DotNetBlocks

Things on DotNet, programming, and other useless stuff

Security in Software

The term security has many meanings based on the context and perspective in which it is used. Security from the perspective of software/system development is the continuous process of maintaining confidentiality, integrity, and availability of a system, sub-system, and system data. This definition at a very high level can be restated as the following: Computer security is a continuous process dealing with confidentiality, integrity, and availability on multiple layers of a system.

Key Aspects of Software Security

  • Integrity
  • Confidentiality
  • Availability

Integrity within a system is the concept of ensuring only authorized users can only manipulate information through authorized methods and procedures. An example of this can be seen in a simple lead management application.  If the business decided to allow each sales member to only update their own leads in the system and sales managers can update all leads in the system then an integrity violation would occur if a sales member attempted to update someone else’s leads. An integrity violation occurs when a team member attempts to update someone else’s lead because it was not entered by the sales member.  This violates the business rule that leads can only be update by the originating sales member.

Confidentiality within a system is the concept of preventing unauthorized access to specific information or tools.  In a perfect world the knowledge of the existence of confidential information/tools would be unknown to all those who do not have access. When this this concept is applied within the context of an application only the authorized information/tools will be available. If we look at the sales lead management system again, leads can only be updated by originating sales members. If we look at this rule then we can say that all sales leads are confidential between the system and the sales person who entered the lead in to the system. The other sales team members would not need to know about the leads let alone need to access it.

Availability within a system is the concept of authorized users being able to access the system. A real world example can be seen again from the lead management system. If that system was hosted on a web server then IP restriction can be put in place to limit access to the system based on the requesting IP address. If in this example all of the sales members where accessing the system from the 192.168.1.23 IP address then removing access from all other IPs would be need to ensure that improper access to the system is prevented while approved users can access the system from an authorized location. In essence if the requesting user is not coming from an authorized IP address then the system will appear unavailable to them. This is one way of controlling where a system is accessed.

Through the years several design principles have been identified as being beneficial when integrating security aspects into a system. These principles in various combinations allow for a system to achieve the previously defined aspects of security based on generic architectural models.

Security Design Principles

  • Least Privilege
  • Fail-Safe Defaults
  • Economy of Mechanism
  • Complete Mediation
  • Open Design
  • Separation Privilege
  • Least Common Mechanism
  • Psychological Acceptability
  • Defense in Depth

Least Privilege Design Principle
The Least Privilege design principle requires a minimalistic approach to granting user access rights to specific information and tools. Additionally, access rights should be time based as to limit resources access bound to the time needed to complete necessary tasks. The implications of granting access beyond this scope will allow for unnecessary access and the potential for data to be updated out of the approved context. The assigning of access rights will limit system damaging attacks from users whether they are intentional or not.
This principle attempts to limit data changes and prevents potential damage from occurring by accident or error by reducing the amount of potential interactions with a resource.

Fail-Safe Defaults Design Principle
The Fail-Safe Defaults design principle pertains to allowing access to resources based on granted access over access exclusion. This principle is a methodology for allowing resources to be accessed only if explicit access is granted to a user. By default users do not have access to any resources until access has been granted. This approach prevents unauthorized users from gaining access to resource until access is given.

Economy of Mechanism Design Principle
The Economy of mechanism design principle requires that systems should be designed as simple and small as possible. Design and implementation errors result in unauthorized access to resources that would not be noticed during normal use.

Complete Mediation Design Principle
The Complete Mediation design principle states that every access to every resource must be validated for authorization.

Open Design Design Principle
The Open Design Design Principle is a concept that the security of a system and its algorithms should not be dependent on secrecy of its design or implementation

Separation Privilege Design Principle
The separation privilege design principle requires that all resource approved resource access attempts be granted based on more than a single condition. For example a user should be validated for active status and has access to the specific resource.

Least Common Mechanism Design Principle
The Least Common Mechanism design principle declares that mechanisms used to access resources should not be shared.

Psychological Acceptability Design Principle
The Psychological Acceptability design principle refers to security mechanisms not make resources more difficult to access than if the security mechanisms were not present

Defense in Depth Design Principle
The Defense in Depth design principle is a concept of layering resource access authorization verification in a system reduces the chance of a successful attack. This layered approach to resource authorization requires unauthorized users to circumvent each authorization attempt to gain access to a resource.

