secure by design
play

Secure by Design A novel industry practice CASTOR Software Days - PowerPoint PPT Presentation

Aug 25, 2022 •367 likes •540 views

Secure by Design A novel industry practice CASTOR Software Days 2019 October 15, 2019 Daniel Deogun & Dan Bergh Johnsson Disclaimer Warning for lack of evidence This presentation is purely anecdotical. But, we would welcome rigorous

  1. Secure by Design A novel industry practice CASTOR Software Days 2019 October 15, 2019 Daniel Deogun & Dan Bergh Johnsson

  2. Disclaimer Warning for lack of evidence This presentation is purely anecdotical. But, we would welcome rigorous studies. @DanielDeogun @danbjson #SecureByDesign

  3. About us Umeå Umeå Uppsala Uppsala Stockholm Stockholm Göteborg Göteborg Daniel Deogun Dan Bergh Johnsson Malmö Malmö Coder and Quality Defender Secure Domain Philosopher Omegapoint @DanielDeogun @danbjson #SecureByDesign

  4. Take-aways Security is important but in practice often neglected • A lot of security vulnerabilities are due to bugs • Bugs can be prevented by software design • Secure by Design collects designs that prevents bugs • that manifest as security vulnerabilities @DanielDeogun @danbjson #SecureByDesign

  5. Some security vulnerabilities • SQL Injection is often a confidentiality problem • Business integrity problems • Patch management Observation: It is hard to think about security all the time - especially when you have work to do. @DanielDeogun @danbjson #SecureByDesign

  6. Secure by Design - as method @DanielDeogun @danbjson #SecureByDesign

  7. Examples of interesting designs • Domain Primitives • Faults as normal results • Consistent upon Creation • Immutable builds • Immutability of Objects • Seamless deploy • Entity Snapshot • Stateless components • Testing of extremes • Externalization of configuration • Taint analysis • 3 R’s of Enterprise Security @DanielDeogun @danbjson #SecureByDesign

  8. Domain Primitives “A value object so precise in its definition that it, by its mere existence, manifests its validity is called a Domain Primitive.” - Secure by Design • Can only exist if its value is valid • Building block that’s native to your domain • Valid in the current context • Immutable and resemble a value object in DDD @DanielDeogun @danbjson #SecureByDesign

  9. Quantity as a Domain Primitive public final class Quantity { private final int value ; public Quantity( final int value) { inclusiveBetween (1, 99, value); this . value = value; } //Domain specific quantity operations... } @DanielDeogun @danbjson #SecureByDesign

  10. Untangle Inside - Cluttered Entity class Order { private ArrayList<Object> items ; private boolean paid ; public void addItem(String isbn, int qty) { if ( this . paid == false ) { notNull (isbn); inclusiveBetween (10, 10, isbn.length()); isTrue (isbn.matches( "[0-9X]*" )); isTrue (isbn.matches( "[0-9]{9}[0-9X]" )); Book book = bookCatalogue.findByISBN(isbn); if (inventory.availableBooks(isbn) >= qty) { items .add( new OrderLine(book, qty)); } } } //Other logic... https://flic.kr/p/wdBcT https://creativecommons.org/licenses/by/2.0/ } @DanielDeogun @danbjson #SecureByDesign

  11. De-Cluttered Entity class Order { private ArrayList<Object> items ; private boolean paid ; public void addItem(ISBN isbn, Quantity qty) { notNull (isbn); notNull (qty); if ( this . paid == false ) { Book book = bookCatalogue.findByISBN(isbn); if (inventory.availableBooks(isbn).greaterOrEqualTo(qty)) { items .add( new OrderLine(book, qty)); } } } //Other logic... } https://flic.kr/p/wdBcT https://creativecommons.org/licenses/by/2.0/ @DanielDeogun @danbjson #SecureByDesign

  12. The R's of Enterprise Security Rotate Repave Repair Ref: Justin Smith, Pivotal @justinjsmith @DanielDeogun @danbjson #SecureByDesign

