book

Secure and Resilient Software Development

by Mark S. Merkow, Lakshmikanth Raghavan

June 2010

Intermediate to advanced

392 pages

8h 31m

English

Auerbach Publications

Read now

Unlock full access

Preliminaries
Preface
How This Book Is Organized
About the Authors
Acknowledgments
Chapter 1 How Does Software Fail Thee? Let Us Count the Ways
Chapter Overview1.1 Vulnerabilities Abound1.1.1 Security Flaws Are Omnipresent1.1.2 Cars Have their Share of Computer Problems Too1.2 Tracing the Roots of Defective Software1.3 What Are the True Costs of Insecure Software to Global Enterprises?1.4 Addressing Security Questions Addresses ResilienceSummary1.5 ReferencesTable 1.1
Chapter 2 Characteristics of Secure and Resilient Software
Chapter Overview2.1 Functional Versus Nonfunctional Requirements2.2 Testing Nonfunctional Requirements2.3 Families of Nonfunctional Requirements2.4 AvailabilityAvailability Levels and Measurements2.5 Capacity2.6 Efficiency2.7 Interoperability2.8 Manageability2.9 Cohesion2.10 Coupling2.11 Maintainability2.12 Performance2.13 Portability2.14 Privacy2.15 Recoverability2.16 Reliability2.17 Scalability2.18 Security2.19 Serviceability/Supportability2.20 Characteristics of Good Requirements2.21 Eliciting Nonfunctional Requirements2.22 Documenting Nonfunctional RequirementsSummary2.23 ReferencesFigure 2.1Table 2.1Table 2.2Table 2.3
Chapter 3 Security and Resilience in the Software Development Life Cycle
Chapter Overview3.1 Resilience and Security Begin from Within3.2 Requirements Gathering and Analysis3.3 Systems Design and Detailed Design3.3.1 Functional Decomposition3.3.2 Categorizing Threats3.3.3 Ranking Threats3.3.4 Mitigation Planning3.4 Design Reviews3.5 Development (Coding) Phase3.5.1 Static Analysis3.5.2 Peer Review3.5.3 Unit Testing3.6 Testing3.7 Deployment3.8 Security TrainingSummary3.9 ReferencesFigure 3.1Figure 3.2Figure 3.3Figure 3.4Figure 3.5Figure 3.6
Chapter 4 Proven Best Practices for Resilient Applications
Chapter Overview4.1 Critical Concepts4.2 The Security Perimeter4.3 Attack Surface4.3.1 Mapping the Attack Surface4.3.2 Side Channel Attacks4.4 Application Security and Resilience Principles4.5 Practice 1: Apply Defense in Depth4.6 Practice 2: Use a Positive Security Model4.7 Practice 3: Fail Securely4.8 Practice 4: Run with Least Privilege4.9 Practice 5: Avoid Security by Obscurity4.10 Practice 6: Keep Security Simple4.11 Practice 7: Detect Intrusions4.11.1 Log All Security-Relevant Information4.11.2 Ensure That the Logs Are Monitored Regularly4.11.3 Respond to Intrusions4.12 Practice 8: Don’t Trust Infrastructure4.13 Practice 9: Don’t Trust Services4.14 Practice 10: Establish Secure Defaults4.15 Mapping Best Practices to Nonfunctional RequirementsSummary4.16 ReferencesFigure 4.1Figure 4.2Table 4.1
Chapter 5 Designing Applications for Security and Resilience
Overview5.1 Design Phase Recommendations5.1.1 Misuse Case Modeling5.1.2 Security Design and Architecture Review5.1.3 Threat and Risk Modeling5.1.4 Risk Analysis and Modeling5.1.5 Security Requirements and Test Case Generation5.2 Design to Meet Nonfunctional Requirements5.3 Design Patterns5.4 Architecting for the Web5.5 Architecture and Design Review ChecklistSummary5.6 ReferencesFigure 5.1Table 5.1Table 5.2
Chapter 6 Programming Best Practices
