A Literature Survey of the Development Processes for Secure Software

Turvalise tarkvara arendusprotsessidel on tähtis roll turvalise tarkvara kavandamisel, aga erinevate arendusprotsessidel vahel on rakse valikut teha ilma nendevahelie võrdluseta. Veel enam peale arendusprotsessi rakendamist tuleb valida meetodid, mida kasutada selle arendusprotsessi rakendamisel. Meetodite valikul tekib aga probleem, sest arendusprotsessides ei ole öeldud, milliseid meetodeid tuleks kasutada, et täita vajalikud tegevused turvalise tarkvara arendamiseks. Selle töö raames me võrdleme kolme erinevat turvalise tarkvara arendusprotsessi: Microsoft Security Development Lifecycle, OWASP CLASP ja Cigital’s Security Touchpoints. Järgmisena me keskendume valitud arendusprotsesside faasile, mis käsitleb turvariskide haldust ja viime läbi uuringu, et teada saada, mis on tänapäevased turvariski meetodid. Me anname nendest meetoditest lühikokkuvõtte ja võrdleme neid omavahel, mis loodetavasti lihtustab nende vahel valimist. Me koostame veel leitud meetoditest ühise vaate, mis aitab kaasa kõigi arendusprotsesside poolt pakutud tegevuste täitmisele selle faasis. See on vajalik, sest riskihaldus mängib suurt rolli turvalise tarkvara arendamisel ja erinevate riskihaldus meetodite kombineerimist saab kasutada, et avastada rohkem riske loodavast tarkvarast ja hiljem neid riske korrektselt leevendada.Secure software development processes are critical part of designing secure software. However, it is hard for the various stakeholders to make the decision about which software development process to choose without a comparison between them. Even further, after choosing the process, stakeholders have to decide which methods and techniques to use to fulfil activities required to develop secure software development processes. This is a problem, because there are a number of methods a stakeholder could use to fulfil these activities, but no explicit links between a method and development process. In this thesis firstly we perform comparison of three secure system development approaches namely Microsoft Security Development Lifecycle, OWASP CLASP and Cigital’s Security Touchpoints. In the next step we focus on step within these approaches, namely the security risk management and carry out an analytical survey to find out current methods for security risk management. We give a short overview and comparison between found methods, which potentially will help stakeholders to select their approach for designing secure software with the focus on security risk analysis. We also provide them with opportunity to perform all activities required in risk analysis phase of the development by giving them an aggregate view of risk management methods. This is essential, because risk analysis is a major part of developing secure software and combining different techniques can be used to discover and mitigate more risks in software under development

A Literature Survey of the Development Processes for Secure Software

Turvalise tarkvara arendusprotsessidel on tähtis roll turvalise tarkvara kavandamisel, aga erinevate arendusprotsessidel vahel on rakse valikut teha ilma nendevahelise võrdluseta. Veel enam peale arendusprotsessi rakendamist tuleb valida meetodid, mida kasutada selle arendusprotsessi rakendamisel. Meetodite valikul tekib aga probleem, sest arendusprotsessides ei ole öeldud, milliseid meetodeid tuleks kasutada, et täita vajalikud tegevused turvalise tarkvara arendamiseks. Selle töö raames me võrdleme kolme erinevat turvalise tarkvara arendusprotsessi: Microsoft Security Development Lifecycle, OWASP CLASP ja Cigital’s Security Touchpoints. Järgmisena me keskendume valitud arendusprotsesside faasile, mis käsitleb turvariskide haldust ja viime läbi uuringu, et teada saada, mis on tänapäevased turvariski meetodid. Me anname nendest meetoditest lühikokkuvõtte ja võrdleme neid omavahel, mis loodetavasti lihtsustab nende vahel valimist. Me koostame veel leitud meetoditest ühise vaate, mis aitab kaasa kõigi arendusprotsesside poolt pakutud tegevuste täitmisele selle faasis. See on vajalik, sest riskihaldus mängib suurt rolli turvalise tarkvara arendamisel ja erinevate riskihaldus meetodite kombineerimist saab kasutada, et avastada rohkem riske loodavast tarkvarast ja hiljem neid riske korrektselt leevendada.Secure software development processes are critical part of designing secure software. However, it is hard for the various stakeholders to make the decision about which software development process to choose without a comparison between them. Even further, after choosing the process, stakeholders have to decide which methods and techniques to use to fulfil activities required to develop secure software development processes. This is a problem, because there are a number of methods a stakeholder could use to fulfil these activities, but no explicit links between a method and development process. In this thesis firstly we perform comparison of three secure system development approaches namely Microsoft Security Development Lifecycle, OWASP CLASP and Cigital’s Security Touchpoints. In the next step we focus on step within these approaches, namely the security risk management and carry out an analytical survey to find out current methods for security risk management. We give a short overview and comparison between found methods, which potentially will help stakeholders to select their approach for designing secure software with the focus on security risk analysis. We also provide them with opportunity to perform all activities required in risk analysis phase of the development by giving them an aggregate view of risk management methods. This is essential, because risk analysis is a major part of developing secure software and combining different techniques can be used to discover and mitigate more risks in software under development

