Building Secure Software: How to Avoid Security Problems the Right Way / Edition 1

Building Secure Software: How to Avoid Security Problems the Right Way / Edition 1

by John Viega, Gary McGraw

Most organizations have a firewall, antivirus software, and intrusion detection systems, all of which are intended to keep attackers out. So why is computer security a bigger problem today than ever before? The answer is simple—bad software lies at the heart of all computer security problems. Traditional solutions simply treat the symptoms, not the problem,

See more details below


Most organizations have a firewall, antivirus software, and intrusion detection systems, all of which are intended to keep attackers out. So why is computer security a bigger problem today than ever before? The answer is simple—bad software lies at the heart of all computer security problems. Traditional solutions simply treat the symptoms, not the problem, and usually do so in a reactive way. This book teaches you how to take a proactive approach to computer security.

Building Secure Software cuts to the heart of computer security to help you get security right the first time. If you are serious about computer security, you need to read this book, which includes essential lessons for both security professionals who have come to realize that software is the problem, and software developers who intend to make their code behave. Written for anyone involved in software development and use—from managers to coders—this book is your first step toward building more secure software. Building Secure Software provides expert perspectives and techniques to help you ensure the security of essential software. If you consider threats and vulnerabilities early in the devel-opment cycle you can build security into your system. With this book you will learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped.

Inside you'll find the ten guiding principles for software security, as well as detailed coverage of:

  • Software risk management for security
  • Selecting technologies to make your code more secure
  • Security implications of open source and proprietary software
  • How to audit software
  • The dreaded buffer overflow
  • Access control and password authentication
  • Random number generation
  • Applying cryptography
  • Trust management and input
  • Client-side security
  • Dealing with firewalls

Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore. Get it right the first time. Let these expert authors show you how to properly design your system; save time, money, and credibility; and preserve your customers' trust.

Read More

Product Details

Publication date:
Professional Computing Series
Edition description:
New Edition
Product dimensions:
7.56(w) x 9.38(h) x 1.25(d)

Table of Contents

Code Examples
Contacting Us

1: Introduction to Software Security
It's all about the Software
Dealing with Widespread Security Failures
Technical Trends Affecting Software Security
The 'ilities
What is Security?
Isn't that just reliability?
Penetrate and Patch is Bad
On Art and Engineering
Security Goals
Traceability and Auditing Monitoring
Privacy and Confidentiality
Multi-level security
Know Your Enemy: Common software security pitfalls
Threats Against Software
Software Project Goals
Software Security means Good Software
Hackers, Crackers, and Attackers
Who is the bad guy?

2: Managing Software Security Risk
An Overview of Software Risk Management for Security
The Role of Security Personne
Software Security Personnel in the Lifecycle
Deriving Requirements
Risk Assessment
Design for Security
Security Testing
A Dose of Reality
Getting People to Think about Security
Software Risk Management in Practice
When Development Goes Astray
When Security Analysis Goes Astray
Black box testing
Red teaming
The Common Criteria
Software Risk Management for Security

3: Selecting Technologies
Choosing a Language
Choosing a Distributed Object Platform
Choosing an Operating System
Authentication Technologies
Host-based authentication
Physical Tokens
Biometric Authentication
Cryptographic authentication
Defense in depth and authentication

4: On Open Source and Closed Source
Security by Obscurity
Reverse Engineering
Code Obfuscation
Security for Shrink-Wrapped Software
Security by obscurity is no panacea
The Flip-Side: Open Source Software
Is the many eyeballs phenomenon real?
Why vulnerability detection is hard
Other Worries
On publishing crypto algorithms
Two more open source fallacies
The Microsoft fallacy
The Java fallacy
An example: GNU Mailman security
More evidence: Trojan horses
To open source or not to open source
Another security lesson from buffer overflows
Beating the Drum

5: Guiding Principles for Software Security
Principle 1: Secure the weakest link
Principle 2: Practice defense in depth
Principle 3: Fail securely
Principle 4: Follow the principle of least privilege
Principle 5: Compartmentalize
Principle 6: Keep it simple
Principle 7: Promote privacy
Principle 8: Remember that hiding secrets is hard
Principle 9: Be reluctant to trust
Principle 10: Use your community resources

6: Auditing Software
Architectural Security Analysis
Attack Trees
Reporting analysis findings
Implementation Security Analysis
Auditing source code
Using ITS4 in an analysis

7: Buffer Overflows
What is a Buffer Overflow?
Why Are Buffer Overflows A Security Problem?
Defending against buffer overflow
Major Gotchas
Internal buffer overflows
More Input Overflows
Other Risks
Tools That Can Help
Smashing stacks
Heap Overflows
Memory address
Stack Overflows
Decoding the stack
To infinity.. and beyond!
Attack code
A Unix Exploit
What about Windows?
In Conclusion
SIDEBAR: Buffer Overflow, Deja vu All Over Again

8: Access Control
The Unix Access Control Model
How Unix Permissions Work
Modifying file attributes
Modifying Ownership
The umask
The programmatic interface
Setuid Programming
Access Control in Windows NT
Fine-Grained Privileges

9: Race Conditions
What is a Race Condition? Time of Check, Time of Use
Broken passwd
Avoiding TOCTOU Problems
Secure File Access
Temporary files
File Locking
Other Race Conditions
Java 2 policy manipulation

10: Randomness and Determinism
Pseudo-random number generators
Examples of PRNGs
The Blum-Blum-Shub PRNG
The Yarrow-AES PRNG
Attacks against PRNGs
How to cheat in online gambling
Statistical tests on PRNGs
Entropy Gathering and Estimation
Hardware solutions
Software solutions
Poor entropy collection: How to read "secret" Netscape messages
Handling Entropy
Statistical Tests Revisited
Practical sources of randomness
Random numbers for Windows
Random numbers for Linux
Random numbers in Java

11: Applying Cryptography
General recommendations
Developers are not Cryptographers
Data Integrity
Export Laws
Common Crypto Libraries
Programming with Cryptography
Public Key Encryption
Cookie Encryption
More uses for cryptographic hashes
One-time pads
The Catch

12: Trust Management and Input Validation
A few words on trust
Examples of Misplaced Trust
Trust Is Transitive
Protection from hostile callers
Invoking other programs safely
Problems from the Web
Client-side security
Perl Problems
Format String Attacks
Automatically Detecting Input Problems
It Pays to be Paranoid

13: Password Authentication
Password Storage
Adding users to a password database
Password Authentication
Password Selection
More advice
Throwing dice
Application-selected passwords
One-Time Passwords

14: Database Security
The Basics
Access Control
Using Views for Access Control
Field Protection
Security against statistical attacks

15: Client-side Security
Copy Protection Schemes
License files
Thwarting the Casual Pirate
Other License Features
Other Copy Protection Schemes
Authenticating Untrusted Clients
Anti-Debugger Measures
Responding to Misuse
Code Obfuscation
Basic Obfuscation Techniques
Encrypting Program Parts

16: Through the Firewall
Basic Strategies
Client Proxies
Server Proxies

Appendix A: Cryptography Basics
The Ultimate Goals of Cryptography
Attacks on Cryptography
Types of Cryptography
Symmetric Cryptography
Types of Symmetric Algorithms
Security of Symmetric Algorithms
Public Key Cryptography
Attacks Against Public Key Cryptography
Cryptographic Hashing Algorithms
Other attacks on cryptographic hashes
What's a good hash algorithm to use?
Digital Signatures


Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network


Most Helpful Customer Reviews

See all customer reviews >