secure by design
play

Secure by Design A novel industry practice CASTOR Software Days - PowerPoint PPT Presentation

Aug 25, 2022 •367 likes •540 views

Secure by Design A novel industry practice CASTOR Software Days 2019 October 15, 2019 Daniel Deogun & Dan Bergh Johnsson Disclaimer Warning for lack of evidence This presentation is purely anecdotical. But, we would welcome rigorous

  1. Secure by Design A novel industry practice CASTOR Software Days 2019 October 15, 2019 Daniel Deogun & Dan Bergh Johnsson

  2. Disclaimer Warning for lack of evidence This presentation is purely anecdotical. But, we would welcome rigorous studies. @DanielDeogun @danbjson #SecureByDesign

  3. About us Umeå Umeå Uppsala Uppsala Stockholm Stockholm Göteborg Göteborg Daniel Deogun Dan Bergh Johnsson Malmö Malmö Coder and Quality Defender Secure Domain Philosopher Omegapoint @DanielDeogun @danbjson #SecureByDesign

  4. Take-aways Security is important but in practice often neglected • A lot of security vulnerabilities are due to bugs • Bugs can be prevented by software design • Secure by Design collects designs that prevents bugs • that manifest as security vulnerabilities @DanielDeogun @danbjson #SecureByDesign

  5. Some security vulnerabilities • SQL Injection is often a confidentiality problem • Business integrity problems • Patch management Observation: It is hard to think about security all the time - especially when you have work to do. @DanielDeogun @danbjson #SecureByDesign

  6. Secure by Design - as method @DanielDeogun @danbjson #SecureByDesign

  7. Examples of interesting designs • Domain Primitives • Faults as normal results • Consistent upon Creation • Immutable builds • Immutability of Objects • Seamless deploy • Entity Snapshot • Stateless components • Testing of extremes • Externalization of configuration • Taint analysis • 3 R’s of Enterprise Security @DanielDeogun @danbjson #SecureByDesign

  8. Domain Primitives “A value object so precise in its definition that it, by its mere existence, manifests its validity is called a Domain Primitive.” - Secure by Design • Can only exist if its value is valid • Building block that’s native to your domain • Valid in the current context • Immutable and resemble a value object in DDD @DanielDeogun @danbjson #SecureByDesign

  9. Quantity as a Domain Primitive public final class Quantity { private final int value ; public Quantity( final int value) { inclusiveBetween (1, 99, value); this . value = value; } //Domain specific quantity operations... } @DanielDeogun @danbjson #SecureByDesign

  10. Untangle Inside - Cluttered Entity class Order { private ArrayList<Object> items ; private boolean paid ; public void addItem(String isbn, int qty) { if ( this . paid == false ) { notNull (isbn); inclusiveBetween (10, 10, isbn.length()); isTrue (isbn.matches( "[0-9X]*" )); isTrue (isbn.matches( "[0-9]{9}[0-9X]" )); Book book = bookCatalogue.findByISBN(isbn); if (inventory.availableBooks(isbn) >= qty) { items .add( new OrderLine(book, qty)); } } } //Other logic... https://flic.kr/p/wdBcT https://creativecommons.org/licenses/by/2.0/ } @DanielDeogun @danbjson #SecureByDesign

  11. De-Cluttered Entity class Order { private ArrayList<Object> items ; private boolean paid ; public void addItem(ISBN isbn, Quantity qty) { notNull (isbn); notNull (qty); if ( this . paid == false ) { Book book = bookCatalogue.findByISBN(isbn); if (inventory.availableBooks(isbn).greaterOrEqualTo(qty)) { items .add( new OrderLine(book, qty)); } } } //Other logic... } https://flic.kr/p/wdBcT https://creativecommons.org/licenses/by/2.0/ @DanielDeogun @danbjson #SecureByDesign

  12. The R's of Enterprise Security Rotate Repave Repair Ref: Justin Smith, Pivotal @justinjsmith @DanielDeogun @danbjson #SecureByDesign