When designing a system that requires meeting a security quality attribute architects need consider the scope of security needs and the minimum required security qualities. Not every system will need to use all of the basic security design principles but will use one or more in combination based on a company’s and architect’s threshold for system security because the existence of security in an application adds an additional layer to the overall system and can affect performance. That is why the definition of minimum security acceptably is need when a system is design because this quality attributes needs to be factored in with the other system quality attributes so that the system in question adheres to all qualities based on the priorities of the qualities.

Resources:

  • DEBORA Laurence

    9/4/2011 9:12:05 AM |

    Les meilleurs liens se trouvent su Sukoga.com, metamoteur de recherche web gratuit.

  • stratford upon avon hotels

    9/5/2011 1:43:18 PM |

    Hey this is a great post. Could you keep me updated with any other info similar to this? If travelling to the UK why not stay at Stratford hotel and watch a Shakespear play

  • Luigi Fulk

    9/7/2011 12:24:54 PM |

    Thank you very much for those infos. Finally you are the one who is really dealing with the main point.

  • TopM

    9/12/2011 8:34:00 AM |

    Thank you  for this awesome story. I really enjoyed reading this.

  • Fritz

    9/15/2011 5:23:59 PM |

    I do love the manner in with you have framed this particular problem.

  • michelle

    9/21/2011 1:46:32 AM |

    Thank you for another essential article. Where else could anyone get that kind of information in such a complete way of writing? I have a presentation incoming week, and I am on the lookout for such information. <a href=\\\"http://fixtinnitusfast.com\\\">find more...</a>

  • michelle

    9/21/2011 8:36:38 AM |

    Thank you for another essential article. Where else could anyone get that kind of information in such a complete way of writing? I have a presentation incoming week, and I am on the lookout for such information. <a href=\\\"http://fixtinnitusfast.com\\\">find more...</a>

  • gracee

    9/21/2011 8:36:41 AM |

    Thank you for another essential article. Where else could anyone get that kind of information in such a complete way of writing? I have a presentation incoming week, and I am on the lookout for such information. <a href=\\\"http://fixtinnitusfast.com\\\">find more...</a>

  • Valda

    9/24/2011 8:34:28 PM |

    Thank you for this unique article. I especially enjoyed reviewing it and ought to discuss it with everyone.

  • Valentina

    9/25/2011 3:47:56 AM |

    This is actually interesting, You are an immensely skillful article author. I have registered with your feed additionally watch for finding your exceptional write-ups. Furthermore, We have shared your web page in our myspace.

  • Valentina

    9/25/2011 4:23:46 AM |

    Hey, I wanted to ask you something. Is this site a wordpress website? My group is considering shifting my web page from Blogger to wordpress, do you think this is feasible? In addition did you construct this template by yourself some how? Many thanks for your help!

  • BpSender.com

    9/26/2011 8:13:26 AM |

    Hello  , Every gave any thought to advertising your business or your clients business on CraigsList or BackPage ?, we can help for little or nothing and make it happen for you:

    TRAFFIC MAGNET - Craigslist & Backpage Posting - Tons Of Ads Posted - Your Choice - More Sales Now ! $0.01 AD POSTING PENNY PROMOTION 30 Days Of Posting Up To 1000 Ads a Day, FoolProof Advertising ! ADVERTISING IS TO YOUR BUSINESS - What Gasoline Is To Your Car - WithOut It Nothing Ever Happens !

    Visit us today:
    http://www.BpSender.com

  • paintball auction

    10/3/2011 11:10:09 PM |

    If you are into paintball. Check out Bidfrenzy.co.za. Paintball equipment at a fraction of retail.

  • Eartha Furubotten

    10/5/2011 5:42:43 AM |

    Only wanna utter that this is extremely beneficial, Blesss for taking your period to correspond this. “We can’t sum be heroes being somebody has to pose on the shackle further slap as they go by.” by Determination Rogers.

  • riads Marrakech

    10/12/2011 12:17:37 PM |

    Hold up the great fragment of work, I understand few pieces on this internet site and I assume that your snare site is rattling interesting and has sets of exquisite word.

  • Luxury Accommodation

    10/24/2011 7:06:16 AM |

    There is so much great luxury accommodation in South Africa.

  • Hotel Software Guru

    10/24/2011 12:05:49 PM |

    Excellent piece for new surfers like me who want to know about what sites are available. There appears to be so much to know that it is overwhelming, but resources like this really help. Cheers!

Pingbacks and trackbacks (1)+

Comments are closed