Module 2 Integrative Programming and Technologies

ma'am salo sequel

Confidentiality

Disclose information only to authorized users

Integrity

Ensure that data is not modified without authorization

Availability

Decide who has access to information and how to make access effective

Authentication

Identify a user securely

Authorization

Identify a user securely

Non repudiation

Define a set of allowed actions for authorized users

Threats

• Stride model

  • Spoofing identity

  • Tampering with data

  • Repudiation

  • Information disclosure

  • Denial of service

  • Elevation of privilege

Mitigating Threats

• Protection

  • Make successful threats difficult

  • Virtually always possible for attacks to succeed in complex systems if the attacker has enough resources

• Detection

  • Detect an attack in progress

• Response

  • Put in place plans for each identified threat type

Spoofing

• Attacker claims false identity

  • Claim client identity

    • Gain access to sensitive data

    • Run dangerous processes on server

    • Gain administrative priviledges

  • Claim server identity

    • Collect sensitive data from clients

    • Provide false data to clients

• Protection

  • Strong authentication using cryptography

Tampering with Data

• Tampering with persistent data

  • Modify password tables

  • Deface web pages

  • Add viruses or Trojan horses to files

  • Modify routing tables, DNS, …

  • Modify audit logs

• Tampering with network packets

• Protection

  • Hash codes, digital signatures, encryption

Repudiation

• Attacker denies an action which is hard to verify

  • Claim didn’t delete file

  • Claim didn’t make purchase

  • Claim didn’t receive services

• Protection

  • Audit logs

  • Require receipts

  • Digital signatures

Information Disclosure

• Attacker sees sensitive data

  • Local files

  • Network packets

• Attacker gets information about system architecture

  • Banners that display software type and version

• Protection

  • Strong authentication and access control

  • Encrytion of sensitive data

  • Turn off banners, disable tracing and debugging

  • Use terse error messages

Denial of Service

• Syn flooding

  • Send partial connection requests to overflow server’s list of pending connections

• Distributed Denial of Service

• Amplification attacks

  • Send icmp echo requests to broadcast address, spoofing victim’s address

• Protection

  • Install server patches

  • Block incoming icmp requests

  • Throttle anonymous requests

Elevation of Privilege

• Gain administrator privilege

  • Buffer overflow attack

    • Overflow designed to overwrite return address of function with address of malicious code.

  • Exploit bugs in operating system

• Protection

  • Avoid buffer overflows

  • Validate user input

  • Use principle of Least Privilege

    • Grant smallest set of privileges needed to function

  • Patch operating system

Social Engineering and Manipulation

Trick someone into disclosing information, e.g., passwords, credit card ids, SSNs, …

Phreaking

Use fee-based services without payment

Phishing

Acquire sensitive information by luring attacks, usually by email.

Pharming

Redirecting DNS routes to unauthorized sites to get sensitive information.

Your on-line banking redirected to Afghanistan, for example.

False representation

Pretend to be service technician, manager, account owner, …

Inside Job

Employee conspires with attacker to compromise system or information.

PDR

• Protection

  • topic of this presentation

• Detection

  • detect attacks

• Response

  • plan responses for each threat category

    • Call the sysAdmin

    • Call the police

    • Contact the FBI

    • Contact Federal Trade Commission

AAS - .Net Web Model

• Authentication

  • Accept and validate credentials presented by user

• Authorization

  • If validated, determine right to access some resource

• Secure communication

  • Secure the channel

    • SSL, IPsec

  • Secure the data

    • signing, hashing, cryptography

Windows and .Net

• Role-based

  • Authenticate and authorize users, groups, and accounts (System, Local service, Network service)

  • Actions are authorized through permissions

• Evidence-based or Code Access Security (CAS)

  • Code is elevated to the security status of a user.

  • Authorization is based on evidence

    • url, zone, publisher, strong name, custom assembly attributes

  • Actions are authorized through policies

SID – Security IDentifier

Data structure used to identify user or group.

Access Token

A data structure that holds a SID for a security principal, the SIDs for each group the principal belongs to, and a list of the principal’s priviledges on the local computer.

Principal

An account holder that is assigned a SID for access to resources, e.g., user, group, service, or computer.

ACL – Access Control List

• Set of permissions for a specific object or a set of the object’s properties.

• Discretionary (DACL) and System (SACL) are sub-groups. 

  • A discretionary access control list (DACL) that identifies the users and groups who are allowed or denied access. A system access control list (SACL) that controls how access is audited.

Security Descriptor

A data structure holding information about a protected object, e.g., who can access, in what way, whether audited.

Security Context

Set of rules for a user’s actions on a protected object

Combination of user’s access token and object’s security descriptor

Security Policy

Rules that define the allowable contexts and mandatory groups.

