Thinking security while creating software is a must that more designers need to consider these days because not going that route is a recipe for disaster. Just ask Target.
That is why security researchers from Cigital, Google, Twitter, HP, McAfee, EMC, RSA, Harvard University, George Washington University, Athens University of Economics and Business, the Sandosky Foundation, and the University of Washington joined up with the IEEE Center for Secure Design and published a report looking at 10 of the most common software security design flaws.
IEEE Computer Society Center for Secure Design Participants are, Iván Arce, Sadosky Foundation; Neil Daswani, Twitter; Jim DelGrosso, Cigital; Danny Dhillon, RSA; Christoph Kern, Google; Tadayoshi Kohno, University of Washington; Carl Landwehr, George Washington University; Gary McGraw, Cigital; Brook Schoenfield, McAfee, Part of Intel Security Group; Margo Seltzer, Harvard University; Diomidis Spinellis, Athens University of Economics and Business; Izar Tarandach, EMC, and Jacob West, HP.
The organizations came up with a top 10 list during a workshop session this spring, where each brought examples of design flaws it had experienced.
So far the security industry targets finding and eradicating security vulnerabilities. But design flaws, such as using encryption incorrectly or not validating data properly, can also end up exploited by attackers or lead to security bugs. As a matter of fact, these issues could be more difficult to eradicate as they built in. That is one reason why software designers need to think about security as they create the software.
Target’s data breach ended up being a design flaw leading to a hack.
The report recommends how to prevent each of the 10 most common software security design flaws:
1. Earn or give, but never assume, trust.
2. Use an authentication mechanism that cannot end up bypassed or tampered with.
3. Authorize after you authenticate.
4. Strictly separate data and control instructions, and never process control instructions received from untrusted sources.
5. Define an approach that ensures all data end up explicitly validated.
6. Use cryptography correctly.
7. Identify sensitive data and how you should handle it.
8. Always consider the users.
9. Understand how integrating external components changes your attack surface.
10. Be flexible when considering future changes to objects and actors.
Click here to view the full report.