3. INVOLVES ALTERING THE RAW DATA JUST BEFORE A
COMPUTER PROCESSES IT AND THEN CHANGING IT
BACK AFTER PROCESSING IS COMPLETED
SECONDARY STATE BOARD
PRIVATE STUDENTS TOPPED OVER GOV T STUDENTS
6 DIGIT ROLL NUMBER
GOV T STUDENTS STARTS WITH 3
PRIVATE STUDENTS STARTS WITH 4
SOFT WARE MANIPULATION
FOR ROLL_ NO 3 if marks between 68 & 100
DEDUCT 9
FOR ROLL_ NO 4 if marks between 68 & 88 ADD
3
9
6. Data
Information we keep on computers (product
design, financial records, personnel data)
Lost time, lost sales, lost confidence
Resources
Unauthorized use of computer time & space
Reputation
Misrepresentation, forgery, negative
publicity
8. Confidentiality - Protection from
unauthorized persons
Integrity - consistency of data; no
unauthorized creation, alteration or
destruction
Availability - ensuring access to legitimate
users
Legitimate use - ensuring appropriate use
by authorized users
10. Intrusion - unauthorized access and use of
systems
Denial of ser vice - an attack aimed at
preventing use of company computers
email bomb or flooding/Internet worm
disabled, rerouted or replaced services
Information thef t - network taps, database
access, hacking into sites to give out more info
or to wrong parties
12. Security Services
Authentication (entity, data origin)
Access control (prevent unauthorized access)
Confidentiality (disclosure, encryption)
Data integrity (value of data item)
Non-repudiation (falsely denying a
transaction)
13. No Security - not an option
Security thru Obscurity - don’t tell anyone
where your site is
Host Security - enforced security on each
host; progressively difficult to manage as
number of hosts increase
Network Security - control network access to
hosts and services; firewalls, strong
authentication, and encryption
14. Biometrics, Cryptography,
Smartcards, Confidentiality
Confidentiality VPNs,
Voice based Systems PKI
Authentication
Authentication Availability
Availability
Clustering,
Redundancy,
Digital Signatures,
Hot Standby, Port
PKI
Mirroring
Integrity
Integrity Assurability
Assurability
Availability
+
Digital Signatures, Non-Repudiation
Non-Repudiation Reliability
PKI
15. Information Security
Info Security Measures
States Components
IN
PROCESSING
IN
STORAGE
IN
TRANSMISSION
As Strong As The Weakest Link …
16.
17. WAN /
NETWORK BASED INTRANET
FIREWALL MOBILE
USER
ROUTER
ROUTER
SWITCH
PCs HQ ABC CORPS
HQ XYZ CORPS SERVERS
18. INTERNET
Red Zone Fm ISP
Layer 3 Switch WAN
IP
DMZ (Orange
DMZ (Orange
IDS Zone)
Zone)
WebServer
FW IP 192.168.3.
2 DNS Server
Cop
L 2 SW
192.168.1.1
Green Zone Mail Server
Green Zone
L 2 SW
To another L2
SW
19. Gateway
INTERNE V.35 ROUTE 136.0.0.1 136.0.0.2 136.0.0.3
T R IPS
DMZ
136.0.0.4
L2 192.168.1.1 HW
SW FW
192.168.2.1/26
192.168.1.2 192.168.1.3 192.168.1.4 L2
192.168.2.X/28
SW To OTHER NW
SERVE
SERVER SERVER
VLAN
LOCAL NW
R
Domain users
. DNS . RAID . ANTI VIRUS
. HTTP . RDBMS . HIPS NW
TASK- TASK-
. SMTP . DATABACKUP . SCANNER PRINT E AWAN
1 2
R
BIOMETRIC 192.168.2.2 192.168.2.4
SENSOR
. Secure disk
BIOMETRIC . True Crypt
SENSOR
20. NETWORK BASED WAN
FIREWALL MOBILE
ANTI USER
HOST BASED
VIRUS
ROUTER
ROUTER
SWITCH
PCs HQ ABC CORPS
HQ XYZ CORPS SERVERS
21. Cyber Security is the set of "measures taken to protect a
Cyber Security is the set of "measures taken to protect a
computer or computer system (as on the Internet) against
computer or computer system (as on the Internet) against
unauthorized access or attack.“
unauthorized access or attack.“
This broad and all-encompassing cyber security definition
This broad and all-encompassing cyber security definition
poses a significant challenge for enterprises; therefore, it
poses a significant challenge for enterprises; therefore, it
is highly critical for enterprises to have an in-depth cyber
is highly critical for enterprises to have an in-depth cyber
security strategy and plan in place in order to provide the
security strategy and plan in place in order to provide the
maximum level of protection from cyber security risks at
maximum level of protection from cyber security risks at
not just the network perimeter but also the application
not just the network perimeter but also the application
layer.
layer.