Chapter Overview6.1 The Evolution of Software Attacks6.2 The OWASP Top 106.2.1 A1: Injection6.2.2 A2: Cross-Site Scripting6.2.3 A3: Broken Authentication and Session Management6.2.4 A4: Insecure Direct Object References6.2.5 A5: Cross-Site Request Forgery6.2.6 A6: Security Misconfiguration6.2.7 A7: Failure to Restrict URL Access6.2.8 A8: Unvalidated Redirects and Forwards6.2.9 A9: Insecure Cryptographic Storage6.2.10 A10: Insufficient Transport Layer Protection6.3 OWASP Enterprise Security API (ESAPI)6.3.1 Input Validation and Handling6.3.2 Client-Side Versus Server-Side Validation6.3.3 Input Sanitization6.3.4 Canonicalization6.3.5 Examples of Attacks due to Improper Input Handling6.3.5.1 Buffer Overflow6.3.5.2 OS Commanding6.3.6 Approaches to Validating Input Data6.3.6.1 Exact Match Validation6.3.6.2 Known Good Validation6.3.6.3 Known Bad Validation6.3.7 Handling Bad Input6.3.8 ESAPI Interfaces6.4 Cross-Site Scripting6.4.1 Same Origin Policy6.4.2 Attacks Through XSS6.4.2.1 Persistent Attacks6.4.2.2 Nonpersistent Attacks6.4.2.3 DOM-Based Attacks6.4.3 Prevention of Cross-Site Scripting6.4.4 ESAPI Interfaces6.5 Injection Attacks6.5.1 SQL Injection6.5.2 Stored Procedures6.5.3 Identifying SQL Injection and Exploitation6.5.3.1 SQL Injection6.5.3.2 Blind SQL Injection6.5.4 Defending Against SQL Injection6.5.5 Creating SQL Queries6.5.6 Additional Controls to Prevent SQL Injection Attacks6.5.7 ESAPI Interfaces6.6 Authentication and Session Management6.6.1 Attacking Log-in Functionality6.6.2 Attacking Password Resets6.6.3 Attacking Sensitive Transactions6.7 Cross-Site Request Forgery6.7.1 CSRF Mitigation6.8 Session Management6.8.1 Attacking Log-out Functionality6.8.2 Defenses Against Log-out Attacks6.8.3 Defenses Against Cookie Attacks6.8.4 Session Identifiers6.8.4.1 Attacking a Session Identifier6.8.4.2 Defenses Against Session ID Attacks6.8.5 ESAPI Interfaces6.9 Access Control6.9.1 Avoiding Security Through Obscurity6.9.2 Access Control Issues6.9.3 Testing for Broken Access Control6.9.4 Defenses Against Access Control Attacks6.9.5 Administrator Interfaces6.9.6 Protecting Administrator Interfaces6.9.7 ESAPI Interfaces6.10 Cryptography6.10.1 Hashing and Password Security6.10.2 Attacking the Hash6.10.3 Precomputed Attacks6.10.4 Message Authentication Code (MAC)6.10.5 Home-Grown Algorithms6.10.6 Randomness and Pseudo-Randomness6.10.7 ESAPI Interfaces6.11 Error Handling6.11.1 User Error Messages6.11.2 Log-in Error Messages—A Case Study6.11.3 Error Message Differentiation6.11.4 Developer Error Messages6.11.5 Information to Be Kept Private6.11.6 Structured Exception Handling6.11.7 ESAPI Interfaces6.12 Ajax and Flash6.12.1 AJAX Application Traffic6.12.2 AJAX Client Requests6.12.3 Server Responses6.12.4 Typical Attacks Against AJAX Applications6.12.5 Security Recommendations for AJAX Applications6.12.6 Adobe Flash—Sandbox Security Model6.12.7 Cross-Domain Policy6.12.8 Restrict SWF Files Embedded in HTML6.12.9 Attacking Flash Applications6.12.10 Securing Flash Applications6.13 Additional Best Practices for Software Resilience6.13.1 Externalize Variables6.13.2 EncryptedProperties—Method Summary6.13.3 Initialize Variables Properly6.13.4 Do Not Ignore Values Returned by Functions6.13.5 Avoid Integer Overflows6.14 Top 10 Secure Coding Practices6.15 Fifty Questions to Improve Software SecuritySummary6.16 ReferencesFigure 6.1Figure 6.2Figure 6.3Figure 6.4Figure 6.5Figure 6.6Figure 6.7Table 6.1Table 6.2Table 6.3Table 6.4Table 6.5Table 6.6Table 6.7Table 6.8

