Secure Design

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Now, probably the greatest source
00:00
of the security problems
00:00
we have today is how
00:00
we've approached security in the past.
00:00
Primarily what we've done is we
00:00
have focused on functional requirement.
00:00
What does the application need to do?
00:00
What's its purpose?
00:00
What's its function?
00:00
How does it work? What does it need to accomplish?
00:00
While we've left security as an afterthought.
00:00
We've asked ourselves, what does it need to do?
00:00
Then afterwards we say, well,
00:00
here are the vulnerabilities or worse yet somebody else
00:00
determines the vulnerabilities
00:00
and exploits these vulnerabilities.
00:00
But after the fact,
00:00
we tend to go back and say, "Oh,
00:00
we better patch the system for the weaknesses."
00:00
What our goal in this next section is just to talk
00:00
about some of the secure design concepts.
00:00
Some of the things that we have to think
00:00
about as we're designing
00:00
the software so that we
00:00
can operate within that secure, well.
00:00
We've got a handful of elements.
00:00
We've talked about a lot of these before.
00:00
But just to reiterate,
00:00
when we're developing our software,
00:00
the C-I-A triad,
00:00
that is always what we want in relation to our data,
00:00
in relation to our applications, our systems.
00:00
We want to make sure that
00:00
>> we can enforce confidentiality,
00:00
>> integrity, and availability.
00:00
Confidentiality, integrity and availability;
00:00
you can't go wrong when you're
00:00
thinking about the C-I-A triad.
00:00
Now for access control and remember,
00:00
access control is all about
00:00
limiting what a subject can do to an object.
00:00
The three As, authentication,
00:00
authorization,
00:00
and auditability, sometimes referred to as accounting.
00:00
Which is not exactly the same,
00:00
but you'll see it kind of used with accounting.
00:00
But authentication means we're going to force
00:00
our users to prove they are who they say they are.
00:00
They'll provide a user,
00:00
they'll be challenged, prove it.
00:00
Maybe a password, maybe a smart card,
00:00
maybe a thumbprint scan.
00:00
We'd like to have a combination of
00:00
factors, but that's authentication.
00:00
Authorization means what they can do,
00:00
what rights and permissions they've been granted
00:00
and we follow the principle of
00:00
least privilege for authorization.
00:00
With auditability, we want to make sure that
00:00
for every action on the network,
00:00
we should be able to trace that back to an individual.
00:00
We want to get away from things
00:00
like user accounts that are shared.
00:00
We want to make sure that
00:00
anybody accessing the system has
00:00
a unique account so that we can hold folks accountable.
00:00
We also have to think about
00:00
session management if we're talking about
00:00
network applications and how one's
00:00
systems cannot open a session on another machine,
00:00
but also how those sessions are terminated.
00:00
We don't want someone to be able to step in with
00:00
a half-open connection and
00:00
be able to come in and hijack the session.
00:00
We want to make sure
00:00
that session information isn't
00:00
passed in plain text or isn't predictable.
00:00
If an attacker can gain
00:00
certain types of session information,
00:00
once again, they could have a session hijack.
00:00
Exception management when a system,
00:00
since it's a security vulnerability,
00:00
or really when the system
00:00
finds that there's been some
00:00
>> sort of security violation,
00:00
>> how does it respond?
00:00
Well, if you've ever seen the blue screen of death from
00:00
Windows systems where the system just goes blue screen,
00:00
you get that screen with some white writing,
00:00
but you can't really do anything.
00:00
That's managing the exception.
00:00
There's been some sort of improper access so the system
00:00
shuts down in such a way
00:00
that no further breach can happen.
00:00
You can't export, you can't import,
00:00
you can't modify,
00:00
all you can really do is reboot.
00:00
It's handling that error.
00:00
This could sometimes be referred to as error management
00:00
in such a way that all other processes are shut down.
00:00
Even though that's annoying when happens,
00:00
that's the way it should be.
00:00
Now also, when we're developing software, versioning,
00:00
change management, configuration management,
00:00
those pieces are really important.
00:00
We need to make sure that we have a way of discerning
00:00
between Version 1 and Version
00:00
2 and that has to be controlled tightly.
00:00
We need change management so that if anybody
00:00
does modify code that's already been approved,
00:00
that that's strictly controlled
00:00
through a change management process.
00:00
While software is being developed,
00:00
it's in the programmer's library.
00:00
But once it's gone through
00:00
certification and authorization,
00:00
it moves into the production library
00:00
and developers no longer have access.
00:00
We've got to protect our software from changes
00:00
that get made that don't go through
00:00
the formal approval process.
00:00
Change management is one of the best ways to do that.
00:00
Those are just a couple of ideas in
00:00
relation to secure design concepts.
00:00
The big piece though is to consider
00:00
security from the beginning of the process
00:00
so that we can make sure that security is
00:00
incorporated throughout the entire design.
Up Next