Embed Size (px)
Citation preview
Applications & SystemsDevelopment
A very brief overview of the SDLC and the security issues involved.
Generic Systems Engineering Process
Discover Needs Define System Requirements Design System Architecture Develop Detailed Design Implement System Assess Effectiveness of System
SystemRequirements
SoftwareRequirements
Analysis
ProgramDesign
Coding
Testing
Operations &Maintenance
A simplistic software development model
SystemRequirements
SystemRequirements
Analysis
Design
Coding
Testing
Operations &Maintenance
The Waterfall development model
Going back only one stage limits rework and enhances control
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
A modified Waterfall development model that enforces comparison against specific baselines
Validation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Verification: doing the job right
Validation: doing the right job
The Spiral Model
Cost Estimation Models :-)
• Basic COnstructive COst Model COCOMO – Cost as a function of lines of code
Man Months (MM) = 2.4 * 1000s of delivered source instructionsDevelopment Schedule = 2.5(MM).38
• Function Point Measurement Model– I/O types, internal file types, interfaces, etc
• Software Life Cycle Model (SLIM)– Manpower buildup index– Productivity factor
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
Security life cycle componentsValidation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Info sec policy, standards, legal issues, early validation of concepts
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
Security life cycle componentsValidation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Threats, vulnerabilities, sec requirements., reasonable care, due diligence, legal liabilities, cost/benefit, level of protection desired, test plans, validation
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
Security life cycle componentsValidation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Incorporating security specs, adjust system & security test plans & data, determine access controls, design docs, evaluate encryption options, verification, business continuity plans
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
Security life cycle componentsValidation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Develop security related code, unit testing, reuse other modules if possible, support business continuity plans, docs
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
Security life cycle componentsValidation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Integrate security components, test integrated modules per plans, refine docs, conduct security related product verification
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
Security life cycle componentsValidation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Install security software, run system conduct acceptance testing, test security software, certify docs & accreditation (if necessary)
SystemRequirements
SoftwareRequirements
ProductDesign
Coding
IntegrationProduct
Implementa-tion
Operations &Maintenance
Security life cycle componentsValidation
Validation
Verification
Unit Testing
Verification
System Test
Revalidation
Revalidate security controls, penetration testing, vulnerability analyses, manage change requests, implement change control, make changes, evaluate performance, update docs, recertify
Testing
• Unit testing
• Done by separate personnel
• Check all I/O, modules, files, security, etc
Extreme Programming (XP)Principles
• Feedback: most useful if it is done rapidly.
• Assuming simplicity: treating every problem as if it can be solved "extremely simply".
• Incremental changes: small releases
• Embracing change: not working against changes but embracing them.
Manifesto for Agile Software Development
• We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to value: – Individuals and interactions over processes and tools– Working software over comprehensive documentation– Customer collaboration over contract negotiation– Responding to change over following a plan
• That is, while there is value in the items on the right, we value the items on the left more.
Maintenance Phase
1. Request Control• Establish request priorities, do• Cost estimates• User Interface• Determine tools to use, determine change effects
on other code2. Change Control
• Recreate & Analyze the problem• Develop changes & tests• Quality Control• Document changes, & recertify
3. Release Control
Software Capability Maturity Model (CMM)
• Phase 1: Initiate– Format improvement initiative– Management approval
• Phase 2: Diagnose– Assess current systems
• Phase 3: Establish Action Plan• Phase 4: Action• Phase 5: Leverage
– Review changes and process looking for improvements
Object Oriented Systems
• OO Requirements Analysis
• OO Aanalysis
• Domain Analysis
• OO Design
• OO Programming
• Object Request Brokers: CORBA, SOAP
Artificial Intelligence Systems
• Expert Systems (ES)– algorithm + data structures = Normal Program– Inference engine + knowledge base = ES
• Blackboards• Bayesian Networks• Fuzzy logic• Neural Networks: weighted inputs to “neurons”
yield outputs, “training period”• Genetic Algorithms: evolutionary computing,
fitness values, cross breeding, mutation
Database Systems
• Hierarchical• Mesh
• Object Oriented• Relational
DB Security Issues
• Views
• Granularity
• Aggregation: – combining higher sensitivity with lower
• Inference– Users “guessing” higher level values
• Multiple connections, backups, etc
• Data warehousing & Mining
Application Controls
• Service Level Agreements– Turn around time, avg response time, number
of users, system utilization rates, up times, transaction volumes, problem resolution
• Control Types– Preventative– Detective– Corrective
Preventative Controls
• Accuracy– Data checks, forms, custom screens, validity checks,
contingency planning, & backups
• Security– Firewalls, reference monitors, sensitivity labels, traffic
padding, encryption, data classification, one-time passwords, separation of development & testing
• Consistency– Data dictionary, programming standards & database
Detective Controls
• Accuracy– Cyclic redundancy checks, structured walk-
throughs, hash totals, reasonableness checks
• Security– Intrusion detection systems, audit trails
• Consistency– Comparison controls, relationship tests,
reconciliation controls
Corrective Controls
• Accuracy– Backups, control reports, before/after
imaging, checkpoint restarts
• Security– Emergency response & reference monitor
• Consistency– Program comments & database controls
System Architecture Issues
• Distributed Systems– Agents, applets, “sandbox,” virtual machines– P2P
• Centralized– Easier to protect
• Real Time