Chapter 7 Special Considerations for Embedded Systems, Cloud Computing, and Mobile Computing Devices
Chapter Overview7.1 Embedded Systems7.1.1 Bad Assumptions About Embedded Systems Programming7.1.2 New Mantras7.1.3 The Framework7.2 Distributed Applications/Cloud Computing7.2.1 Representational State Transfer (REST)7.2.2 REST Stateless Authentication7.2.3 Attacking Distributed APIs7.2.4 Securing Distributed APIs7.3 Mobile Applications7.3.1 BlackBerry7.3.1.1 Overview7.3.1.2 BlackBerry Connectivity and Security Capabilities7.3.2 Windows Mobile7.3.2.1 Overview7.3.2.2 Windows Mobile Connectivity and Security Capabilities7.3.3 iPhone7.3.3.1 Overview7.3.3.2 iPhone Connectivity and Security Capabilities7.3.4 Mobile Application SecuritySummary7.4 References
Chapter 8 Security Testing of Custom Software Applications
Chapter Overview8.1 Fixing Early Versus Fixing After Release8.2 Testing Phases8.3 Unit Testing8.4 Manual Source Code Review8.5 The Code Review Process8.6 Automated Source Code Analysis8.6.1 Automated Reviews Compared with Manual Reviews8.6.2 Commercial and Free Source Code Analyzers8.6.2.1 Commercial—Multilanguage8.6.2.2 Open Source—Multilanguage8.6.2.3 .NET Support8.6.2.4 Java Support8.6.3 Fortify 3608.6.3.1 O2—OunceOpen8.7 Acquiring Commercial or Open-Source Analysis Tools8.8 Deployment Strategy8.8.1 IDE Integration for Developers8.8.2 Build Integration for Governance8.9 Regulatory Compliance8.10 Benefits of Using Source Code Analyzers8.11 Penetration (Pen) Testing8.11.1 Penetration Testing Tools8.11.2 Automated Black Box Scanning8.11.3 Deployment Strategy8.11.3.1 Developer Testing8.11.3.2 Centralized Quality Assurance Testing8.11.4 Gray Box Testing8.11.5 Limitations and Constraints of Pen Testing ToolsSummary8.12 ReferencesFigure 8.1Figure 8.2Figure 8.3Figure 8.4Figure 8.5
Chapter 9 Testing Commercial off-the-Shelf Systems
Chapter Overview9.1 The Problems with Shrink-Wrapped Software9.2 The Common Criteria for Information Technology Security Evaluation9.2.1 Harmonizing Evaluation Criteria9.2.2 Development9.2.3 Evaluation9.2.4 Operation9.2.5 Key Concepts of the Common Criteria9.2.6 The Security Framework9.2.7 The Common Criteria Approach9.2.8 The Security Environment9.2.9 The Common Criteria Portal9.2.10 Criticisms of the CC9.3 The Commercial Community Responds9.3.1 The BITS/FSTC Security Assurance Initiative9.4 ICSA Labs9.4.1 Evaluation Methodology9.4.2 Certification Criteria9.4.3 ICSA Labs Testing and Certification Process9.5 Veracode’s VerAfied Software Assurance9.5.1 Ratings Methodology9.5.2 Assessing Software for the VerAfied MarkSummary9.6 ReferencesFigure 9.1Figure 9.2Figure 9.3Figure 9.4Table 9.1Table 9.2
Chapter 10 Implementing Security and Resilience Using CLASP
Chapter Overview10.1 Comprehensive, Lightweight Application Security Process (CLASP)10.2 CLASP Concepts10.3 Overview of the CLASP Process10.4 CLASP Key Best Practices10.4.1 Best Practice 1: Institute Awareness Programs10.4.2 Best Practice 2: Perform Application Assessments10.4.3 Best Practice 3: Capture Security Requirements10.4.4 Best Practice 4: Implement Secure Development Practices10.4.5 Best Practice 5: Build Vulnerability Remediation Procedures10.4.6 Best Practice 6: Define and Monitor Metrics10.4.7 Best Practice 7: Publish Operational Security Guidelines10.5 CLASP Security Activities to Augment Software Development Processes10.6 Applying CLASP Security Activities to Roles10.7 Re-engineering Your SDLC for CLASP10.7.1 Business Objectives10.7.2 Process Milestones10.7.3 Process Evaluation Criteria10.7.4 Forming the Process Re-engineering Team10.8 Sample CLASP Implementation Roadmaps10.8.1 Green-Field Roadmap10.8.2 Legacy RoadmapSummary10.9 ReferencesFigure 10.1Table 10.1
Chapter 11 Metrics and Models for Security and Resilience Maturity
