10 Tips for Securely Developing Applications
10 Tips for Securely Developing Applications
It seems that cyberattacks are becoming more and more prevalent every year. In this post, we go over some basics your team should know to avoid vulnerabilities.
Join the DZone community and get the full member experience.Join For Free
Over the last few months, we have witnessed a growth in awareness programs on the safe development of applications. In the tenth edition of SEGURINFO in Argentina, this has been reflected in numerous exhibitions focused on supporting this theme.
Among them, we find the talk of Ivan Arce, director of the ICT Security Program for the Sadosky Foundation, who presented on how to avoid the 10 most frequent security problems in software design.
Security in software products is an emergent property dictated by the cohesion of multiple factors throughout the development process, from its very conception to the death of the product. When we talk about evaluating the security of computer programs, we refer to a set of activities throughout the development cycle that arise during the ideation of the system and extend over the design, coding, and strengthening of it.
We should not fall into the mistake of confusing the security of the system with the characteristics of the system, such as the use of certain protocols like SSL. Nor should we confuse it with the security components that are immersed in the architecture of the system, such as the presence of firewalls, or limit it to compliance with a particular regulation or certification.
Product safety is a dynamic property that varies over time, and which is critical if we consider the role that these applications play in modern society. It arises after recognizing that there are attackers and that they are willing to try every potential entry path to gain control of the system, and therefore force software development companies to think about control mechanisms to resist these attacks.
It is estimated that 50% of the vulnerabilities in systems have their origin in design flaws. The latter differ from implementation failures - commonly known as bugs, arising in coding or testing - as they are born early in the development process and have such a profound impact on the system that they can lead to the re-engineering of the system. This is why it is crucial to deploy the necessary resources to identify and fix these design flaws early, in order to reduce the cost that associated with vulnerabilities.
How Do We Guide Safe Development?
To help assess the maturity of security in the software development process, the exhibitor presents a list of common problems when designing applications, which may affect security in the final product. Let's see what these tips for safe design are.
1. No Component Is Reliable Until Proven Otherwise
A common error in software development is to encompass sensitive functionality in an execution environment over which we have no control whatsoever. One should not assume that the components of the system are reliable until this can be demonstrated.
For example, if we have a client-server environment, precautions should be taken against possible adulterated clients by deploying verification mechanisms. We must think that this is in the domain of the user, who will not always have the best intentions.
2. Delineate Difficult-to-Circumvent Authentication Mechanisms
Authentication is the process that allows us to prove the identity of the user and assign a unique identifier. The development of centralized authentication methods that cover every possible entry path is one of the pillars in the construction of secure applications.
If it is web pages, we must think about which sites will require the management of authenticated users, and take care that undue third parties do not interfere in the system from unprotected URLs. The use of multiple authentication factors will allow us to reinforce the system by checking not only what the user knows but also what they have access to.
3. Authorization in Addition to Authentication
Authorization is the process that designates whether an authenticated user can or cannot perform an action that changes the state of the system. The authorization processes on authenticated users must be built-in from the design phase and prevent against sessions that have fallen into the wrong hands.
4. Separate Data From Control Instructions
5. Validate All Data Explicitly
The entries to the system should be evaluated with a philosophy of whitelisting by blacklisting: determine what will be allowed, and deny everything else. We must think that an attacker interprets the data as possible programming languages, with the intention of manipulating the state of the system. Therefore, it becomes necessary to inspect this input data, generating automatic procedures to take them to well-known canonical forms.
In addition, this validation of entries must occur close to the moment in which the data is, in fact, used, since the phase shift between validation and use provides a window of opportunity for the generation of attacks.
To implement this, common components can be designed to centralize validations both syntactic (structural) and semantic (of meaning), and take advantage of the types of data present in the programming language with which we are working.
6. Use Cryptography Correctly
An understanding of the cryptographic notions that apply to the development system is necessary to be able to understand what elements and what characteristics of them are seeking to be protected, against what forms of attack, and, consequently, the best way to achieve this objective.
The creation of your own cryptographic solutions is a risky decision that can lead to a defective system, and, therefore, it is strongly discouraged. Instead, you should find libraries and tools that allow you to increase your security.
7. Identify Sensitive Data and How it Should Be Managed
It is difficult to protect our information if we are not clear about what we really want to take care of. The definition of the data whose protection is fundamental for the operation of the system is critical since, from it, we can begin to outline the processes for the design of security from the very beginning of the development cycle, and not as an add-on in the implementation or deployment stages.
8. Always Consider the Users of the System
A technically perfect system that does not meet the needs of users is a useless system. Usable security protocols must be one of the goals to reach when the security objectives of the system are laid out. On the one hand, it is not prudent to transfer security issues to the user that can be solved by the developers themselves, in order to avoid fatigue.
On the other hand, it is necessary to maintain communication with the user to grant a certain degree of transparency about how the system operates. The default configuration should be the secure configuration, always.
9. The Integration of Components Changes the Attack Surface
Current applications are complex systems with many components interacting simultaneously. Each time a change is made to the system, the security landscape changes and must be re-evaluated. This reexamination is the result of the coordination between the areas and projects.
The components must be analyzed in a unified way and developers should take into account how they are combined, maintained, or replaced.
10. Consider Future Changes in Objects and Actors
From the design, we must consider that the properties of the system and its users change constantly. Some factors to consider are the growth of the user population, how migrations affect the system, or how they will affect future vulnerabilities on components that have been deployed on a large scale.
The updating procedures must be designed with a future horizon of months, years or even decades.
Current organizations have begun to understand that the identification and early remediation of problems has a cost inversely proportional to the time the error remains in the system.
The establishment of a secure development cycle through the implementation of a security-oriented design model that generates synergy between the area of security and development brings us one step closer to the deployment of more robust and much more profitable applications.
Opinions expressed by DZone contributors are their own.