CYBER SECURITY AT APPLICATION LEVEL

SANTOSH KHADSARE

3

INVOLVES ALTERING THE RAW DATA JUST BEFORE A COMPUTER PROCESSES IT AND THEN CHANGING IT BACK AFTER PROCESSING IS COMPLETED

SECONDARY STATE BOARD PRIVATE STUDENTS TOPPED OVER GOVT

STUDENTS 6 DIGIT ROLL NUMBER

GOVT STUDENTS STARTS WITH 3 PRIVATE STUDENTS STARTS WITH 4

SOFTWARE MANIPULATION FOR ROLL_ NO 3 if marks between 68 & 100

DEDUCT 9 FOR ROLL_ NO 4 if marks between 68 & 88

ADD 9

4

5

Data Information we keep on computers (product

design, financial records, personnel data) Lost time, lost sales, lost confidence

Resources Unauthorized use of computer time & space

Reputation Misrepresentation, forgery, negative

publicity

Integrity

Confidentiality

Avalaibility

Confidentiality - Protection from unauthorized persons

Integrity - consistency of data; no unauthorized creation, alteration or destruction

Availability - ensuring access to legitimate users

Legitimate use - ensuring appropriate use by authorized users

Security

Functionality

Ease of Use

Moving Ball

Intrusion - unauthorized access and use of systems

Denial of service - an attack aimed at preventing use of company computers email bomb or flooding/Internet worm disabled, rerouted or replaced services

Information theft - network taps, database access, hacking into sites to give out more info or to wrong parties

• Scanners• Key-loggers.• Trojans.• Remote Admin

Toolkits.• Spyware.• Backdoors.• Worms.• Remote Sniffers.• Distributed Denial

of Service.

Security Services Authentication (entity, data origin) Access control (prevent unauthorized

access) Confidentiality (disclosure, encryption) Data integrity (value of data item) Non-repudiation (falsely denying a

transaction)

No Security - not an option Security thru Obscurity - don’t tell

anyone where your site is Host Security - enforced security on

each host; progressively difficult to manage as number of hosts increase

Network Security - control network access to hosts and services; firewalls, strong authentication, and encryption

ConfidentialityConfidentiality

AvailabilityAvailability

AssurabilityAssurability

Non-RepudiationNon-Repudiation

IntegrityIntegrity

AuthenticationAuthentication

Clustering, Clustering, Redundancy,Redundancy,Hot Standby, PortHot Standby, PortMirroring Mirroring

Availability Availability + +

ReliabilityReliabilityDigital Signatures, PKI

Digital Signatures, PKI

Biometrics, Biometrics, Smartcards,Smartcards,Voice based SystemsVoice based Systems

Cryptography,Cryptography,VPNs,VPNs,

PKIPKI

Info Security Components

ININ

PROCESSINGPROCESSING

IN IN

TRANSMISSIONTRANSMISSION

IN IN

STORAGESTORAGE

Information States

Security Measures

As Strong As The Weakest Link …

PCs SERVERS

WAN / WAN / INTRANETINTRANET

HQ XYZ CORPSHQ ABC CORPS

MOBILE USER

FIREWALL

ROUTER

SWITCH

ROUTER

NETWORK BASED

INTERNET

Fm ISP

Layer 3 Switch WAN IP

Red Zone

IDS

FW IP Cop

WebServer

Mail Server

DNS Server

DMZ (Orange Zone)

DMZ (Orange Zone)

L 2 SW

L 2 SW

To another L2 SW

192.168.1.1

192.168.3.2

Green ZoneGreen Zone

ROUTER

INTERNET

V.35Gateway136.0.0.1 IPS136.0.0.2 136.0.0.3

HW FW

136.0.0.4L2 SW

192.168.1.1

SERVER

SERVERSERVER

. DNS

. HTTP

. SMTP

. RAID

. RDBMS

. DATABACKUP

. ANTI VIRUS

. HIPS

. SCANNER

DMZ

BIOMETRIC SENSOR

L2 SWVLAN

AWAN

TASK-2

TASK-1

. Secure disk

. True Crypt

192.168.1.2 192.168.1.3 192.168.1.4

192.168.2.1/26

Domain users

To OTHER NW

192.168.2.2 192.168.2.4

NWPRINTE

R

BIOMETRIC SENSOR

LOCAL NW

192.168.2.X/28

PCs SERVERS

WANWAN

SWITCH

ROUTER

ROUTER

FIREWALLANTI

VIRUS

MOBILE USER

HQ XYZ CORPS

HQ ABC CORPS

NETWORK BASED

HOST BASED

Cyber Security is the set of "measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack.“

This broad and all-encompassing cyber security definition poses a significant challenge for enterprises; therefore, it is highly critical for enterprises to have an in-depth cyber security strategy and plan in place in order to provide the maximum level of protection from cyber security risks at not just the network perimeter but also the application layer.

Cyber Security is the set of "measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack.“

This broad and all-encompassing cyber security definition poses a significant challenge for enterprises; therefore, it is highly critical for enterprises to have an in-depth cyber security strategy and plan in place in order to provide the maximum level of protection from cyber security risks at not just the network perimeter but also the application layer.