Chapter Overview11.1 Maturity Models for Security and Resilience11.2 Software Assurance Maturity Model—OpenSAMM11.2.1 Core Practice Areas11.2.1.1 Governance Core Practice Areas11.2.1.2 Construction Core Practice Areas11.2.1.3 Verification Core Practice Areas11.2.1.4 Deployment Core Practice Areas11.2.2 Levels of Maturity11.2.2.1 Objective11.2.2.2 Activities11.2.2.3 Results11.2.2.4 Success Metrics11.2.2.5 Costs11.2.2.6 Personnel11.2.2.7 Related Levels11.2.3 Assurance11.3 The Building Security In Maturity Model (BSIMM)11.3.1 BSIMM Software Security Framework11.3.1.1 Governance11.3.1.2 Intelligence11.3.1.3 SSDL Touchpoints11.3.1.4 Deployment11.4 BSIMM Activities11.4.1 Governance: Strategy and Metrics11.4.1.1 Strategy and Metrics Level 1 OverviewActivities in Strategy and Metrics Area 1.1Activities in Strategy and Metrics Area 1.2Activities in Strategy and Metrics Area 1.3Activities in Strategy and Metrics Area 1.4Activities in Strategy and Metrics Area 1.511.4.1.2 Strategy and Metrics Level 2 OverviewActivities in Strategy and Metrics Area 2.1Activities in Strategy and Metrics Area 2.2Activities in Strategy and Metrics Area 2.3Activities in Strategy and Metrics Area 2.411.4.1.3 Strategy and Metrics Level 3 OverviewActivities in Strategy and Metrics Area 3.1Activities in Strategy and Metrics Area 3.211.4.2 Governance: Compliance and Policy11.4.2.1 Compliance and Policy Level 1 OverviewActivities in Compliance and Policy Area 1.1Activities in Compliance and Policy Area 1.1Activities in Compliance and Policy Area 1.211.4.2.2 Compliance and Policy Level 2 OverviewActivities in Compliance and Policy Area 2.1Activities in Compliance and Policy Area 2.2Activities in Compliance and Policy Area 2.3Activities in Compliance and Policy Area 2.4Activities in Compliance and Policy Area 2.511.4.2.3 Compliance and Policy Level 3 OverviewActivities in Compliance and Policy Area 3.1Activities in Compliance and Policy Area 3.2Activities in Compliance and Policy Area 3.311.4.3 Governance: Training11.4.3.1 Training Level 1 OverviewActivities in Training Area 1.1Activities in Training Area 1.2Activities in Training Area 1.3Activities in Training Area 1.411.4.3.2 Training Level 2 OverviewActivities in Training Area 2.1Activities in Training Area 2.2Activities in Training Area 2.3Activities in Training Area 2.4Activities in Training Area 2.511.4.3.3 Training Level 3 OverviewActivities in Training Area 3.1Activities in Training Area 3.2Activities in Training Area 3.311.4.4 Intelligence: Attack Models11.4.4.1 Attack Models Level 1 OverviewActivities in Attack Models Area 1.1Activities in Attack Models Area 1.2Activities in Attack Models Area 1.3Activities in Attack Models Area 1.411.4.4.2 Attack Models Level 2 OverviewActivities in Attack Models Area 2.1Activities in Attack Models Area 2.2Activities in Attack Models Area 2.3Activities in Attack Models Area 2.411.4.4.3 Attack Models Level 3 OverviewActivities in Attack Models Area 3.1Activities in Attack Models Area 3.211.4.5 Intelligence: Security Features and Design11.4.5.1 Security Features and Design Level 1 OverviewSecurity Features and Design Area 1.1Security Features and Design Area 1.211.4.5.2 Security Features and Design Level 2 OverviewSecurity Features and Design Area 2.1Security Features and Design Area 2.2Security Features and Design Area 2.311.4.5.3 Security Features and Design Level 3 OverviewSecurity Features and Design Area 3.1Security Features and Design Area 3.211.4.6 Intelligence: Standards and Requirements11.4.6.1 Standards and Requirements Level 1 OverviewStandards and Requirements Area 1.1Standards and Requirements Area 1.2Standards and Requirements Area 1.3Standards and Requirements Area 1.411.4.6.2 Standards and Requirements Level 2 OverviewStandards and Requirements Area 2.1Standards and Requirements Area 2.2Standards and Requirements Area 2.3Standards and Requirements Area 2.4Standards and Requirements Area 2.511.4.6.3 Standards and Requirements Level 3 OverviewStandards and Requirements Area 3.111.4.7 SSDL Touchpoints : Architecture Analysis11.4.7.1 Architecture Analysis Level 1 OverviewArchitecture and Analysis Area 1.1Architecture and Analysis Area 1.2Architecture and Analysis Area 1.3Architecture and Analysis Area 1.411.4.7.2 