csce522-lect-best-practices

csce522-lect-best-practices - CSCE 522 CSCE 522 Secure...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: CSCE 522 CSCE 522 Secure Software Development Secure Software Development Best Practices Best Practices CSCE 522 - Farkas 2 Reading Reading This lecture: Jan Jrjens, Towards Development of Secure Systems using UMLsec, http://citeseer.ist.psu.edu/536233.html CSCE 522 - Farkas 3 Application of Touchpoints Application of Touchpoints Requirement and Use cases Architecture and Design Test Plans Code Tests and Test Results Feedback from the Field 5. Abuse cases 6. Security Requirements 2. Risk Analysis External Review 4. Risk-Based Security Tests 1. Code Review (Tools) 2. Risk Analysis 3. Penetration Testing 7. Security Operations CSCE 522 - Farkas 4 Misuse Cases Misuse Cases Software development: making software do something Describe features and functions Everything goes right Need: security, performance, reliability Service level agreement legal binding How to model non-normative behavior in use cases? Think like a bad guy CSCE 522 - Farkas 5 Software Vendor Accountability Software Vendor Accountability Proper implementation of security features Looking for known security flaws Passing third party validation Source code analysis CSCE 522 - Farkas 6 Checking for Known Checking for Known Vulnerabilities Vulnerabilities Need tool Possible attacks and attack types How the software behaves if something goes WRONG What motivates an attacker? CSCE 522 - Farkas 7 Misuse Cases Misuse Cases Extends use case diagrams Represent actions the system should prevent Represent together Desired functionalities Undesired actions Security: emergent property must be built in from the ground up Making explicit trade offs CSCE 522 - Farkas 8 Misuse Cases Misuse Cases Analyze system design and requirements Assumptions Failure of assumptions Attack patterns Software that is used also going to be attacked What can a bad guy do and how to react to malicious use CSCE 522 - Farkas 9 Misuse Case Development Misuse Case Development Team work software developers and security experts Identifying and documenting threats Creating anti-requirements: how the system can be abused Creating attack model Select attack pattern relevant to the system Include anyone who can gain access to the system CSCE 522 - Farkas 10 Application of Touchpoints Application of Touchpoints Requirement and Use cases Architecture and Design Test Plans Code Tests and Test Results Feedback from the Field 5. Abuse cases5....
View Full Document

This note was uploaded on 12/13/2011 for the course CSCE 522 taught by Professor Farkas during the Fall '11 term at South Carolina.

Page1 / 35

csce522-lect-best-practices - CSCE 522 CSCE 522 Secure...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online