| |
| |
Foreword | |
| |
| |
About the Authors | |
| |
| |
About the Technical Reviewer | |
| |
| |
Acknowledgments | |
| |
| |
Preface | |
| |
| |
| |
Security Design Principles | |
| |
| |
| |
Security Goals | |
| |
| |
| |
Security Is Holistic | |
| |
| |
| |
Physical Security | |
| |
| |
| |
Technological Security | |
| |
| |
| |
Policies and Procedures | |
| |
| |
| |
Authentication | |
| |
| |
| |
Something You Know | |
| |
| |
| |
Something You Have | |
| |
| |
| |
Something You Are | |
| |
| |
| |
Final Notes on Authentication | |
| |
| |
| |
Authorization | |
| |
| |
| |
Access Control Lists (ACLs) | |
| |
| |
| |
Access Control Models | |
| |
| |
| |
The Bell-LaPadula Model | |
| |
| |
| |
Confidentiality | |
| |
| |
| |
Message/Data Integrity | |
| |
| |
| |
Accountability | |
| |
| |
| |
Availability | |
| |
| |
| |
Non-repudiation | |
| |
| |
| |
Concepts at Work | |
| |
| |
| |
Secure Systems Design | |
| |
| |
| |
Understanding Threats | |
| |
| |
| |
Defacement | |
| |
| |
| |
Infiltration | |
| |
| |
| |
Phishing | |
| |
| |
| |
Pharming | |
| |
| |
| |
Insider Threats | |
| |
| |
| |
Click Fraud | |
| |
| |
| |
Denial-of-Service (DoS) | |
| |
| |
| |
Data Theft and Data Loss | |
| |
| |
| |
Designing-In Security | |
| |
| |
| |
Windows 98 | |
| |
| |
| |
The Internet | |
| |
| |
| |
Turtle Shell Architectures | |
| |
| |
| |
Convenience and Security | |
| |
| |
| |
SimpleWebServer Code Example | |
| |
| |
| |
Hypertext Transfer Protocol (HTTP) | |
| |
| |
| |
Code Walkthrough | |
| |
| |
| |
Security in Software Requirements | |
| |
| |
| |
Specifying Error Handling Requirements | |
| |
| |
| |
Sharing Requirements with Quality Assurance (QA) | |
| |
| |
| |
Handling Internal Errors Securely | |
| |
| |
| |
Including Validation and Fraud Checks | |
| |
| |
| |
Writing Measurable Security Requirements | |
| |
| |
| |
Security or Bust | |
| |
| |
| |
Security by Obscurity | |
| |
| |
| |
Flaws in the Approach | |
| |
| |
| |
SimpleWebServer Obscurity | |
| |
| |
| |
Things to Avoid | |
| |
| |
| |
Open vs. Closed Source | |
| |
| |
| |
A Game of Economics | |
| |
| |
| |
"Good Enough" Security | |
| |
| |
| |
Secure Design Principles | |
| |
| |
| |
The Principle of Least Privilege | |
| |
| |
| |
Defense-in-Depth | |
| |
| |
| |
Prevent, Detect, Contain, and Recover | |
| |
| |
| |
Don't Forget Containment and Recovery | |
| |
| |
| |
Password Security Example | |
| |
| |
| |
Diversity-in-Defense | |
| |
| |
| |
Securing the Weakest Link | |
| |
| |
| |
Weak Passwords | |
| |
| |
| |
People | |
| |
| |
| |
Implementation Vulnerabilities | |
| |
| |
| |
Fail-Safe Stance | |
| |
| |
| |
SimpleWebServer Fail-Safe Example | |
| |
| |
| |
Attempted Fix 1: Checking the File Length | |
| |
| |
| |
Attempted Fix 2: Don't Store the File in Memory | |
| |
| |
| |
Fix: Don't Store the File in Memory, and Impose a Download Limit | |
| |
| |
| |
Secure by Default | |
| |
| |
| |
Simplicity | |
| |
| |
| |
Usability | |
| |
| |
| |
Security Features Do Not Imply Security | |
| |
| |
| |
Exercises for Part 1 | |
| |
| |
| |
Secure Programming Techniques | |
| |
| |
| |
Worms and Other Malware | |
| |
| |
| |
What Is a Worm? | |
| |
| |
| |
