S e c u r e S o ft w a r e D e v e l o p m e n t 1

SSD

Secure
P E S
C r e a ti o n s

Soft ware Development

Sonia Rafaqat
 Secure Software Development 2

Secure Design & Architecture

Sonia Rafaqat
 Secure Software Development 3
Secure software design and architecture refer to the practice
of incorporating security principles and considerations into
the design and structure of software systems. It involves
implementing robust security controls, mechanisms, and
architectural patterns to protect against potential threats
and vulnerabilities.

Introduction! The importance of secure software design and architecture

cannot be overstated. It plays a critical role in protecting
sensitive data, maintaining the integrity of systems, and
preventing unauthorized access or abuse. By incorporating
security principles from the initial design stages,
organizations can significantly reduce the risk of security
breaches, data loss, financial losses, and reputational
Sonia Rafaqat damage.
 Secure Software Development 4

Principles & Best Practices!

In secure software design and architecture, several key principles and best practices are followed:
1. Principle of Least Privilege:
The principle of least privilege states that users, processes, and components should have only the minimum level of
access necessary to perform their required tasks. By granting the least amount of privilege, the potential impact of a
compromised component or user is minimized, reducing the risk of unauthorized access or malicious activities.
2. Defense in Depth:
The defense-in-depth principle emphasizes the use of multiple layers of security controls. By implementing a
layered approach, other layers provide additional protection even if one layer is compromised. This principle helps
to create overlapping security measures, making it more difficult for attackers to breach the system.
3. Fail-Safe Defaults:
Fail-safe defaults recommend designing systems with secure defaults. This means that by default, the system
should be configured to enforce strong security measures. This includes using secure settings, enabling encryption,
disabling unnecessary services, and implementing secure default access controls. It ensures that even if
configuration errors occur or users fail to modify default settings, the system remains secure.
Sonia Rafaqat
 Secure Software Development 5

Principles & Best Practices!

4. Secure Communication:
Secure communication principles focus on protecting data during transmission. This involves using secure protocols
(e.g., HTTPS, TLS) to encrypt communication channels, ensuring data integrity and confidentiality. Implementing
secure communication helps protect against eavesdropping, tampering, and data interception by malicious entities.
5. Input Validation and Sanitization:
Input validation and sanitization principles involve validating and sanitizing all user inputs to prevent injection
attacks, such as SQL injection or cross-site scripting (XSS). Input should be validated for expected format, length,
and data type, and sanitized to remove any malicious content or characters that could be used to exploit
vulnerabilities.
6. Secure Error Handling:
Secure error handling principles recommend handling errors and exceptions in a way that doesn't expose sensitive
system information to potential attackers. Error messages should provide minimal details, avoiding the disclosure of
system internals or sensitive data. Meaningful error messages can help developers and administrators diagnose
issues without providing information that could be used against the system.
Sonia Rafaqat
 Secure Software Development 6

Principles & Best Practices!

7. Cryptography and Secure Storage:
Cryptography principles involve using strong encryption algorithms and secure key management practices to
protect sensitive data at rest and in transit. This includes encrypting stored data, protecting passwords and
credentials, and securely storing encryption keys. Cryptography helps prevent unauthorized access or exposure of
sensitive information.
8. Secure Software Development Lifecycle (SDLC):
The secure SDLC principle promotes integrating security throughout the software development process. This
includes performing security requirements analysis, conducting security testing and code reviews, and
implementing secure coding practices. By incorporating security at each stage of the SDLC, potential vulnerabilities
can be identified and addressed early, reducing the risk of security breaches.
By applying these secure design principles, developers and architects can create software systems that are more
resilient to security threats, protect sensitive data, and minimize the risk of security incidents. It is important to note that
these principles should be tailored to the specific needs and requirements of each software project and regularly
reviewed and updated to address emerging security challenges and evolving threats.
Sonia Rafaqat
 www.website.com 7

Defense in Depth
Approach
 Secure Software Development 8

Defense In Depth Approach!

The defense-in-depth approach is a security strategy that involves implementing multiple layers of security controls
at various levels of an information system to provide a layered defense against potential threats and attacks. This
approach recognizes that no single security measure can provide complete protection against all possible threats.
Instead, it combines multiple complementary security controls to create overlapping layers of defense, making it
more difficult for attackers to penetrate the system and achieve their objectives.
The defense in depth approach typically consists of three primary layers:

Outer Layer (Perimeter Security):

The outer layer focuses on protecting the system from external threats. It includes measures such as firewalls,
intrusion detection and prevention systems (IDPS), network segmentation, and secure gateway configurations. These
controls help to filter incoming traffic, detect and block malicious activities, and prevent unauthorized access to the
network.