22.
23.
24. An application is a program or group of programs
An application is a program or group of programs
designed for end users. Application software can be
designed for end users. Application software can be
divided into two general classes: systems software
divided into two general classes: systems software
and applications software ..
and applications software
Systems software consists of low-level programs
Systems software consists of low-level programs
that interact with the computer at a very basic level.
that interact with the computer at a very basic level.
This includes operating systems ,, compilers, and
This includes operating systems compilers, and
utilities for managing computer resources.
utilities for managing computer resources.
applications software (also called end-user
applications software (also called end-user
programs) includes database programs, word
programs) includes database programs, word
processors, and spreadsheets. Figuratively
processors, and spreadsheets. Figuratively
speaking, applications software sits on top of
speaking, applications software sits on top of
25. Application security encompasses measures taken
Application security encompasses measures taken
throughout the application's life-cycle to prevent
throughout the application's life-cycle to prevent
exceptions in the security policy of an application or the
exceptions in the security policy of an application or the
underlying system (vulnerabilities) through flaws in the
underlying system (vulnerabilities) through flaws in the
design,
design, development,
development, deployment,
deployment, upgrade,
upgrade, or
or
maintenance of the application.
maintenance of the application.
26.
27.
28.
29. Most security Many software
The flaws within
professional are developers do not
the software cause
usually not have security as a
a majority of the
software main focus .
vulnerability
developers
Software venders
The computing
The computing are trying to rush
community is used
community is used their products to
to receiving
to receiving markets with their
software with
software with eyes set on
bugs and then
bugs and then functionality not
applying patches.
applying patches. security.
30. Hard and Soft and
Soft and
crunchy on chewy on
chewy on
the the inside
the inside
outside
PP e r m e t e r
eri ime
ter
ss e c u it y
e c u rr it
y In t t e r a l e
In e r nn a l e v ir o
is nn nment n
is
f f o r tf fe d
orti i i i aa r e ee s y t v ir o n m e n t aa n d ss o f w a r
r e aa o d oft
s y t o ee x p o i t o
xpl loi nc twa e
aa n d ss li d
n d oo
ed
hh a s bb e n
a s ee o t o n c e aa c c s s r e
e cce
li d b t a in e
e n o b t a in d . ess
ed.
31. Software
controls –
implemented
by
Operating Combination
System of three
32. Aplns and Cmptr systems are usually devp for functionality first,
not security.
To get the best of both, security and functionality will have to be
designed and devp at the same time
Developing aplns first and then trying to add security can
cause problems:
May reduce overall func
Can open security holes when the apln is to be integrated
with other aplns
33. Security solns today look to solve problems through controls
such as IDS, IPS, FWs, Avs, Vulnerability scanners, etc.
This is because our SW contains many vulnerabilities.
Our systems are hard on the outside and soft inside. Why?
We have implemented strong perimeter defences, however our
internal environment and SW is easy to exploit once access has
been gained.
Why are perimeter devices more often considered rather than
developing secure SW?
34. In the past, SW was devp for func and not security.
Mainframe era.
Many programmers do not have experience of secure coding.
Most security professionals are not SW developers.
Many SW developers do not have security as the main focus.
SW vendors under tight deadlines to get products into market;
security suffers.
Customers cannot control flaws in the SW they purchase,
so they must depend on perimeter protection. Thus the present
day over-reliance on perimeter defences.
35. Traditionally, we consumers have always demanded
functionality from the aplns, with little thought to security.
Only in the last 6 – 8 yrs, the focus is slowly shifting to
functionality coupled with security.
36. Security controls can be used for:
Inputs
Processing
Output
Devp controls with potential risks in mind.
