January 2023
Intermediate to advanced
214 pages
3h 43m
Chinese
Content preview from 威胁建模:安全设计中的风险识别和规避
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
68 | 第
2
章
物联网设备 控制服务 数据库
获取状态请求
获取状态请求
返回状态
重置状态
返回状态
时间流逝
图 2-1:显示 TOCTOU 的样本序列图
你能发现问题所在吗?
注 51
2.2.2 你不应该期待的发现
系统模型是系统及其属性的抽象或近似。威胁建模最好“尽早而频繁地”完成,
并且主要集中在系统的架构和设计方面。由于语言限制、嵌入式组件或开发者
的选择,导致通过这个练习,你无法发现关键问题是由于实现的缺陷导致的。
例如,虽然可以知道你使用了正确的加密形式来保护敏感资产,但在设计时很
难知道在密钥生成过程中是否正确地植入了随机数生成器。你可以预测可能会
存在一个值得关注的原因,并且可以模拟实际中播种不佳所带来的影响,但是
此时你的发现是理论性的,因此不一定具备可操作性
注 6
。同样,你可能从模型
中知道某个特定功能是用一种难以保证内存安全的语言编写的(例如,C 语 言 ),
但是将很难知道你的 200 个 API 中,其中 3 个具有可远程利用的基于堆栈的缓
冲区溢出漏洞。你应该注意不要成为组织中“哭泣的狼(https://oreil.ly/fVc3L)”
的人,而应该专注于可执行和可防护的结果。
2
2.3 威胁情报收集
预测哪些特定的行为者可能想要攻击你的系统,利用你已经识别的漏洞来访问
注 5 : 答案:控制服务过早从数据库中获取控制状态变量,并没有更新其本地副本,导致在请求状态变
量时返回错误值给设备。
注 6: 第 5 章中提出的持续威胁建模(CTM)为这个难题提供了一个潜在的解决方案。
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.