Security Risk Assessments: Modeling and Risk Level Propagation

Security risk assessment is an important task in systems engineering. It is used to derive security requirements for a secure system design and to evaluate design alternatives as well as vulnerabilities. Security risk assessment is also a complex and interdisciplinary task, where experts from the application domain and the security domain have to collaborate and understand each other. Automated and tool-supported approaches are desired to help manage the complexity. However, the models used for system engineering usually focus on functional behavior and lack security-related aspects. Therefore, we present our modeling approach that alleviates communication between the involved experts and features steps of computer-aided modeling to achieve consistency and avoid omission errors. We demonstrate our approach with an example. We also describe how to model impact rating and attack feasibility estimation in a modular fashion, along with the propagation and aggregation of these estimations through the model. As a result, experts can make local decisions or changes in the model, which in turn provides the impact of these decisions or changes on the overall risk profile. Finally, we discuss the advantages of our model-based method

Extending the Exposure Score of Web Browsers by Incorporating CVSS

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Yet its content differs from one browser to another. Despite the privacy and security risks of User-Agent strings, very few works have tackled this problem. Our previous work proposed giving Internet browsers exposure relative scores to aid users to choose less intrusive ones. Thus, the objective of this work is to extend our previous work through: first, conducting a user study to identify its limitations. Second, extending the exposure score via incorporating data from the NVD. Third, providing a full implementation, instead of a limited prototype. The proposed system: assigns scores to users’ browsers upon visiting our website. It also suggests alternative safe browsers, and finally it allows updating the back-end database with a click of a button. We applied our method to a data set of more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available here [4].</p

Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation

The rapid growth of the Internet interconnectivity and complexity of communication systems has led us to a significant growth of cyberattacks globally often with severe and disastrous consequences. The swift development of more innovative and effective (cyber)security solutions and approaches are vital which can detect, mitigate and prevent from these serious consequences. Cybersecurity is gaining momentum and is scaling up in very many areas. This book builds on the experience of the Cyber-Trust EU project’s methods, use cases, technology development, testing and validation and extends into a broader science, lead IT industry market and applied research with practical cases. It offers new perspectives on advanced (cyber) security innovation (eco) systems covering key different perspectives. The book provides insights on new security technologies and methods for advanced cyber threat intelligence, detection and mitigation. We cover topics such as cyber-security and AI, cyber-threat intelligence, digital forensics, moving target defense, intrusion detection systems, post-quantum security, privacy and data protection, security visualization, smart contracts security, software security, blockchain, security architectures, system and data integrity, trust management systems, distributed systems security, dynamic risk management, privacy and ethics

A geo-database for potentially polluting marine sites and associated risk index

The increasing availability of geospatial marine data provides an opportunity for hydrographic offices to contribute to the identification of Potentially Polluting Marine Sites (PPMS). To adequately manage these sites, a PPMS Geospatial Database (GeoDB) application was developed to collect and store relevant information suitable for site inventory and geo-spatial analysis. The benefits of structuring the data to conform to the Universal Hydrographic Data Model (IHO S-100) and to use the Geographic Mark-Up Language (GML) for encoding are presented. A storage solution is proposed using a GML-enabled spatial relational database management system (RDBMS). In addition, an example of a risk index methodology is provided based on the defined data structure. The implementation of this example was performed using scripts containing SQL statements. These procedures were implemented using a cross-platform C++ application based on open-source libraries and called PPMS GeoDB Manager