SW to be used in a closed trusted environment versus an
open environment.
.
37. Goal is to:
Prevent data corruption
Prevent security compromises
Reduce vulnerabilities.
Controls can be preventive, detective and corrective.
Can be in the form of administrative or physical controls; but are
mostly technical in nature.
38. Buggy SW is rel
Buggy SW is rel
Hackers find SW
Hackers find SW
vulnerabilities
vulnerabilities
Web sites post these vulnerabilities on
Web sites post these vulnerabilities on
Internet and methods of exploiting them
Internet and methods of exploiting them
SW vendor develops and releases SW
SW vendor develops and releases SW
patches to fix these vulnerabilities
patches to fix these vulnerabilities
The new patch goes on the stack of SW
The new patch goes on the stack of SW
patches that all NW admin need to test
patches that all NW admin need to test
and install
and install
39. NW admin today has to integrate various aplns and different
computer systems.
Coys today are rushing to devp aplns capable of taking on-line
orders, storing credit card info and est extranets with business
partners.
All of this is an extremely complex activity.
On top of all this security is expected and demands.
As the complexity of the environment grows, tracking
compromises and errors becomes a difficult task.
40. SW controls are usually implemented nowadays through a mix of:
OS controls
Apln controls
DB controls
OS controls can control a subject’s access to an object.
These controls do not restrict a subject’s action within an apln.
Apln controls can ensure
only valid inputs are inserted,
data is processed in the correct sequence, and
only certain subjects can view data in sensitive fields.
41. Aplns must draw a balance between Functionality and Security.
Out of the box installation is always insecure.
If an apln is extremely user friendly, it is probably not secure.
Why?
User friendly implies – extra lines of code.
More lines of code – more the potential vulnerabilities.
43. Also once vendors iden vulnerabilities and rel patches,
NW admin may not apply them. Why?
NW admin may not be up to date on current vulnerabilities
and patches.
They may not fully understand the imp of patches.
They may be afraid that patches may cause other
problems
Bottomline – Insecure systems
Also, If an apln fails – it must fail secure.
44. Software Development Life Cycle
SDLC stands for Software Development Life Cycle. A
Software Development Life Cycle is essentially a series of
steps, or phases, that provide a model for the development
and lifecycle management of an application or piece of
software.
The methodology within the SDLC process can vary
across industries and organizations, but standards such as
ISO/IEC 12207 represent processes that establish a lifecycle
for software, and provide a mode for the development,
acquisition, and configuration of software systems.
45. The intent of a SDLC process it to help produce a
product that is cost-efficient, effective, and of high
quality. Once an application is created, the SDLC
maps the proper deployment and decommissioning
of the software once it becomes a legacy.
48. Risks to databases
Today more and more coys holding sensitive data (credit
card info, stock inventory, etc) in DBs.
Earlier employees only accessed DBs. Today DB
connectivity provided to customers also (Eg – check online
availability of an item).
How do you secure DBs?
Group users in different roles and assign rights and
permissions to various roles.
Customers are assigned a role to only view data; and
that too only specific fields of data.
Customers interact with the DB through a middleware
(apln).
Middleware checks roles and presents data as per
permissions assigned to that role.
49. Risks to databases – DB Integrity
Concurrency Problem
Occurs when a DB is accessed by more than one
apln/users at the same time.
SW lock used to overcome this. Processes lock tables
within DB, make changes and then rel the SW lock. Next
process can access DB only after the 1st process has rel the
SW lock.
50. Risks to databases – DB Integrity
DB SW performs three main types of integrity services:
Entity Integrity: Every row (record) is uniquely iden by a
primary key.
Referential Integrity: All foreign keys reference existing
primary keys.
Semantic Integrity: Rules pertaining to data types, logical
values are enforced.
51. Risks to databases – DB Integrity
Other Operations in DB SW to protect integrity of data:
Rollback:
An operation that ends a current transaction and cancels
current changes to a DB. The DB reverts to its previous
state.
Could be changes to the data / schema.
Roll back occurs when the DB experiences a glitch or if
processing sequence is disrupted.
52. Risks to databases – DB Integrity
Other Operations in DB SW to protect integrity of data:
Commit:
This operation completes a transaction and executes all
changes just made by the user. DB is updated to reflect the
latest changes.