  13. Advanced Persistent Threat (APT) • APT is a type of attack that often result in significant data loss or damage. • Performed over a long period of time & involves advanced techniques • Several vulnerabilities in combination are often used to exploit the system Richard Patterson https://flic.kr/p/24GcRZQ • Exploiting the fact that things seldom change • servers • credentials • ip-addresses • non-patched bugs tend to open up for attacks, e.g. • Baltimore City Ransomware • NotPetya attack on Ukraine • Heartbleed in OpenSSL @DanielDeogun @danbjson #SecureByDesign

  14. Designs Inspired from the Cloud … v 1.0 . . . ? v 1.1 v 2.0 Service Discovery Stateless Services Expand / Contract APIs @DanielDeogun @danbjson #SecureByDesign

  15. The R's of Enterprise Security Rotate Repave Repair Ref: Justin Smith, Pivotal @justinjsmith @DanielDeogun @danbjson #SecureByDesign

  16. Take-aways Security is important but in practice often neglected • A lot of security vulnerabilities are due to bugs • Bugs can be prevented by software design • Secure by Design collects designs that prevents bugs • that manifest as security vulnerabilities @DanielDeogun @danbjson #SecureByDesign

  17. Thanks @DanielDeogun @danbjson #SecureByDesign @DanielDeogun @danbjson #SecureByDesign

Recommend

Secure by Design

Secure by Design

Secure by Design Jason Yang Secure by Design

496 views • 33 slides
Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in the Quantum Era (SPS G5448) February 5th, 2020 Christian Colombo Mark Vella Cryptographic Protocols Design Proofs to validate design against

467 views • 20 slides
CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of

CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of

CSE484/CSE584 SECURE DESIGN PRINCIPLES, OS, AND RUNTIME SECURITY Dr. Benjamin Livshits Some of f the Common Principles Minimize attack Secure by surface area Default Principle of Fail-Safe Least Stance Privilege Secure the

975 views • 56 slides
May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets

May 19: Design Principles and Confinement Principles of Secure Design One set; other sets say basically the same thing Confinement, non-VM isolation Library operating systems Sandboxes Program modification Covert

584 views • 30 slides
Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera course Making secure software Making secure software Flawed approach : Design and build software, and ignore security at first Add security once

1.27k views • 109 slides
Outline More secure design principles Software engineering for security CSci 5271 Introduction

Outline More secure design principles Software engineering for security CSci 5271 Introduction

Outline More secure design principles Software engineering for security CSci 5271 Introduction to Computer Security Secure use of the OS Defensive programming and design, contd Announcements intermission Stephen McCamant Bernsteins

535 views • 8 slides
Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera course Making secure software Flawed approach : Design and build software, and ignore security at first Add security once the functional

830 views • 70 slides
Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera

Principles for secure design Some of the slides and content are from Mike Hicks Coursera course Making secure software Flawed approach : Design and build software, and ignore security at first Add security once the functional

2.04k views • 152 slides
Secure Vehicular Communication System: Design &amp; Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design &amp; Implementation of VPKI (Providing Credential

Secure Vehicular Communication System: Design &amp; Implementation of VPKI (Providing Credential Management in a Secure VANET) Supervisor: MSc Thesis: Prof. Panos Papadimitratos Mohammad Khodaei LCN KTH October, 2012 1 / 38 Outline

519 views • 48 slides
How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research &amp; Boston University y Michael Schapira

701 views • 54 slides
Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects

Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects

Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects Implementation Bugs Shallow &amp; Localized Patchable Straightforward &amp; Testable Image credit: Vaniato/Shutterstock.com Design Flaws Deep &amp;

414 views • 28 slides
Model-based approaches for the design of secure e-ID card applications Hans Vangheluwe Mohamed

Model-based approaches for the design of secure e-ID card applications Hans Vangheluwe Mohamed

AdapID workshop 26 September 2006 KU Leuven Model-based approaches for the design of secure e-ID card applications Hans Vangheluwe Mohamed Layouni, Ximeng Sun, Miriam Zia Modelling, Simulation and Design Lab McGill University Stefan