Goals

• End-user experience

  • Managed apps just run

  • Safe defaults, no run-time decisions needed

Administrator

• All settings in one place and easy to customize

• Simple policy model

• Security administration tools

  • .Net configuration, CASPOL

Developer

• Focus on application, security comes free

• Easy to understand and extend when needed

Permissions

• Objects that represent specific authorized actions

Policies

• Set of permissions granted to an assembly

Evidence

• Inputs to policy about code

Permissions for framework resources

• Data, environment, file IO, Message Queue, reflection, sockets

• Directory services, event log, web, performance counters, registry, UI

• DNS, file dialog, isolated storage, printing, security system

Identity permissions

• Publisher, site, string name, url, zone

User identity permission

• Only non-code access permission in Framework.

Security

We must protect our computers and data in the same way that we secure the doors to our homes.

Safety

We must behave in ways that protect us against risks and threats that come with technology.

Data Types

A value in JavaScript is always of a certain type. For example, a string or a number.

Number

____ type represents both integer and floating point numbers.

BigInt

In JavaScript, the “number” type cannot represent integer values larger than (253-1) (that’s 9007199254740991), or less than -(-253-1) for negatives. It’s a technical limitation caused by their internal representation.

String

____ string in JavaScript must be surrounded by quotes.

Boolean

____ type has only two values: true and false.

Null

____ value does not belong to any of the types described above.

Undefined

The special value _____ also stands apart. It makes a type of its own, just like null.

Object

All other types are called “primitive” because their values can contain only a single thing (be it a string or a number or whatever). In contrast, ____ are used to store collections of data and more complex entities.

typeof

____ operator returns the type of the argument. It’s useful when we want to process values of different types differently or just want to do a quick check.

JavaScript Operators

Performs some operation on single or multiple operands (data value) and produces a result.

+

Adds two numeric operands.

-

Subtract right operand from left operand

*

Subtract right operand from left operand

/

Divide left operand by right operand.

%

Modulus operator. Returns remainder of two operands.

++

Increment operator. Increase operand value by one.

--

Decrement operator. Decrease value by one.

==

Compares the equality of two operands without considering type.

===

Compares equality of two operands with type.

!=

Compares inequality of two operands.

>

Checks whether left side value is greater than right side value. If yes then returns true otherwise false.

<

Checks whether left operand is less than right operand. If yes then returns true otherwise false.

>=

Checks whether left operand is greater than or equal to right operand. If yes then returns true otherwise false.

<=

Checks whether left operand is less than or equal to right operand. If yes then returns true otherwise false.

&&

is known as AND operator. It checks whether two operands are non-zero (0, false, undefined, null or "" are considered as zero), if yes then returns 1 otherwise 0.

||

is known as OR operator. It checks whether any one of the two operands is non-zero (0, false, undefined, null or "" is considered as zero).

!

is known as NOT operator. It reverses the boolean result of the operand (or condition)

=

Assigns right operand value to left operand.

+=

Sums up left and right operand values and assign the result to the left operand.

-=

Subtract right operand value from left operand value and assign the result to the left operand.

*=

Multiply left and right operand values and assign the result to the left operand.

/=

Divide left operand value by right operand value and assign the result to the left operand.

%=

Get the modulus of left operand divide by right operand and assign resulted modulus to the left operand.

Ternary Operator

? that assigns a value to a variable based on some condition. This is like short form of if-else condition.

if

Use to specify a block of code to be executed, if a specified condition is true

else

Use to specify a block of code to be executed, if the same condition is false

else if

Use to specify a new condition to test, if the first condition is false

switch

Use to specify many alternative blocks of code to be executed

HTML event

can be something the browser does, or something a user does.

onchange

An HTML element has been changed

onclick

The user clicks an HTML element

onmouseover

The user moves the mouse over an HTML element

onmouseout

The user moves the mouse away from an HTML element

onkeydown

The user pushes a keyboard key

onload

The browser has finished loading the page

required

If a form field (fname) is empty, the attribute prevents this form from being submitted:

Data Validation

is the process of ensuring that user input is clean, correct, and useful.

Server side validation

is performed by a web server, after input has been sent to the server.

Client side validation

is performed by a web browser, before input is sent to a web server.

constraint validation

HTML5 introduced a new HTML validation concept called ____ _____

disabled

Specifies that the input element should be disabled

max

Specifies the maximum value of an input element

min

Specifies the minimum value of an input element

pattern

Specifies the value pattern of an input element

required

Specifies that the input field requires an element

type

Specifies the type of an input element

:type

Selects input elements with the "disabled" attribute specified

:invalid

Selects input elements with invalid values