Skip to main content

Software Design - An infosec angle

Software design is the important stage where the code is really put to work to deliver or build an business function and application. This is a stage where the SRS (Software Requirements Specifications) is finalized and signed off for design and development.

The major difficult in software design is to incorporate the business requirements as well as do threat modeling to understand the attack surface of the applications. Many applications do not show up problems in regular normal use but show up funny ways of responding when provided with a different input or action not generally considered as part of the application design.
The major areas that a threat model derived needs to address are – The Microsoft STRIDE model provides the following areas to be addressed as part of the design.

1. Spoofing
2. Tampering
3. Repudiation
4. Information Disclosure
5. Denial of Service
6. Elevation of Privilege
7. Integrity of Data

Even though all aspects are not covered most of them are covered in the above threat model. The best way to go about is to break the applications into the different threat vectors and address each one of them.

Each process, data store and elements that are part of the application design are specifically vulnerable to one of the vectors. A matix is prepared addressing each of the vectors’ effect on the application. All elements including web services, people who use the systems and the end points where data is handed over to another application are places of vulnerability. Once we map all the data flows from the application - In the form of a map , we identify areas that are possibly vulnerable to say Information Disclosure, and may have a threat profile associated with it.
The mapping will be very crucial to the way the application is designed. It always helps to think in the same way as a would be attacker does. In this way the model as it evolves will replicate a real threat scenario and the way an attack may be carried out. This is also one of the main reasons to differentiate between the design team and the team that threat models. This removes any bias the developer has for his system and is modeled in such a way that every aspect that can be exploited is tested thoroughly.

Though it is easier to write about threat modeling, it is an evolving science and needs to be modified in line with when it is required, new attack parameters are found and newer vectors are discovered, as they do the threat model that is used for design of the software needs to keep in tow with the evolving threat vectors

Comments

Post a Comment

Popular posts from this blog

The Cybersecurity Certification Landscape

What does a typical Cybersecurity Professional need to buttress his credentials. Certifications should be thought of as our ability to present the credentials in a manner that makes it easy for the person to understand and note that the person has the ability and understand cybersecurity jargon and best practices to put to practice the various options as to how we protect our assets. The table was built to provide a set of certifications, what they test you for and the training that is requried to achieve the objective. As said the certificate is only a part of the story, it is the skills in addition to the understanding of the concepts that would be important for the cybersecuity professional to prove to his peers and his team as to his ability to protect the organization against threats. Certification Skills Tested Roles Certified Information Systems Security Professional (CISSP) Security and risk management, asset security, security architecture and engineering, communication and ne
Post a Comment
Read more

Are you a CISO in the making? What it takes to become one?

  A good CISO is a strategic leader who can articulate the business value of cybersecurity and build a strong security program that aligns with the organization's overall goals. They have a deep understanding of the latest cybersecurity threats and technologies, and they are able to translate this knowledge into actionable insights that can be used to protect the organization. A good CISO also has strong communication and interpersonal skills. They are able to build relationships with key stakeholders, including the board of directors, the CEO, and other senior executives. They are also able to communicate effectively with employees at all levels of the organization, and they are able to build a culture of security within the organization. In terms of technical skills, a good CISO should have a strong understanding of the following areas: Network security: This includes knowledge of firewalls, intrusion detection systems, and other network security technologies. Application securit
Post a Comment
Read more

Where are we headed ... A crystal ball into Cybersecurity in the next five years .. Are we ready?

  The future of Cyber Security: Trends and Predictions for the Next 5 years The field of cybersecurity is constantly evolving, and the threats are only getting more sophisticated. In the next five years, we can expect to see a number of trends emerge in the field of cybersecurity, including: The rise of artificial intelligence (AI). AI is already being used by cybercriminals to develop more sophisticated and targeted attacks. As AI continues to develop, it is likely that cybercriminals will be able to use it to even greater effect. The increasing use of cloud computing. Cloud computing has many benefits, but it also introduces new security challenges. Cloud-based data is often more vulnerable to attack than data that is stored on-premises. The growth of the Internet of Things (IoT). The IoT is connecting billions of devices to the internet, which creates a vast new attack surface for cybercriminals. IoT devices are often poorly secured, making them easy targets for attack. The shortage
Post a Comment
Read more