683 views • 29 slides
Developing Secure Applications for IBM i Introductions Design and Documentation

Developing Secure Applications for IBM i Introductions Design and Documentation

Developing Secure Applications for IBM i Introductions Design and Documentation Application Ownership and Authority A Simple Security Model Integrity Considerations Resources for Security Officers Questions &amp; Answers

1.06k views • 93 slides
SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods - Endava @eoinwoodz 1 BACKGROUND Eoin Woods CTO at Endava (technology services, 3300 people) 10 years in product development - Bull,

453 views • 31 slides
Outline Saltzer &amp; Schroeders principles CSci 5271 More secure design principles

Outline Saltzer &amp; Schroeders principles CSci 5271 More secure design principles

Outline Saltzer &amp; Schroeders principles CSci 5271 More secure design principles Introduction to Computer Security Day 7: Defensive programming and design, part 1 Software engineering for security Stephen McCamant Announcements

355 views • 7 slides
SWE 681 / ISA 681 Secure So0ware Design &amp; Programming: Lecture 2: Input ValidaCon Dr. David

SWE 681 / ISA 681 Secure So0ware Design &amp; Programming: Lecture 2: Input ValidaCon Dr. David

SWE 681 / ISA 681 Secure So0ware Design &amp; Programming: Lecture 2: Input ValidaCon Dr. David A. Wheeler 2017-10-22 Outline Get a raise! Failure example AOack surface: Where are the inputs? Non-bypassability, whitelist not

507 views • 46 slides
Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner

Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner

Understanding the Reasons for the Side-Channel Leakage is Indispensable for Secure Design Werner Schindler Federal Office for Information Security (BSI), Bonn, Germany Leuven, September 13, 2012 Outline Introduction and motivation

799 views • 60 slides
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random

Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random

Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions G. Edward Suh, Charles W. ODonnell, Ishan Sachdev, and Srinivas Devadas Massachusetts Institute of Technology 1 New Security Challenges

356 views • 31 slides
Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor or Ryan Kastner er Dept. of Computer ter Science e and Engineer ineering ing Unive vers rsity ity of Californi ornia, a, San Diego

743 views • 41 slides
Design and Implementatjon of a Dynamic Informatjon Flow Tracking Architecture to Secure a RISC-V

Design and Implementatjon of a Dynamic Informatjon Flow Tracking Architecture to Secure a RISC-V

Design and Implementatjon of a Dynamic Informatjon Flow Tracking Architecture to Secure a RISC-V Core for IoT Applicatjons Christjan Palmiero , Giuseppe Di Guglielmo , Luciano Lavagno , Luca P. Carloni Politecnico Di Torino

218 views • 18 slides
Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele

Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele

PhD Thesis Defense 2019 @ SUTD Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele Antonioli Singapore University of Technology and Design (SUTD) Daniele Antonioli Design, Implementation, and Evaluation

1.12k views • 77 slides
Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and Schroeder Authentication in general Bishop: Authentication is the binding of an identity to a principal. Network-based authentication mechanisms

1.6k views • 43 slides
Advanced Tools from Modern Cryptography Lecture 12 MPC: UC-secure OT UC-Secure OT UC-secure

Advanced Tools from Modern Cryptography Lecture 12 MPC: UC-secure OT UC-Secure OT UC-secure

Advanced Tools from Modern Cryptography Lecture 12 MPC: UC-secure OT UC-Secure OT UC-secure OT is impossible (even against PPT adversaries) in the plain model (i.e., without the help of another functionality) But possible from simple

527 views • 16 slides
Be Be Good! Good! WHA WHAT IS T IS SECURE? SECURE? SECURe is a school-wide program designed

Be Be Good! Good! WHA WHAT IS T IS SECURE? SECURE? SECURe is a school-wide program designed

SECUR E SOCIAL, EMOTIONAL, AND COGNITIVE UNDERSTANDING AND REGULATION Created by Success for All, University of Michigan, and Harvard University Be Be Good! Good! WHA WHAT IS T IS SECURE? SECURE? SECURe is a school-wide program designed

957 views • 59 slides

More recommend