Return to book
Review this book
About the author
Introduction
1. Access Control
2. Authentication
3. Biometrics
4. Crypto Engineering
- 4.1. Software Crypto
- 4.2. Hardware Crypto
5. Malware
- 5.1. Virus
- 5.2. Worm
- 5.3. Trojan Horse
- 5.4. Writing Virus
- 5.5. Rootkits
- 5.6. Anti-virus software
- 5.7. Inside popular software
6. Protecting Clients
7. Security and Usability
- 7.1. User Interface (UI)
- 7.2. Passwords
- 7.3. Cognitive Experiment
- 7.4. Insider Attacks
8. Secure Programming
- 8.1. Buffer overflow
  - 8.1.1. Buffer Overflow Protections
  - 8.1.2. Exploit Buffer Overflow
- 8.2. Secure C practice
- 8.3. secure-sensitive program
9. Physical Security
10. (Web Service) Architecture
- 10.1. Contents and Scripts
11. Confinements
- 11.1. chroot
- 11.2. JVM
- 11.3. Network Identity
- 11.4. Virtual Machine
- 11.5. Sandbox
12. Program Structure
- 12.1. Case study: 4.3BSD FTP Daemon
- 12.2. Case study: mailer
- 12.3. Case study: Web Browser
13. Security Analysis
- 13.1. Construction vs. Destruction
- 13.2. Analyze individual programs
- 13.3. Analyze overall system
- 13.4. Software Engineering Code of Ethics
- 13.5. Tools part 1: OS system calls
- 13.6. Tools part 2: fuzzing and more
- 13.7. Reconnaissance
14. The Internet of Things
- 14.1. Embedded Systems (Smart Devices)
- 14.2. Internet of Things Architecture
- 14.3. Case study: Thermostat
15. Logging
- 15.1. Loggin in practice
- 15.2. Log Incidents
- 15.3. Case study: PHP4 web server attack
16. After An Attack
- 16.1. Analyze a hacked system
- 16.2. Deleted Files
- 16.3. Monitor Intrusion
- 16.4. Conclusion
17. System Structure
- 17.1. Case study: build an e-commerce
- 17.2. Network Operation Center
- 17.3. Router Link Weakness
- 17.4. Remote Access
- 17.5. Question: store credit card number in database?
- 17.6. General Principle
18. Exams
- 18.1. Fall 2014 Midterm
- 18.2. Fall 2013 Midterm
- 18.3. Fall 2010 Midterm
- 18.4. Fall 2008 Midterm

Security Architecture and Engineering

Analyze overall system

You didn't build the system, but you are called to analyze if the system is secure. Not everyone had the training you did.

The earlier security check is done for the system, the better.

Analyzing systems: fewer components than line of code (easier), yet many details are abstracted away (harder).

System Performance

A property of the system, not any single component.
- How many elements depends on what level you are looking at (think of looking down from a flight.. What you see depends on how high you are in the sky).
Finding bottlenecks is important, however programmers' guess are often wrong.
Major performance improvements generally come from algorithmic changes, not from minor tweaks.
Build first, then measure, then optimize — but don’t surrender correctness.

System Elements

Web servers, database engines, etc.
Each element itself is a complex system.
Clarify each I/O:
- where its inputs come from
- what its outputs
- what happen if something is corrupted
When accessing elements
- What are the forms of access (token, password, RSA keys)?
- What sorts of access controls are there?
- Has the access being logged anywhere?
How does data flow across elements?
- Who talks to whom?
- What's the protocol?
- Is protocol safe?

Input filtering

Where can enemy input enter the system?
Are inputs properly checked?
What about back channels, such as DNS?
- Shellshock was used inside DNS to attack Apple servers.

System Management

More connectivities are needed to access different components of system.
System backups:
- How are disks backed up? Are backup settings different across different servers?

Where experience matter: what parts of the design seem more vulnerable?
* What parts of the design seem problematic?
* Some pieces are weaker than others?
* Trust your feeling, Luke.