  13. Advanced Persistent Threat (APT) • APT is a type of attack that often result in significant data loss or damage. • Performed over a long period of time & involves advanced techniques • Several vulnerabilities in combination are often used to exploit the system Richard Patterson https://flic.kr/p/24GcRZQ • Exploiting the fact that things seldom change • servers • credentials • ip-addresses • non-patched bugs tend to open up for attacks, e.g. • Baltimore City Ransomware • NotPetya attack on Ukraine • Heartbleed in OpenSSL @DanielDeogun @danbjson #SecureByDesign

  14. Designs Inspired from the Cloud … v 1.0 . . . ? v 1.1 v 2.0 Service Discovery Stateless Services Expand / Contract APIs @DanielDeogun @danbjson #SecureByDesign

  15. The R's of Enterprise Security Rotate Repave Repair Ref: Justin Smith, Pivotal @justinjsmith @DanielDeogun @danbjson #SecureByDesign

  16. Take-aways Security is important but in practice often neglected • A lot of security vulnerabilities are due to bugs • Bugs can be prevented by software design • Secure by Design collects designs that prevents bugs • that manifest as security vulnerabilities @DanielDeogun @danbjson #SecureByDesign

  17. Thanks @DanielDeogun @danbjson #SecureByDesign @DanielDeogun @danbjson #SecureByDesign

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure by Design

Secure by Design

Secure by Design Jason Yang Secure by Design

496 views • 33 slides
Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in the Quantum Era (SPS G5448) February 5th, 2020 Christian Colombo Mark Vella Cryptographic Protocols Design Proofs to validate design against

467 views • 20 slides
CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of

CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of

CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of f the Common Principles Minimize attack Secure by surface area Default Principle of Fail-Safe Least Stance Privilege Secure the

975 views • 56 slides
May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets say basically the same thing Confinement, non-VM isolation Library operating systems Sandboxes Program modification Covert

584 views • 30 slides
Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera course Making secure software Making secure software Flawed approach : Design and build software, and ignore security at first Add security once

1.27k views • 109 slides
Outline More secure design principles Software engineering for security CSci 5271 Introduction

Outline More secure design principles Software engineering for security CSci 5271 Introduction

Outline More secure design principles Software engineering for security CSci 5271 Introduction to Computer Security Secure use of the OS Defensive programming and design, contd Announcements intermission Stephen McCamant Bernsteins

535 views • 8 slides
Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera course Making secure software Flawed approach : Design and build software, and ignore security at first Add security once the functional

830 views • 70 slides
Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera course Making secure software Flawed approach : Design and build software, and ignore security at first Add security once the functional

2.04k views • 152 slides
Secure Vehicular Communication System: Design &amp; Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design &amp; Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design &amp; Implementation of VPKI (Providing Credential Management in a Secure VANET) Supervisor: MSc Thesis: Prof. Panos Papadimitratos Mohammad Khodaei LCN KTH October, 2012 1 / 38 Outline

519 views • 48 slides
How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research &amp; Boston University y Michael Schapira

701 views • 54 slides
Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects

Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects

Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects Implementation Bugs Shallow &amp; Localized Patchable Straightforward &amp; Testable Image credit: Vaniato/Shutterstock.com Design Flaws Deep &amp;

414 views • 28 slides
Model-based approaches for the design of secure e-ID card applications Hans Vangheluwe Mohamed

Model-based approaches for the design of secure e-ID card applications Hans Vangheluwe Mohamed

AdapID workshop 26 September 2006 KU Leuven Model-based approaches for the design of secure e-ID card applications Hans Vangheluwe Mohamed Layouni, Ximeng Sun, Miriam Zia Modelling, Simulation and Design Lab McGill University Stefan

683 views • 29 slides
Developing Secure Applications for IBM i Introductions Design and Documentation

Developing Secure Applications for IBM i Introductions Design and Documentation

Developing Secure Applications for IBM i Introductions Design and Documentation Application Ownership and Authority A Simple Security Model Integrity Considerations Resources for Security Officers Questions &amp; Answers

1.06k views • 93 slides
SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods - Endava @eoinwoodz 1 BACKGROUND Eoin Woods CTO at Endava (technology services, 3300 people) 10 years in product development - Bull,

453 views • 31 slides
Outline Saltzer &amp; Schroeders principles CSci 5271 More secure design principles

Outline Saltzer &amp; Schroeders principles CSci 5271 More secure design principles

