We are becoming more and more aware of the consequences of security problems with it now becoming common place to see headlines about a hack, breach or loss of data.
The causes of these incidents is often a mixture of honest mistakes, incompetence or naivety, and unfortunately in the majority cases the exploit stems from a well known problem or vulnerability that could of been protected against.
The Open Web Application Security Project (OWASP) is a non-profit organisation trying to share knowledge to ensure that everybody can continually learn how to secure software and infrastructure, allowing everyone in the industry to protect each other by sharing their experiences.
As part of this mission OWASP have devised a set of core principles to ensure that security is built in to our coding, presented below are some of the themes of those principle.
Keep It Secure Stupid
As with so many aspects of software engineering following certain core principles brings unintended rewards, you succeed without even trying.
Many security problems are caused by bugs with unfortunate consequences, the more complex a code base the more likely it is that these kind of defects will be accidentally created.
Following principle such as KISS and YAGNI while also applying strong separation of concerns will help minimise the surface area of any potential attack.
Proper engineering discipline we also make it easier to identify opportunities for defence in depth whilst also ensuring that everyone working on the code base understands the routes in and out of the system and how they should be secured.
Default to Secure
The majority of attacks that cause a system to give up more than it should arise from forcing an unexpected error state or otherwise causing some aspect of the system to fail.
This type of behaviour can be seen in attack such as buffer overflow or processing unvalidated input data such as a SQL injection attack.
Its is key in these situations to put no faith or trust in the world outside the system your working on, check everything and assume that any possible error could happen.
Once you have this attitude of distrust you can ensure that your code defaults to a secure position whenever these errors occur.
Not only is this producing a more secure system its also providing a better user experience by avoiding crashes or other undesirable behaviour.
Assume they Know Everything
Its an often spoken adage to avoid security by obscurity but unfortunately one that we don't always follow.
The security of your system should not rely on secrecy of implementation, you should be in a position where an attacker who knows every aspect of your system is still unable to formulate a successful attack.
The security of a bank vault is not dependent on robbers not knowing its location, make or model, and in a similar fashion code should be protected from the security that comes from well understood and well implemented security protocols.
The importance of security in software engineering is only going to grow and will soon become a string all developers will need to have to their bow.
Security can't be left to the user and even if you or they don't consider the data in question sensitive it may well be the key that allows an attacker to compromise something the user does want to protect, thinking the world is out to get you and nobody can be trusted is in this circumstance is a very healthy attitude to take..
No comments:
Post a Comment