An application is a program or group of programs designed for end users. Application software can be divided into two general classes: systems software and applications software.

Systems software consists of low-level programs that interact with the computer at a very basic level. This includes operating systems, compilers, and utilities for managing computer resources.

applications software (also called end-user programs) includes database programs, word processors, and spreadsheets. Figuratively speaking, applications software sits on top of systems software because it is unable to run without the operating system and system utilities.

An application is a program or group of programs designed for end users. Application software can be divided into two general classes: systems software and applications software.

Systems software consists of low-level programs that interact with the computer at a very basic level. This includes operating systems, compilers, and utilities for managing computer resources.

applications software (also called end-user programs) includes database programs, word processors, and spreadsheets. Figuratively speaking, applications software sits on top of systems software because it is unable to run without the operating system and system utilities.

Application security encompasses measures taken

throughout the application's life-cycle to prevent

exceptions in the security policy of an application or

the underlying system (vulnerabilities) through flaws

in the design, development, deployment, upgrade, or

maintenance of the application.

Application security encompasses measures taken

throughout the application's life-cycle to prevent

exceptions in the security policy of an application or

the underlying system (vulnerabilities) through flaws

in the design, development, deployment, upgrade, or

maintenance of the application.

The flaws within the software

cause a majority of the

vulnerability

Most security professional are

usually not software

developers

Many software developers do

not have security as a main focus .

The computing community is

used to receiving

software with bugs and then

applying patches.

The computing community is

used to receiving

software with bugs and then

applying patches.

Software venders are

trying to rush their products

to markets with their eyes set

on functionality not security.

Hard and crunchy on the outside

Soft and chewy on the inside

Soft and chewy on the inside

Perimeter

security is

fortified and

solid

Perimeter

security is

fortified and

solid

Internal environment and software are easy to exploit once access has been obtained.

Internal environment and software are easy to exploit once access has been obtained.

Software controls –

implemented by

Operating System

Combination of three

Aplns and Cmptr systems are usually devp for functionality first, not security.

To get the best of both, security and functionality will have to be designed and devp at the same time

Developing aplns first and then trying to add security can cause problems:

May reduce overall funcCan open security holes when the apln is to be integrated

with other aplns

Security solns today look to solve problems through controls such as IDS, IPS, FWs, Avs, Vulnerability scanners, etc.

This is because our SW contains many vulnerabilities.

Our systems are hard on the outside and soft inside. Why?

We have implemented strong perimeter defences, however our internal environment and SW is easy to exploit once access has been gained.

Why are perimeter devices more often considered rather than developing secure SW?

In the past, SW was devp for func and not security. Mainframe era.

Many programmers do not have experience of secure coding.

Most security professionals are not SW developers.

Many SW developers do not have security as the main focus.

SW vendors under tight deadlines to get products into market; security suffers.

Customers cannot control flaws in the SW they purchase, so they must depend on perimeter protection. Thus the present day over-reliance on perimeter defences.

Traditionally, we consumers have always demanded functionality from the aplns, with little thought to security.

Only in the last 6 – 8 yrs, the focus is slowly shifting to functionality coupled with security.

Security controls can be used for:InputsProcessingOutput

Devp controls with potential risks in mind.SW to be used in a closed trusted environment versus an open environment.

.

Goal is to:Prevent data corruptionPrevent security compromisesReduce vulnerabilities.

Controls can be preventive, detective and corrective.Can be in the form of administrative or physical controls; but are mostly technical in nature.

Buggy SW is relBuggy SW is rel

Hackers find SW vulnerabilities

Hackers find SW vulnerabilities

Web sites post these vulnerabilities on Internet and methods of exploiting them

Web sites post these vulnerabilities on Internet and methods of exploiting them

SW vendor develops and releases SW patches to fix these vulnerabilities

SW vendor develops and releases SW patches to fix these vulnerabilities

The new patch goes on the stack of SW patches that all NW admin need to test

and install

The new patch goes on the stack of SW patches that all NW admin need to test

and install

NW admin today has to integrate various aplns and different computer systems.

Coys today are rushing to devp aplns capable of taking on-line orders, storing credit card info and est extranets with business partners.

All of this is an extremely complex activity.

On top of all this security is expected and demands.

As the complexity of the environment grows, tracking compromises and errors becomes a difficult task.

SW controls are usually implemented nowadays through a mix of:OS controlsApln controlsDB controls

OS controls can control a subject’s access to an object.These controls do not restrict a subject’s action within an apln.

Apln controls can ensure only valid inputs are inserted, data is processed in the correct sequence, and only certain subjects can view data in sensitive fields.

Aplns must draw a balance between Functionality and Security.

Out of the box installation is always insecure.

If an apln is extremely user friendly, it is probably not secure.Why?

User friendly implies – extra lines of code.More lines of code – more the potential vulnerabilities.

SDLC – Security Issues

Also once vendors iden vulnerabilities and rel patches, NW admin may not apply them. Why?

