AND-402-Design Pattern Threat Analysis Reusable Application Security Advice.pdf

Design Pattern Threat Analysis: Reusable Application Security Advice Rohit Sethi Sahba Kazerooni S it Cecur y ompass 04/29/09 | AND-402 Session Classification: Intermediate Agenda Design Phase Activities Security Analysis of Design Patterns Future Pattern Analysis Work 2 Design Phase Activities 3 Design Phase: Security Related Activities Analysis SDLC Process Develop Test DeployDesign Code Review Language specific Penetration Testing Source Code Maintenance Scanning Remediation Security Activity Threat ModelSecurity Requirements - Secure Coding Guidelines ReviewSecurity Specific Questionnaires 4 Microsoft Threat Modeling Process Requires completed application design Requires security know-how 5 Threat Model Shortcomings ? Time consuming ? MS Threat Model requires completed design ? Doesn’t show us how to implement the security controls ? Need for an efficient channel for analyzing security implications of design during design ? Need direction on where in our design we should implement security controls 6 Security Analysis of Core J2EE Patterns 7 Core J2EE Patterns Bible ? Maps functional needs of J2EE applications to framework level best practices using Design P tta erns 8 Some Core J2EE Patterns ? Presentation Tier Patterns I t ti Filt– n ercep ng er – Front Controller ? Business Tier Patterns – Business Delegate – Session Fa?ade ? Integration Later Patterns Data Access Object– – Web Service Broker 9 Traditional Approach Software Design Phase F ti l A l i f Software Functional Requirements Phase ? unc ona na ys s o Core J2EE Patterns ? Mapping functional Requirements with Pattern analysis results Implementation PhaseDesign Ph e Functional analysis of Patterns Mapping Pattern analysis to Software 10 Spec. Security Analysis of Patterns Approach Software Functional Design Phase ? Functional Analysis of Core J2EE Patterns Implementation Software Requirements Software Design Requirements Phase ? Ma