An Abridged History of Worms | |
| |
| |
| |
The Morris Worm: What It Did | |
| |
| |
| |
The Morris Worm: What We Learned | |
| |
| |
| |
The Creation of CERT | |
| |
| |
| |
The Code Red Worm | |
| |
| |
| |
The Nimda Worm | |
| |
| |
| |
The Blaster and SQL Slammer Worms | |
| |
| |
| |
More Malware | |
| |
| |
| |
Buffer Overflows | |
| |
| |
| |
Anatomy of a Buffer Overflow | |
| |
| |
| |
A Small Example | |
| |
| |
| |
A More Detailed Example | |
| |
| |
| |
The safe_gets() Function | |
| |
| |
| |
Safe String Libraries | |
| |
| |
| |
Additional Approaches | |
| |
| |
| |
StackGuard | |
| |
| |
| |
Static Analysis Tools | |
| |
| |
| |
Performance | |
| |
| |
| |
Heap-Based Overflows | |
| |
| |
| |
Other Memory Corruption Vulnerabilities | |
| |
| |
| |
Format String Vulnerabilities | |
| |
| |
| |
Integer Overflows | |
| |
| |
| |
Client-State Manipulation | |
| |
| |
| |
Pizza Delivery Web Site Example | |
| |
| |
| |
Attack Scenario | |
| |
| |
| |
Solution 1: Authoritative State Stays at Server | |
| |
| |
| |
Solution 2: Signed State Sent to Client | |
| |
| |
| |
Using HTTP POST Instead of GET | |
| |
| |
| |
Cookies | |
| |
| |
| |
JavaScript | |
| |
| |
| |
SQL Injection | |
| |
| |
| |
Attack Scenario | |
| |
| |
| |
Solutions | |
| |
| |
| |
Why Blacklisting Does Not Work | |
| |
| |
| |
Whitelisting-Based Input Validation | |
| |
| |
| |
Escaping | |
| |
| |
| |
Second Order SQL Injection | |
| |
| |
| |
Prepared Statements and Bind Variables | |
| |
| |
| |
Mitigating the Impact of SQL Injection Attacks | |
| |
| |
| |
Password Security | |
| |
| |
| |
A Strawman Proposal | |
| |
| |
| |
Hashing | |
| |
| |
| |
Offline Dictionary Attacks | |
| |
| |
| |
Salting | |
| |
| |
| |
Online Dictionary Attacks | |
| |
| |
| |
Additional Password Security Techniques | |
| |
| |
| |
Strong Passwords | |
| |
| |
| |
"Honeypot" Passwords | |
| |
| |
| |
Password Filtering | |
| |
| |
| |
Aging Passwords | |
| |
| |
| |
Pronounceable Passwords | |
| |
| |
| |
Limited Login Attempts | |
| |
| |
| |
Artificial Delays | |
| |
| |
| |
Last Login | |
| |
| |
| |
Image Authentication | |
| |
| |
| |
One-Time Passwords | |
| |
| |
| |
Cross-Domain Security in Web Applications | |
| |
| |
| |
Interaction Between Web Pages from Different Domains | |
| |
| |
| |
HTML, JavaScript, and the Same-Origin Policy | |
| |
| |
| |
Possible Interactions of Documents from Different Origins | |
| |
| |
| |
HTTP Request Authentication | |
| |
| |
| |
Lifetime of Cached Cookies and HTTP Authentication Credentials | |
| |
| |
| |
Attack Patterns | |
| |
| |
| |
Cross-Site Request Forgery (XSRF) | |
| |
| |
| |
Cross-Site Script Inclusion (XSSI) | |
| |
| |
| |
Cross-Site Scripting (XSS) | |
| |
| |
| |
Preventing XSRF | |
| |
| |
| |
Inspecting Referer Headers | |
| |
| |
| |
Validation via User-Provided Secret | |
| |
| |
| |
Validation via Action Token | |
| |
| |
| |
Security Analysis of the Action Token Scheme | |
| |
| |
| |
Preventing XSSI | |
| |
| |
| |
Authentication via Action Token | |
| |
| |
| |
Restriction to POST Requests | |
| |
| |
| |
Preventing Resource Access for Cost Reasons | |
| |
| |
| |
Preventing XSS | |
| |
| |
| |
General Considerations | |