Architecture Analysis Level 2 OverviewArchitecture and Analysis Area 2.1Architecture and Analysis Area 2.2Architecture and Analysis Area 2.311.4.7.3 Architecture Analysis Level 3 OverviewArchitecture and Analysis Area 3.1Architecture and Analysis Area 3.211.4.8 SSDL Touchpoints: Code Review11.4.8.1 Code Review Level 1 OverviewCode Review Area 1.1Code Review Area 1.2Code Review Area 1.311.4.8.2 Code Review Level 2 OverviewCode Review Area 2.1Code Review Area 2.2Code Review Area 2.3Code Review Area 2.4Code Review Area 2.511.4.8.3 Code Review Level 3 OverviewCode Review Area 3.1Code Review Area 3.2Code Review Area 3.311.4.9 SSDL Touchpoints: Security Testing11.4.9.1 Security Testing Level 1 OverviewSecurity Testing Area 1.1Security Testing Area 1.211.4.9.2 Security Testing Level 2 OverviewSecurity Testing Area 2.1Security Testing Area 2.2Security Testing Area 2.311.4.9.3 Security Testing Level 3 OverviewSecurity Testing Area 3.1Security Testing Area 3.2Security Testing Area 3.3Security Testing Area 3.411.4.10 Deployment: Penetration Testing11.4.10.1 Penetration Testing Level 1 OverviewPenetration Testing Area 1.1Penetration Testing Area 1.211.4.10.2 Penetration Testing Level 2 OverviewPenetration Testing Area 2.1Penetration Testing Area 2.2Penetration Testing Area 2.311.4.10.3 Penetration Testing Level 3 OverviewPenetration Testing Area 3.1Penetration Testing Area 3.211.4.11 Deployment: Software Environment11.4.11.1 Software Environment Level 1 OverviewSoftware Environment Area 1.1Software Environment Area 1.211.4.11.2 Software Environment Level 2 OverviewSoftware Environment Area 2.1Software Environment Area 2.2Software Environment Area 2.311.4.11.3 Software Environment Level 3 OverviewSoftware Environment Area 3.111.4.12 Deployment: Configuration Management and Vulnerability Management11.4.12.1 Configuration Management and Vulnerability Management Level 1 OverviewConfiguration Management and Vulnerability Management Area 1.1Configuration Management and Vulnerability Management Area 1.211.4.12.2 Configuration Management and Vulnerability Management Level 2 OverviewConfiguration Management and Vulnerability Management Area 2.1Configuration Management and Vulnerability Management Area 2.2Configuration Management and Vulnerability Management Area 2.311.4.12.3 Configuration Management and Vulnerability Management Level 3 OverviewConfiguration Management and Vulnerability Management Area 3.1Configuration Management and Vulnerability Management Area 3.211.5 Measuring Results with BSIMM11.6 Helpful Resources For Implementing BSIMM11.7 Applying BSIMM to the Financial Services Domain11.7.1 Working Group MethodologySummary11.8 ReferencesFigure 11.1Figure 11.2Figure 11.3Figure 11.4Figure 11.5Figure 11.6Figure 11.7Figure 11.8Figure 11.9Figure 11.10Figure 11.11Figure 11.12Figure 11.13Figure 11.14Figure 11.15Figure 11.16Figure 11.17Figure 11.18Figure 11.19
Chapter 12 Taking It to the Streets
Chapter Overview12.1 Getting Educated12.1.1 DEVELOPER 522: Defending Web Applications12.1.2 DEVELOPER 530: Essential Secure Coding in Java/JEE12.1.3 DEVELOPER 541: Secure Coding in Java/JEE: Developing Defensible Applications12.1.4 DEVELOPER 542: Web App Penetration Testing and Ethical Hacking12.1.5 DEVELOPER 544: Secure Coding in .NET: Developing Defensible Applications12.1.6 DEVELOPER 545: Secure Coding in PHP: Developing Defensible Applications12.1.7 DEVELOPER 534: Secure Code Review for Java Web Apps12.1.8 DEVELOPER 543: Secure Coding in C/C++: Developing Defensible Applications12.1.9 Aspect Security Inc.12.1.10 CERT Software Engineering Institute (SEI)12.1.11 SEI Secure Coding in C and C++ Course12.2 Getting Certified12.2.1 Certified Secure Software Lifecycle Professional (CSSLP)12.2.2 Why Obtain the CSSLP?12.2.3 Benefits of Certification to the Professional12.2.4 Benefits of Certification to the Enterprise12.3 Getting Involved12.3.1 Web Application Security Consortium12.3.1.1 How to Contribute to WASC12.3.1.2 WASC Projects12.3.1.3 Web Security Articles12.3.1.4 The Web Hacking