C706 Secure Software Design Study
Guide
Confidentiality - ✔️Information is not made available or disclosed to unauthorized
individuals, entities, or processes. Ensures unauthorized persons are not able to
read private and sensitive data. It is achieved through cryptography.
Integrity - ✔️Ensures unauthorized persons or channels are not able to modify the
data. It is accomplished through the use of a message digest or digital signatures.
Availability - ✔️The computing systems used to store and process information, the
security controls used to protect information, and the communication channels used
to access information must be functioning correctly. Ensures system remains
operational even in the event of a failure or an attack. It is achieved by providing
redundancy or fault tolerance for a failure of a system and its components.
Ensure Confidentiality - ✔️Public Key Infrastructure (PKI) and
Cryptography/Encryption
Ensure Availability - ✔️Offsite back-up and Redundancy
Ensure Integrity - ✔️Hashing, Message Digest (MD5), non repudiation and digital
signatures
Software Architect - ✔️Moves analysis to implementation and analyzes the
requirements and use cases as activities to perform as part of the development
process; can also develop class diagrams.
Security Practitioner Roles - ✔️Release Manager,
Architect, Developer, Business Analyst/Project Manager
Release Manager - ✔️Deployment
Architect - ✔️Design
Developer - ✔️Coding
Business Analyst/Project Manager - ✔️Requirements Gathering
Red Team - ✔️Teams of people familiar with the infrastructure of the company and
the languages of the software being developed. Their mission is to kill the system as
the developers build it.
, Static Analysis - ✔️A method of computer program debugging that is done by
examining the code without executing the program. The process provides an
understanding of the code structure, and can help to ensure that the code adheres to
industry standards. It's also referred as code review.
MD5 Hash - ✔️A widely used hash function producing a 128-bit hash value. Initially
designed to be used as a cryptographic hash function, it has been found to suffer
from extensive vulnerabilities. It can still be used as a checksum to verify data
integrity, but only against unintentional corruption.
SHA-256 (Secure Hash Algorithm) - ✔️One of a number of cryptographic hash
functions. A cryptographic hash is like a signature for a text or a data file. Generates
an almost-unique, fixed size 32-byte
(32 X 8) hash. Hash is a one-way function - it cannot be decrypted.
Advanced Encryption Standard (AES) - ✔️A symmetric encryption algorithm. The
algorithm was developed by two Belgian cryptographers Joan Daemen and Vincent
Rijmen. Designed to be efficient in both hardware and software, and supports a
block length of 128 bits and key lengths of 128, 192, and 256 bits.
Algorithms used to verify integrity - ✔️MD5 Hash, SHA-256
Algorithm used to verify confidentiality - ✔️Advanced Encryption Standard (AES)
Stochastic - ✔️unintentional or accidental
safety-relevant faults - ✔️stochastic (i.e., unintentional or accidental)
security-relevant faults - ✔️"Sponsored," i.e., intentionally created and activated
through conscious and intentional human agency.
Fuzz Testing - ✔️Used to see if the system has solid exception handling to the input
it receives. Is the use of malformed or random input into a system in order to
intentionally produce failure. This is a very easy process of feeding garbage to the
system when it expects a formatted input, and it is always a good idea to feed as
much garbage as possible to an input field.
Three (3) Tier - ✔️Removes the business logic from the client end of the system. It
generally places the business logic on a separate server from the client. The data
access portion of the system resides separately from both the client and the
business logic platform.
T-MAP - ✔️Defines a set of threat-relevant attributes for each layer or node. These
can be classified as probability-relevant, size-of-loss relevant, or descriptive. These
are primarily derived from Common Vulnerability Scoring System (CVSS). USC's
Threat Modeling based on Attacking Path analysis is a risk management approach
that quantifies total severity weights of relevant attacking paths for COTS-based
systems. Its strengths lie in its ability to maintain sensitivity to an organization's
Guide
Confidentiality - ✔️Information is not made available or disclosed to unauthorized
individuals, entities, or processes. Ensures unauthorized persons are not able to
read private and sensitive data. It is achieved through cryptography.
Integrity - ✔️Ensures unauthorized persons or channels are not able to modify the
data. It is accomplished through the use of a message digest or digital signatures.
Availability - ✔️The computing systems used to store and process information, the
security controls used to protect information, and the communication channels used
to access information must be functioning correctly. Ensures system remains
operational even in the event of a failure or an attack. It is achieved by providing
redundancy or fault tolerance for a failure of a system and its components.
Ensure Confidentiality - ✔️Public Key Infrastructure (PKI) and
Cryptography/Encryption
Ensure Availability - ✔️Offsite back-up and Redundancy
Ensure Integrity - ✔️Hashing, Message Digest (MD5), non repudiation and digital
signatures
Software Architect - ✔️Moves analysis to implementation and analyzes the
requirements and use cases as activities to perform as part of the development
process; can also develop class diagrams.
Security Practitioner Roles - ✔️Release Manager,
Architect, Developer, Business Analyst/Project Manager
Release Manager - ✔️Deployment
Architect - ✔️Design
Developer - ✔️Coding
Business Analyst/Project Manager - ✔️Requirements Gathering
Red Team - ✔️Teams of people familiar with the infrastructure of the company and
the languages of the software being developed. Their mission is to kill the system as
the developers build it.
, Static Analysis - ✔️A method of computer program debugging that is done by
examining the code without executing the program. The process provides an
understanding of the code structure, and can help to ensure that the code adheres to
industry standards. It's also referred as code review.
MD5 Hash - ✔️A widely used hash function producing a 128-bit hash value. Initially
designed to be used as a cryptographic hash function, it has been found to suffer
from extensive vulnerabilities. It can still be used as a checksum to verify data
integrity, but only against unintentional corruption.
SHA-256 (Secure Hash Algorithm) - ✔️One of a number of cryptographic hash
functions. A cryptographic hash is like a signature for a text or a data file. Generates
an almost-unique, fixed size 32-byte
(32 X 8) hash. Hash is a one-way function - it cannot be decrypted.
Advanced Encryption Standard (AES) - ✔️A symmetric encryption algorithm. The
algorithm was developed by two Belgian cryptographers Joan Daemen and Vincent
Rijmen. Designed to be efficient in both hardware and software, and supports a
block length of 128 bits and key lengths of 128, 192, and 256 bits.
Algorithms used to verify integrity - ✔️MD5 Hash, SHA-256
Algorithm used to verify confidentiality - ✔️Advanced Encryption Standard (AES)
Stochastic - ✔️unintentional or accidental
safety-relevant faults - ✔️stochastic (i.e., unintentional or accidental)
security-relevant faults - ✔️"Sponsored," i.e., intentionally created and activated
through conscious and intentional human agency.
Fuzz Testing - ✔️Used to see if the system has solid exception handling to the input
it receives. Is the use of malformed or random input into a system in order to
intentionally produce failure. This is a very easy process of feeding garbage to the
system when it expects a formatted input, and it is always a good idea to feed as
much garbage as possible to an input field.
Three (3) Tier - ✔️Removes the business logic from the client end of the system. It
generally places the business logic on a separate server from the client. The data
access portion of the system resides separately from both the client and the
business logic platform.
T-MAP - ✔️Defines a set of threat-relevant attributes for each layer or node. These
can be classified as probability-relevant, size-of-loss relevant, or descriptive. These
are primarily derived from Common Vulnerability Scoring System (CVSS). USC's
Threat Modeling based on Attacking Path analysis is a risk management approach
that quantifies total severity weights of relevant attacking paths for COTS-based
systems. Its strengths lie in its ability to maintain sensitivity to an organization's