Resilience Strategies for Network Challenge Detection, Identification and Remediation

The enormous growth of the Internet and its use in everyday life make it an attractive target for malicious users. As the network becomes more complex and sophisticated it becomes more vulnerable to attack. There is a pressing need for the future internet to be resilient, manageable and secure. Our research is on distributed challenge detection and is part of the EU Resumenet Project (Resilience and Survivability for Future Networking: Framework, Mechanisms and Experimental Evaluation). It aims to make networks more resilient to a wide range of challenges including malicious attacks, misconfiguration, faults, and operational overloads. Resilience means the ability of the network to provide an acceptable level of service in the face of significant challenges; it is a superset of commonly used definitions for survivability, dependability, and fault tolerance. Our proposed resilience strategy could detect a challenge situation by identifying an occurrence and impact in real time, then initiating appropriate remedial action. Action is autonomously taken to continue operations as much as possible and to mitigate the damage, and allowing an acceptable level of service to be maintained. The contribution of our work is the ability to mitigate a challenge as early as possible and rapidly detect its root cause. Also our proposed multi-stage policy based challenge detection system identifies both the existing and unforeseen challenges. This has been studied and demonstrated with an unknown worm attack. Our multi stage approach reduces the computation complexity compared to the traditional single stage, where one particular managed object is responsible for all the functions. The approach we propose in this thesis has the flexibility, scalability, adaptability, reproducibility and extensibility needed to assist in the identification and remediation of many future network challenges

Through the garden fence

This project attempts to tie together different threads of my experience. It begins with the memory of looking through the garden fence and hedge of my childhood and considers the simultaneously separate and enmeshed lives of my immediate family and those outside of it. In this project I have engaged with the garden as a point of connection, a means by which to consider the possibility of more Edenic, sustainable futures rooted in concepts of care. An investigation into care, through my making, has been central to my research. Under the harsh structures of apartheid, the natural world carried on in spite of the social and environmental restrictions implemented by the apartheid government. I am interested primarily in human experiences of care, belonging and relationship against the backdrop of migrancy, the displacement of discarded people to infertile land, and the loss of indigenous cultures and natural areas. My intention in this work is for the viewer to be reminded of the unending cycles of nature - seasons, joy, nurturance and recurrence - in their silent yet peripatetic way. In this turning towards nature there is a recognition of the spiritual essence of the world as separate and distinct from humankind's inhumanity to each other. In a contemporary context, the prevalence of people from across Africa displaced into South Africa demands a closer consideration of human connections to the land, as does the recent crisis of Syrian migrants in Europe and the ensuing ethnic xenophobia. At present there are 60 million people displaced due to war, religious tension, politics and race. However, there is hope in the care provided by non-governmental organisations, the United Nations, governments and grassroots initiatives; people who want to help those with a bag and a child on their back

Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation

The rapid growth of the Internet interconnectivity and complexity of communication systems has led us to a significant growth of cyberattacks globally often with severe and disastrous consequences. The swift development of more innovative and effective (cyber)security solutions and approaches are vital which can detect, mitigate and prevent from these serious consequences. Cybersecurity is gaining momentum and is scaling up in very many areas. This book builds on the experience of the Cyber-Trust EU project’s methods, use cases, technology development, testing and validation and extends into a broader science, lead IT industry market and applied research with practical cases. It offers new perspectives on advanced (cyber) security innovation (eco) systems covering key different perspectives. The book provides insights on new security technologies and methods for advanced cyber threat intelligence, detection and mitigation. We cover topics such as cyber-security and AI, cyber-threat intelligence, digital forensics, moving target defense, intrusion detection systems, post-quantum security, privacy and data protection, security visualization, smart contracts security, software security, blockchain, security architectures, system and data integrity, trust management systems, distributed systems security, dynamic risk management, privacy and ethics