9 years 9 years

Lecture
Software security definition:

Software that cannot be intentionally subverted or forced to fail. It remains correct and predictable

Isolate, contain, and limit the damage resulting from any failures caused by attack-triggered faults that the software was unable to resist or tolerate, and recover as quickly as possible from those failures.

Safety relevant faults are stochastic/random and security relevant faults are intentionally created

Causes for vulnerable software:

  • Lack of motivation/incentives
  • Lack of Knowledge
  • Lack of Technology (tools/automation/management)

Sources of attacks:

  • External
  • Internal intentional
  • Internal unintentional

Security requirements:

  • Fault threat attack trees
  • Failure to impact analysis (FMEA)
  • Threat modeling
  • Misuse cases
  • Legal requirements

System design:

  • Prevent (avoid, compartmentalization)
  • Detect and recover: Transit to safe state and logging

Testing: Issues with developer vs attacker bias and concurrency (race conditions and limited resources when upscaling)

Presentation
Only one of the 3 scheduled students showed up and presented:

.NET security:

  • A framework for mobile code, windows, windows phone X-Box and OS X, iPhone and PS3 via Mono
  • Large library of code (Large class library)
  • Memory management
  • Role based security: User groups allowed to call functions
  • Code access security: Code signing and sand-boxing, desktop applications are run as fully trusted and is not affected by CAS