NW admin may not be up to date on current vulnerabilities and patches.They may not fully understand the imp of patches.They may be afraid that patches may cause other problems

Bottomline – Insecure systems

Also, If an apln fails – it must fail secure.

Software Development Life Cycle

SDLC stands for Software Development Life Cycle. A Software Development Life Cycle is essentially a series of steps, or phases, that provide a model for the development and lifecycle management of an application or piece of software.

The methodology within the SDLC process can vary across industries and organizations, but standards such as ISO/IEC 12207 represent processes that establish a lifecycle for software, and provide a mode for the development, acquisition, and configuration of software systems.

The intent of a SDLC process it to help produce a product that is cost-efficient, effective, and of high quality. Once an application is created, the SDLC maps the proper deployment and decommissioning of the software once it becomes a legacy.

Project Initiation

Functional Design Analysis and Plg

System Design Specs

SW Devp

Installation/Implementation

Operations / Maintenance

Disposal

Problems with Database Security

Risks to databasesToday more and more coys holding sensitive data (credit card info, stock inventory, etc) in DBs.

Earlier employees only accessed DBs. Today DB connectivity provided to customers also (Eg – check online availability of an item).

How do you secure DBs?

Group users in different roles and assign rights and permissions to various roles.Customers are assigned a role to only view data; and that too only specific fields of data.Customers interact with the DB through a middleware (apln). Middleware checks roles and presents data as per permissions assigned to that role.

Risks to databases – DB Integrity

Concurrency Problem

Occurs when a DB is accessed by more than one apln/users at the same time.

SW lock used to overcome this. Processes lock tables within DB, make changes and then rel the SW lock. Next process can access DB only after the 1st process has rel the SW lock.

Risks to databases – DB Integrity

DB SW performs three main types of integrity services:

Entity Integrity: Every row (record) is uniquely iden by a primary key.

Referential Integrity: All foreign keys reference existing primary keys.

Semantic Integrity: Rules pertaining to data types, logical values are enforced.

Risks to databases – DB Integrity

Other Operations in DB SW to protect integrity of data:

Rollback: An operation that ends a current transaction and cancels current changes to a DB. The DB reverts to its previous state.

Could be changes to the data / schema.

Roll back occurs when the DB experiences a glitch or if processing sequence is disrupted.

Risks to databases – DB Integrity

Other Operations in DB SW to protect integrity of data:

Commit:This operation completes a transaction and executes all changes just made by the user. DB is updated to reflect the latest changes.

If commit cannot complete correctly, a rollback is performed.

Ensures that partial changes do not take place and data is not corrupted.

Risks to databases – DB Integrity

Other Operations in DB SW to protect integrity of data:

Savepoints:Same like system restore in Win OS.

If a system failure takes place, the DB attempts to revert to the previous savepoint.

Setting savepoints consumes resources. Bal to be stuck between No of Savepoints and not enough of them.

Savepoints can be initiated by a time interval, user action, or No of transactions.

Savepoint restores data by enabling user to go back in time before the system crashed.

Risks to databases – DB Integrity

Other Operations in DB SW to protect integrity of data:

Checkpoints:Similar to Savepoints.

When a specific amt of mem is filled, a checkpoint is triggered.

This saves data from mem to a temp file.

If system crashes, the DB will attempt to restore data from this temp file.

A few Database Attacks

Brute Force attacks against Passwords

Default Username and passwords not changed by the sys adminEg: “scott”; “tiger” - username/password combination in Oracle DB till 11g ver.

Microsoft SQL Server – came with default (publically known) passwords.

Easily guessable passwords chosen by sys admin..

A few Database Attacks

Privilege Escalation

Gen happens due to mis-configuration of database or underlying OS.

Eg: A low privilege user has read rights only.However, he can read all colns in the DB incl colns holding credit card info. (mis-configuration – Restd DB views were not enforced).

A few Database AttacksExploiting unused / un-necessary servicesEg: Listener service in Oracle DB.It seeks out and fwds network connection requests to Oracle DB.

When an apln has to access a DB – poorly written aplns can cause connections w/o authentication and authorisation.

Install only those features that you need to use.

If you don’t install a feature, you don’t have to patch it up later.

A few Database AttacksExploiting unused / un-necessary services.

Very Imp: Patch up DBs as and when patches are rel by the vendor.

Gen sys admins avoid patching. Why?:Prevent downtime of the DB.Does not understand patches and what they doDo not have time to test patchesMay fear that patches may cause some other problems.

A few Database Attacks

Stolen BackupsGen an insider attack.

If backup data is un-encypted, the attacker does not need to hack into a DB.

Another problem with backups – too many versions of backups. Problem in tracking all ver.

A few Database Attacks

SQL InjectionOccurs when the fields available for user input allows SQL stmts to be inputted.

Gen, this attack takes place on the middleware; which connects to the backend DB.

Eg: If an attacker gets a username/password screen, he can input an SQL stmt which is passed by the apln server to the DB and gets executed toentry to the DB.

Gen the result of poor programming practices.