• Aucun résultat trouvé

Security in Software Engineering

N/A
N/A
Info
Télécharger
Protected

Academic year: 2022

Partager "Security in Software Engineering"

Copied!
11
0
0

Chargement.... (Voir le texte intégral maintenant)

Texte intégral

(1)

Security in Software Engineering

Web Services

Part 11 : Good practices for Secure Software.

Alexandre Dulaunoy

adulau@foo.be

(2)

Agenda

A little story,

Buffer Overflows, Race Conditions,

Security in Operations, Conclusion.

(3)

Buffer Overflows

Process/Programs create sections in memory (heap, stack),

A buffer is various "continuous" chunks of memory,

What happens if the continuous chunks is overwritten ?, Programs can act act in strange ways,

Programs can fail completely,

Programs can proceed without any noticeable difference

The little story of the 5th Dec (brk() syscall exploit in Linux kernel).

(4)

brk() syscall exploit in Linux Kernel

The kernel organizes a process’s memory in a specific structure,

The kernel is also a program that "controls" all the programs on the system,

brk() is used to extend heap memory when requested, Specific design on IA-32 systems (the kernel is mapped after the 0xc0000000),

This exploit is working locally (not remotely) but ...,

(5)

Buffer Overflows - how to avoid ?

Make defensive programming,

Avoid a lot of default call (like gets() for libc, system.* in java...),

Use source-code scanning tools whenever possible, Compile with stackguard-like system,

Use on the running system a protection against buffer overflow,

Don’t rely on one system protection.

(6)

Race Conditions

The example of the meeting,

RC occurs when an assumption needs to hold true for a period of time but actually may not,

Race condition has a window of vulnerability,

On computer systems, the window of vulnerability is often quite small,

File-based race conditions are the most important, More related to multi-users systems (like Unix),

(7)

Race Conditions : example

class Counter example (via java.servlet) (the

"synchronized(obj)" solution),

race condition in passwd (Solaris example),

Payment system and race conditions (ATM system example),

Asynchronous message delivery and race conditions (another payment system example),

and the issue of the 5th Dec...

(8)

Race Conditions - how to avoid ?

Difficult to find and debug,

Apply rules of concurrency problem,

Limit usage of multithreaded/multiprocess (only when required),

Think about each microseconds between each operations,

Be atomic...

(9)

Operations to maintain security

Security is everybody’s problem but no one cares, Network environment

Monitor,

Only essential net services,

Separate management network from production, Multiple layers of security,

Log network events (and monitor...),

(10)

Deploy application with security in mind

Secure the Operating System (don’t trust the environment),

Third-party code should be fully audited, Ensure daily operations practices,

Be ready for worst case situation,

and don’t forget the issue of the 5th Dec...

(11)

Q&R

adulau@foo.be

http://www.foo.be/cours/securite-webservices/

3B12 DCC2 82FA 2931 2F5B 709A 09E2 CD49 44E6 CBCD

Références

Télécharger maintenant ( PDF - 11 Page - 164.04 KB )

Documents relatifs

Neither Race nor the 93 Are What You Think They Are

Consequently and in a comparative perspective, we will focus on three facets of this racial lens (racial politics, racialized stigma and questions of representation) to show both

?! race/et s

La Chambre suisse de l'horlogerie a pro- cédé à la répartition du nouveau contin- gent français, mais doit attendre avant d'en nantir les intéressés, que le gouvernement français

The most important ones are:!

Again I ask you questions to each of which your answer is yes or no, again you are allowed to give at most one wrong answer, but now I want to be able to know which card you

RaceR- V03. Race R - Race R PRO

Votre casque race-r/race r Pro a été conçu pour apporter un confort supplé- mentaire aux porteurs de lunettes avec le shark easY Fit.. les 2 joues sont réalisées chacune avec une

A new approach to detect potential race conditions in component-based systems

In order to implement concurrency access management, ARCS also requires some other components that are not shown: a Monitor component that acts as a wrapper component for the

Intellectual Method of Program Interactions Visualisation in Unix-like Systems for Information Security Purposes

Based on the generalized Model of program interactions, a visualization Method is proposed that would display such connections in an understandable to an expert form.. The

What are the most common conditions in primary care?: Systematic review

} This systematic review of several large-scale studies from 12 countries found that the most common clinician-reported reasons for visits (RFVs) (eg, upper respiratory tract

RACE AU

Afin de mieux comp:-endre certains des mécanismes à la base des différences existant dans l’activité de butineuses d’abeilles de race pure et d’abeilles