Professional Documents
Culture Documents
Lecture 3 Intro To Program Security
Lecture 3 Intro To Program Security
Barbara Endicott-Popovsky
CSSE592/491
In collaboration with:
Deborah Frincke, Ph.D.
Director, Center for Secure and Dependable
Systems
University of Idaho
Goal of Computer Security
re
Confidentiality ec u
S
Integrity Availability
Depends on characteristics
--What contributes to security?
Influenced by perspective
--Conformance to specs?
Based on quantity and types of faults:
--errors cause
--faults can result in (programmer’s view)
--system failures (user’s view)
Fixing Faults—History
Types of Flaws
• Buffer overflow
• Incomplete mediation
• TOC/TOU
Fixing Faults--History
Penetrate and patch
• “tiger teams”
• Fix has unintended consequences
Implications
Example:
http://www.things.com/order/final&custID=101&part=555A
&qy=20&price=10&ship=boat&shipcost=5&total=205
• Anticipate problems
• Drop-down box
• Test values
• Still exposed—Change price = 1, total = 25
Anonymous Malicious—Viruses
Targeted Malicious
Exploitation of Flaws:
Anonymous Malicious Code--Viruses
Wide varieties
Benign or harmful
Not new
• Transferred from trusted sources
• Exploitation of flaws
Modify directory
Intercept interrupt
Intercept system calls that would reveal self and falsify results
Conceal self Classify self as “hidden” file
• 1988
• Invaded VAX and Sun-3 computers running
versions of Berkeley UNIX
• Used their resources to attack still more computers
• Within hours spread across the U.S
• Infected hundreds / thousands of computers
• Made many computers unusable
Exploitation of Flaws:
Targeted Malicious Code
Trapdoors
• Program stubs during testing
• Intentionally or unintentionally left
• Forgotten
• Left for testing or maintenance
• Left for covert access
Salami attack
• Merges inconsequential pieces to get big results
• Ex: deliberate diversion of fractional cents
• Too difficult to audit
Developmental—Software Engineering
Operating System
Administrative
Developmental Controls Against
Program Flaws:
Software Engineering Disciplines
SDLC—Design, Define, Develop, Do
Collaborative work teams
Reviews
Documentation
Configuration Management
Project Management
Easy maintenance
Understandability
Reuse
Correctness
Testing
Installation testing
Regression testing (after incorporating changes
No guarantees!