents of an HTTP transaction –TLS goes between HTTP and IP –TLS is similar to Secure Sockets Layer (SSL) HTTP TLS TCP IP

26 Transport Layer Security (TLS) TLS includes authentication through certificate exchange, and encryption using a negotiated secret key

27 HTTP Authentication The web server sets up security realms, and authenticates users when a realm is first accessed (within a session) Authentication is via a standard form:

28 HTTP Authentication HTTP Authentication uses no encryption, so it is not a substitute for HTTPS/TLS HTTP Authentication is OK for low-security needs, such as keeping random browsers or web crawlers out of a private area It is not acceptable for applications that require real privacy, however!

29 Principles for Secure Design 1.Develop a realistic threat model – know the potential attackers 2.Follow a reliable design pattern, such as MVC 3.Limit user capabilities to only what is needed (least privilege) 4.Require and enforce authorization (don't allow users to sneak past login pages!) 5.Require and enforce HTTPS access for secure resources

30 Review Threat Model Common Threats Principles for Secure Design

Download ppt "Chapter 10 Security and Encryption. Objectives Explain the nature of a threat model Be able to construct a threat model Be aware of common threats to."

Similar presentations

Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
Barracuda Web Application Firewall

Barracuda Web Application Firewall
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.

Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.

It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

Similar presentations

Ads by Google