Upload
toby-cannon
View
218
Download
2
Embed Size (px)
Citation preview
CSCE 548 CSCE 548 Secure Software Secure Software
DevelopmentDevelopment
Final Exam – ReviewFinal Exam – Review
Project – Final ReportProject – Final Report
Project Final Report – Electronic submission: April 25, 5:00 pm– Hard copy: April 25, 2010 5:30 pm
CSCE 548 - Farkas 2
Final Project FormatFinal Project Format Title
Author
Abstract
What you did in this paper
1. Introduction
2. Related work
3. Background information
4. Current research/development
5. Conclusions and Future Work
6. Group members’ contributions
References
CSCE 548 - Farkas 3
FINAL EXAMFINAL EXAM
CSCE 548 - Farkas 4
CSCE 548 - Farkas 5
ReadingReading McGraw: Software Security: Chapters 1 – 9, 12 19 Deadly Sins:
1. Chapter 1: Buffer overruns 2. Chapter 2: Format string problems 3. Chapter 3: Integer overflows 4. Chapter 4: SQL injection
5. Chapter 6: Failure to handle errors 6. Chapter 7: Cross-site scripting 7. Chapter 13: Information leakage 8. Chapter 14: Improper file access
Non-Textbook ReadingNon-Textbook ReadingNEW:– Secure Design Patterns, Software Engineering Institute, Carnegie Mellon,
www.cert.org/archive/pdf/09tr010.pdf
OLD:– Lodderstedt et. al, SecureUML: A UML-Based Modeling Language for Model-Driven Security,
http://kisogawa.inf.ethz.ch/WebBIB/publications-softech/papers/2002/0_secuml_uml2002.pdf – B. Littlewood, P. Popov, L. Strigini, "Modelling software design diversity - a review", ACM
Computing Surveys, Vol. 33, No. 2, June 2001, pp. 177-208, http://portal.acm.org/citation.cfm?doid=384192.384195
– I. Alexander, Misuse Cases: Use Cases with Hostile Intent, IEEE Software, vol. 20, no. 1, pp. 58-66, Jan./Feb. 2003. http://www.computer.org/portal/web/csdl/doi/10.1109/MS.2003.1159030
– B. Schneier on Security, http://schneier.com/blog/archives/2007/05/is_penetration.html– P. Meunier, Classes of Vulnerabilities and Attacks, Wiley Handbook of Science and Technology
for Homeland Security, http://homes.cerias.purdue.edu/~pmeunier/aboutme/classes_vulnerabilities.pdf
CSCE 548 - Farkas 6
CSCE 548 - Farkas 7
Final ExamFinal Exam
April 25, 2012, 5:30 pm – 7:30 pmRoom: 2A 15Closed book – 1 page cheat sheet
19 deadly Sins19 deadly Sins
Overview of the sinAffected languagesOverview of the sin -- at the level of
presentations, focusing on the text bookHow to detect? Best practices
CSCE 548 - Farkas 8
Sample Questions – 19 Sample Questions – 19 deadly sinsdeadly sins
Explain why casting operations may lead to integer overflows. Why is it dangerous to use “gets” to read input in C/C++ code? Recommend
an alternate. What is the difference between attack patterns and taxonomy of programming
errors? Indirect information flow may be created by inferences. Give an example of
an unauthorized inference that cannot be controlled using traditional access control.
Show an example code for SQL Injection. Explain the security problem. Why does a failed Windows impersonation create a security problem if not
handled properly? Show the binary representations of the decimal numbers +70 and +80. Show
their addition using an 8 bits register.
CSCE 548 - Farkas 9
Sample QuestionsSample Questions
Explain a way how buffer overruns occur. Which languages are the most vulnerable?
Define covert and overt communication channels. Explain the 2 stages of the buffer overrun attack. Why do we have binary arithmetic operations that yield results different on
paper than by a computer. Give an example. What type of access control Windows support? Give a common access
control mistake in Windows environment. Should stored data be protected by the operating system security or by
database management system security?
CSCE 548 - Farkas 10