Outline Saltzer &amp; Schroeders principles CSci 5271 More secure design principles Introduction to Computer Security Day 7: Defensive programming and design, part 1 Software engineering for security Stephen McCamant Announcements

355 views • 7 slides
SWE 681 / ISA 681 Secure So0ware Design &amp; Programming: Lecture 2: Input ValidaCon Dr. David

SWE 681 / ISA 681 Secure So0ware Design &amp; Programming: Lecture 2: Input ValidaCon Dr. David

SWE 681 / ISA 681 Secure So0ware Design &amp; Programming: Lecture 2: Input ValidaCon Dr. David A. Wheeler 2017-10-22 Outline Get a raise! Failure example AOack surface: Where are the inputs? Non-bypassability, whitelist not

507 views • 46 slides
Links Philip Wadler University of Edinburgh wadler@inf.ed.ac.uk Less than a Grand Challenge

Links Philip Wadler University of Edinburgh wadler@inf.ed.ac.uk Less than a Grand Challenge

Links Philip Wadler University of Edinburgh wadler@inf.ed.ac.uk Less than a Grand Challenge Design a programming language with a sound basis in theory that becomes the leader in its domain. Wadlers theorem of language adoption A

873 views • 65 slides
Vertical Transportation Back To Work Challenges Considerations for Organized Facility

Vertical Transportation Back To Work Challenges Considerations for Organized Facility

L E R C H B A T E S Vertical Transportation Back To Work Challenges Considerations for Organized Facility Redensification Chicago BOMA Lunch and Learn June 18, 2020 Identify Determine Tenant Validate System Acceptable Occupancy Levels

736 views • 29 slides
M arketing Strategies for 2014 Chris Carter M arket Focus, Inc Print to PDF without this

M arketing Strategies for 2014 Chris Carter M arket Focus, Inc Print to PDF without this

M arketing Strategies for 2014 Chris Carter M arket Focus, Inc Print to PDF without this message by purchasing novaPDF (http://www.novapdf.com/) M arket Focus, Inc. First to Develop Custom CRM for the M ortgage Industry in 1992 20,000

574 views • 31 slides
User interface for learning Aim: Design for and evaluate learnability Writing inline

User interface for learning Aim: Design for and evaluate learnability Writing inline

INF3280 19 March 2019 User interface for learning Aim: Design for and evaluate learnability Writing inline help Basis for Assignment 5 Core literature Chapter 6 Additional literature Grossman et.al. (2009) A

287 views • 13 slides
ECE590 Computer and Information Security Fall 2018 Introduction and Course Policies Tyler

ECE590 Computer and Information Security Fall 2018 Introduction and Course Policies Tyler

ECE590 Computer and Information Security Fall 2018 Introduction and Course Policies Tyler Bletsch Duke University Instructor and TAs Professor: Tyler Bletsch Office: Hudson Hall 106 Email: Tyler.Bletsch@duke.edu Office Hours:

521 views • 14 slides
A Software Engineering Technique: (Class Diagrams) Download FirstOODesignPractice from SVN Part

A Software Engineering Technique: (Class Diagrams) Download FirstOODesignPractice from SVN Part

A Software Engineering Technique: (Class Diagrams) Download FirstOODesignPractice from SVN Part 1 of Many Also Class Diagrams Programs typically begin as abstract ideas These ideas form a set of requirements (i.e. what the user wants)

371 views • 18 slides
Wiki Workshop Nov. 14, 2011 Getting Started Course project page WikiNeuroethology

Wiki Workshop Nov. 14, 2011 Getting Started Course project page WikiNeuroethology

11/17/2011 Wiki Workshop Nov. 14, 2011 Getting Started Course project page WikiNeuroethology Basic editing (read Wikipedia:Your first article) use the Sandbox for playing around Try some more edits on an existing page

273 views • 5 slides
Data Management for Big Data Introduction to Part II Advanced database models, languages, and

Data Management for Big Data Introduction to Part II Advanced database models, languages, and

Data Management for Big Data Introduction to Part II Advanced database models, languages, and systems Dario Della Monica March 31, 2020 Teachers information Dario Della Monica Dipartimento di Scienze Matematiche, Informatiche e Fisiche

260 views • 4 slides

More recommend