| |
| |
| |
Simple Text | |
| |
| |
| |
Tag Attributes (e.g., Form Field Value Attributes) | |
| |
| |
| |
URL Attributes (href and src) | |
| |
| |
| |
Style Attributes | |
| |
| |
| |
Within Style Tags | |
| |
| |
| |
In JavaScript Context | |
| |
| |
| |
JavaScript-Valued Attributes | |
| |
| |
| |
Redirects, Cookies, and Header Injection | |
| |
| |
| |
Filters for "Safe" Subsets of HTML | |
| |
| |
| |
Unspecified Charsets, Browser-Side Charset Guessing, and UTF-7 XSS Attacks | |
| |
| |
| |
Non-HTML Documents and Internet Explorer Content-Type Sniffing | |
| |
| |
| |
Mitigating the Impact of XSS Attacks | |
| |
| |
| |
Exercises for Part 2 | |
| |
| |
| |
Introduction to Cryptography | |
| |
| |
| |
Symmetric Key Cryptography | |
| |
| |
| |
Introduction to Encryption | |
| |
| |
| |
Substitution Ciphers | |
| |
| |
| |
Notation and Terminology | |
| |
| |
| |
Block Ciphers | |
| |
| |
| |
Security by Obscurity: Recap | |
| |
| |
| |
Encrypting More Data | |
| |
| |
| |
AES Code Example | |
| |
| |
| |
Stream Ciphers | |
| |
| |
| |
One-Time Pad | |
| |
| |
| |
RC4 | |
| |
| |
| |
Steganography | |
| |
| |
| |
What Is Steganography? | |
| |
| |
| |
Steganography vs. Cryptography | |
| |
| |
| |
Asymmetric Key Cryptography | |
| |
| |
| |
Why Asymmetric Key Cryptography? | |
| |
| |
| |
RSA | |
| |
| |
| |
Elliptic Curve Cryptography (ECC) | |
| |
| |
| |
Symmetric vs. Asymmetric Key Cryptography | |
| |
| |
| |
Certificate Authorities | |
| |
| |
| |
Identity-Based Encryption (IBE) | |
| |
| |
| |
Authentication with Encryption | |
| |
| |
| |
Key Management and Exchange | |
| |
| |
| |
Types of Keys | |
| |
| |
| |
Identity Keys | |
| |
| |
| |
Conversation or Session Keys | |
| |
| |
| |
Integrity Keys | |
| |
| |
| |
Key Generation | |
| |
| |
| |
Random Number Generation | |
| |
| |
| |
The rand() function | |
| |
| |
| |
Random Device Files | |
| |
| |
| |
Random APIs | |
| |
| |
| |
Key (Secret) Storage | |
| |
| |
| |
Keys in Source Code | |
| |
| |
| |
Storing the Key in a File on Disk | |
| |
| |
| |
"Hard to Reach" Places | |
| |
| |
| |
Storing Secrets in External Devices | |
| |
| |
| |
Key Agreement and Exchange | |
| |
| |
| |
Using Asymmetric Keys | |
| |
| |
| |
Diffie-Hellman (DH) | |
| |
| |
| |
MACs and Signatures | |
| |
| |
| |
Secure Hash Functions | |
| |
| |
| |
Message Authentication Codes (MACs) | |
| |
| |
| |
CBC MACs | |
| |
| |
| |
HMAC | |
| |
| |
| |
Signatures | |
| |
| |
| |
Certificates and Certificate Authorities (CAs) | |
| |
| |
| |
Signing and Verifying | |
| |
| |
| |
Registration Authorities (RAs) | |
| |
| |
| |
Web of Trust | |
| |
| |
| |
Attacks Against Hash Functions | |
| |
| |
| |
SSL | |
| |
| |
| |
Server-Authenticated-Only | |
| |
| |
| |
Mutual Authentication | |
| |
| |
| |
Exercises for Part 3 | |
| |
| |
| |
Appendixes | |
| |
| |
| |
Defense-in-Depth: The FLI Model | |
| |
| |
| |
Protecting Against Failure | |
| |
| |
| |
Protecting Against Lies | |
| |
| |
| |
Protecting Against Infiltration | |
| |
| |
| |
Other Techniques | |
| |
| |
| |
Using an FLI-like Model | |
| |
| |
| |
References | |
| |
| |
| |
Source Code Listings | |
| |
| |
References | |
| |
| |
Index | |