Incidents Database12.3.1.5 Web Application Security Scanner Evaluation Criteria12.3.1.6 The Script Mapping Project12.3.1.7 Web Security Glossary12.3.1.8 WASC Threat Classification v212.3.1.9 Web Application Firewall Evaluation Criteria12.3.1.10 Web Application Security Statistics12.4 Reaching Out for Research12.4.1 DHS Research Program Areas12.4.2 The U.S. Treasury and the FSSCC12.4.2.1 Challenge 1: Advancing the State of the Art in Designing and Testing Secure Applications12.4.2.2 Desired Functionality12.4.2.3 Potential Research Projects12.5 Last Call12.6 Conclusion12.7 ReferencesFigure 12.1Figure 12.2Figure 12.3Table 12.1
Glossary
Appendix A 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
OverviewA.1 Brief Listing of the Top 25A.1.1 Insecure Interaction Between ComponentsA.1.2 Risky Resource ManagementA.1.3 Porous DefensesA.2 Detailed CWE DescriptionsA.2.1 CWE-79: Failure to Preserve Web Page Structure (“Cross-Site Scripting”)A.2.2 CWE-89: Improper Sanitization of Special Elements Used in an SQL Command (“SQL Injection”)A.2.3 CWE-120: Buffer Copy Without Checking Size of Input (“Classic Buffer Overflow”)A.2.4 CWE-352: Cross-Site Request Forgery (CSRF)A.2.5 CWE-285: Improper Access Control (Authorization)A.2.6 CWE-807: Reliance on Un-trusted Inputs in a Security DecisionA.2.7 CWE-22: Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal”)A.2.8 CWE-434: Unrestricted Upload of File with Dangerous TypeA.2.9 CWE-78: Improper Sanitization of Special Elements Used in an OS Command (“OS Command Injection”)A.2.10 CWE-311: Missing Encryption of Sensitive DataA.2.11 CWE-798: Use of Hard-Coded CredentialsA.2.12 CWE-805: Buffer Access with Incorrect Length ValueA.2.13 CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program (“PHP File Inclusion”)A.2.14 CWE-129: Improper Validation of Array IndexA.2.15 CWE-754: Improper Check for Unusual or Exceptional ConditionsA.2.16 CWE-209: Information Exposure Through an Error MessageA.2.17 CWE-190: Integer Overflow or WraparoundA.2.18 CWE-131: Incorrect Calculation of Buffer SizeA.2.19 CWE-306: Missing Authentication for Critical FunctionA.2.20 CWE-494: Download of Code Without Integrity CheckA.2.21 CWE-732: Incorrect Permission Assignment for Critical ResourceA.2.22 CWE-770: Allocation of Resources Without Limits or ThrottlingA.2.23 CWE-601: URL Redirection to Site (“Open Redirect”)A.2.24 CWE-327: Use of a Broken or Risky Cryptographic AlgorithmA.2.25 CWE-362: Race Condition
Appendix B Enterprise Security API
OverviewB.1 Interface EncoderB.2 Interface UserB.3 Interface AuthenticatorB.4 Interface AccessControllerB.5 Interface AccessReferenceMapB.6 Interface EncryptorB.7 Interface HTTPUtilitiesB.8 Interface LoggerFigure B.1Figure B.2Figure B.3Figure B.4Figure B.5Figure B.6Figure B.7Figure B.8

Content preview from Secure and Resilient Software Development

Chapter 3

Security and Resilience in the Software Development Life Cycle

In Chapter 1 we introduced the need for resilient software and looked at the consequences of software failures and security breaches due to poorly written and sometimes poorly conceived software. In Chapter 2 we explored nonfunctional requirements that lead to high-quality and resilient software and began to understand their role in systems requirements gathering and analysis steps.

Chapter Overview

In this chapter we’ll examine in detail the environment in which software is developed and deployed while applying the enduring principles of software security to help designers and developers better appreciate the why’s and how’s of secure and resilient software development. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Secure, Resilient, and Agile Software Development

Publisher Resources

ISBN: 9781439826973

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Secure and Resilient Software Development

by Mark S. Merkow, Lakshmikanth Raghavan

Security and Resilience in the Software Development Life Cycle

Chapter Overview

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.