Beginner Guide to Secure Coding Practices | Lucideus Research

All of us are aware of the humongous codes that go behind building large information systems. While codes can be difficult to maintain at times, they are also more susceptible to vulnerabilities owing to the number of programmers involved in programming a certain system. Therefore, it is not only an advantage but an unavoidable principle to stick to secure coding practices to write robust codes.

This post enumerates the practices that can be used to write codes to prevent your systems from any security hassles.

1. Designing Policies: The architecture is the foundation of any system. It lays down the security policies about how a system will behave when its security is compromised. Therefore, designing an architecture to prevent any breach will bolster our stance to take further measures. A few ideas are enlisted below that will help in designing the policies:
The security policies should be implemented within the architecture. This would ensure the security at the most basic level of the system.
Using SDLC (Systems Development Life Cycle) will ensure the analysis of the code and rectify it as soon as the malicious code is written.
     
2. Granting Privileges: Granting minimum privileges will prevent infiltration into the system. It involves restricting privileges for applications, users and processes etc. so that they only perform legitimate activities and do not violate the security protocol. The following practices will make sure that the right privileges are granted:
A validation system will help to authorize users for certain privileges and also terminate the unauthorized privileges.

Any elevated privilege that an application seeks must be granted for minimum time.
A classification system can be set up that classifies data and assigns role-based privileges to data.

The following code snippet helps in revoking excess privileges granted to user Bhavik on Database Users in MySQL:

mysql> REVOKE SELECT, INSERT, DELETE, UPDATE ON Users TO ‘Bhavik'@'localhost;

3. Modelling threats: Modelling threats to which a system will be subjected to will enable to ascertain the possible threats. The main principle behind threat modelling is to provide the user with the possible profile of the attacker and the imminent attack it will face. This would ensure to map threats to the assets such as servers, routers etc. An automated threat modelling tool would ensure the analysis of the threats and subsequently facilitate remediation.

4. Sanitizing data that is sent to other systems: The data that is sent to other information systems can be retrieved by the attackers using SQL. The data that is sanitized is destroyed irreversibly and it can’t be retrieved by invoking any functionality of SQL or other injection attacks. The sanitized data does not leave behind any residue and it cannot be recovered using any forensic tools.

The attacker will try to send in some input to breach the security of a system. Languages such as C and C++ do not care about the length of the string because at a broader level, the string is an array of characters. Hence, the attacker will try to fit in the malicious data or overflow the array to breach the security.

Example: The following C++ code will remove illegal characters “\:?\"<>|” from a string s:

string::iterator it;
string illegalChars = "\:?\"<>|";
for (it = s->begin() ; it < s->end() ; ++it){
    bool found = illegalChars.find(*it) != string::npos;
    if(found){
        *it = ' ';
    }
}

5. Assuring Quality to eliminate the vulnerabilities: Several techniques can be used to eliminate the vulnerabilities of a system. Techniques such as fuzz testing and penetration testing etc. can be used to assure that the quality of the systems is maintained.

Fuzz Testing: Fuzz Testing involves subjecting a system to random, invalid or unexpected data and accessing the system for any crashes and unexpected behaviour. An efficient fuzz testing system generates an input that exposes the corner cases and helps to evaluate the security risks. The fuzzer differentiates between the crashing inputs and non - crashing inputs. Crashes can be easily identified and they indicate vulnerability but the absence of crashes does not indicate the absence of vulnerability.

Penetration Testing: The primary objective of penetration testing is to assess security weaknesses of a system. It involves subjecting the system to risks or possibilities that the attackers could exploit. The system is hacked by the Pen Testers so that possible vulnerabilities that the system may suffer at a later stage are revealed beforehand. The assets are broken into by the Pen Testers in the fashion that may be adopted by the attackers. This exposes vulnerabilities and loopholes that are left while securing the network or system.

Remediation: Remediation involves analysis of risks and consistently remediating vulnerabilities enable the security risks to be mitigated. Remediation involves addressing some basic queries such as characteristics of the incident, the process enabling the breach of security or the systems affected etc. and thereafter, planning the future roadmap.

It requires constant assessment of the assets. There must be proper processes in an organisation to detect the vulnerabilities using adequate tools and services. Once the vulnerabilities or threats are detected, possible ways to eradicate are ascertained. After the eradication of threats is done, the system is again looked up for vulnerabilities to make sure that the process was effective.

Conclusion:
The security of any information system is of paramount importance. It is inevitable to have a system that can sustain attacks and breaches. Therefore, the coding practices enumerated above will ensure that the security of a system does not suffer a setback.

References:
https://nigesecurityguy.wordpress.com/2013/06/13/vulnerability-assessment-remediation/
https://wiki.sei.cmu.edu/confluence/display/seccode/Top+10+Secure+Coding+Practices
https://www.checkmarx.com/2015/07/01/9-secure-coding-practices-you-cant-ignore/

Post a Comment

0 Comments