If commit cannot complete correctly, a rollback is
performed.
Ensures that partial changes do not take place and data is
not corrupted.
53. Risks to databases – DB Integrity
Other Operations in DB SW to protect integrity of data:
Savepoints:
Same like system restore in Win OS.
If a system failure takes place, the DB attempts to revert to
the previous savepoint.
Setting savepoints consumes resources. Bal to be stuck
between No of Savepoints and not enough of them.
Savepoints can be initiated by a time interval, user action,
or No of transactions.
Savepoint restores data by enabling user to go back in
time before the system crashed.
54. Risks to databases – DB Integrity
Other Operations in DB SW to protect integrity of data:
Checkpoints:
Similar to Savepoints.
When a specific amt of mem is filled, a checkpoint is
triggered.
This saves data from mem to a temp file.
If system crashes, the DB will attempt to restore data from
this temp file.
55. A few Database Attacks
Brute Force attacks against Passwords
Default Username and passwords not changed by the sys admin
Eg: “scott”; “tiger” - username/password combination in
Oracle DB till 11g ver.
Microsoft SQL Server – came with default (publically known)
passwords.
Easily guessable passwords chosen by sys admin..
56. A few Database Attacks
Privilege Escalation
Gen happens due to mis-configuration of database or underlying
OS.
Eg: A low privilege user has read rights only.
However, he can read all colns in the DB incl colns holding
credit card info.
(mis-configuration – Restd DB views were not enforced).
57. A few Database Attacks
Exploiting unused / un-necessary services
Eg: Listener service in Oracle DB.
It seeks out and fwds network connection requests to Oracle DB.
When an apln has to access a DB – poorly written aplns can
cause connections w/o authentication and authorisation.
Install only those features that you need to use.
If you don’t install a feature, you don’t have to patch it up later.
58. A few Database Attacks
Exploiting unused / un-necessary services.
Very Imp: Patch up DBs as and when patches are rel by the
vendor.
Gen sys admins avoid patching. Why?:
Prevent downtime of the DB.
Does not understand patches and what they do
Do not have time to test patches
May fear that patches may cause some other problems.
59. A few Database Attacks
Stolen Backups
Gen an insider attack.
If backup data is un-encypted, the attacker does not need to
hack into a DB.
Another problem with backups – too many versions of backups.
Problem in tracking all ver.
60. A few Database Attacks
SQL Injection
Occurs when the fields available for user input allows
SQL stmts to be inputted.
Gen, this attack takes place on the middleware; which connects
to the backend DB.
Eg: If an attacker gets a username/password screen, he can
input an SQL stmt which is passed by the apln server to the DB
and gets executed toentry to the DB.
Gen the result of poor programming practices.
Editor's Notes
Is authentication and authorisation reqd? Is encryption needed? Will the apln interface with other aplns? Will the product be directly accessed by the Internet? Preventive ctrls (encryption, unique user login), detective ctrl (audit modules) and corrective controls (for data integrity) are iden in this phase.
Baseline docu creation – inputs from design docu. Design freeze – no more func can be added after this. Design freeze is intended to prevent scope creep . $1 to prevent a problem; $10 to correct a mistake during production; $100 to correct mistake after product has reached end users/customers.
Access control mechanisms are chosen now. Encryption method and algorithm are chosen.
Imp that pgmrs use secure coding practices. Prevent buffer overflow (check input lengths), verify syntax, perform checksums, ensure correct data format entry. SW devp in distinct modules; Each module has specific func; Modules logically chained together to form finished SW. modular design helps maintainability of finished SW. Indl modules can be updated or repl with ease. Modular design – different teams can work on different modules. High cohesion – each module performs only one task or similarly related tasks. Low coupling – a module should not rely on too many different modules to work. Eg- a modul;e performing only addition or (addn, subtraction and multiplication(similar job)) is said to have high cohesion. If module A needs to send data to module B, C and D to perform its task – it is high coupling (not desirable). Pers testing codes to be different than the developers. Use separate environment for code developing, testing and final production environment. – separation of duties. Backdoors (a specific key combination to bypass all access controls and get to the code; also called maint hooks. Remove before sending SW into production.