Sonia Rafaqat
 Secure Software Development 9

Defense In Depth Approach!

Middle Layer (System and Application Security):
The middle layer focuses on securing the individual systems, applications, and data within the network. It involves
implementing security controls such as access controls, strong authentication mechanisms, secure coding practices,
vulnerability management, and secure configurations. These controls protect against threats such as unauthorized
access, code-level vulnerabilities, and data breaches.

 Inner Layer (Data and User Security):

The inner layer focuses on protecting the most critical assets, such as sensitive data and privileged user accounts. It
includes encryption, data loss prevention (DLP) solutions, user access controls, and auditing and monitoring
mechanisms. These controls safeguard data integrity, confidentiality, and availability, and help detect and respond to
insider threats or unauthorized user activities.

Sonia Rafaqat
 www.website.com 10

Secure
Architecture
Patterns
 Secure Software Development 11

Secure Architecture Patterns!

Secure architecture patterns are design frameworks or principles that provide guidelines for building secure software
systems. These patterns help developers incorporate security considerations into the architectural design of
applications, ensuring that security controls and mechanisms are appropriately implemented. By following secure
architecture patterns, organizations can enhance the overall security of their software systems and protect against
potential threats and vulnerabilities. Here are some commonly used secure architecture patterns:
Layered Architecture:
Layered architecture is a common pattern where the software system is divided into multiple layers, with each layer
having specific responsibilities and functionalities. Each layer communicates with adjacent layers through defined
interfaces. This pattern helps enforce separation of concerns and isolation of sensitive data or components, making
it easier to apply security controls and protect against unauthorized access.

Sonia Rafaqat
 Secure Software Development 12

Secure Architecture Patterns!

Microservices Architecture:
Microservices architecture involves decomposing a software application into a collection of loosely coupled,
independently deployable services. Each microservice handles a specific business capability and communicates with
others through well-defined APIs. This pattern allows for granular security controls, where each microservice can
have its own authentication, authorization, and encryption mechanisms. It enables the isolation of security-sensitive
functions and reduces the impact of a security breach by containing it within a single microservice.

Service-Oriented Architecture (SOA):

SOA is an architectural pattern where the system is composed of loosely coupled services that communicate with
each other using standard protocols. This pattern promotes reusability, modularity, and interoperability. By applying
security controls at the service level, organizations can ensure that each service has its own security mechanisms and
access controls. Additionally, security services like identity and access management can be centralized to provide
consistent security across the system.

Sonia Rafaqat
 Secure Software Development 13

Secure Architecture Patterns!

Single Sign-On (SSO):
SSO is a pattern that allows users to authenticate once and access multiple applications or services without the need
to re-enter credentials. This pattern simplifies the user experience and reduces the risk of weak passwords or
multiple credentials. Implementing SSO securely involves using strong authentication protocols, secure token
exchange, and appropriate session management techniques.

Auditing and Logging:

The auditing and logging pattern focuses on capturing and recording security-relevant events and activities within
the system. This pattern helps with forensic analysis, compliance, and post-incident investigations. By incorporating
logging mechanisms at various layers of the architecture, organizations can monitor and track security-related
events, detect anomalies, and identify potential security breaches.

Sonia Rafaqat
 Secure Software Development 14

Secure Architecture Patterns!

The importance of secure architecture patterns lies in their ability to provide a structured approach to incorporating
security controls and mechanisms into the design of software systems. By following these patterns, organizations
can proactively address security concerns, reduce vulnerabilities, and protect against potential threats. Secure
architecture patterns also promote consistency, scalability, and maintainability of security controls across the system.
They serve as a guide for developers and architects to build secure and resilient software systems that can withstand
evolving security challenges.

Sonia Rafaqat
 Secure Software Development 15

Secure Coding Practices

Sonia Rafaqat
 Secure Software Development 16

Secure Coding!
Secure coding refers to the practice of writing software code that is robust, resilient, and resistant to potential
security vulnerabilities and attacks. It involves implementing security best practices and adhering to secure coding
guidelines to minimize the risk of introducing vulnerabilities into software systems.
The importance of secure coding cannot be overstated. Here are some reasons why it is crucial:

Vulnerability Prevention: Secure coding helps prevent the introduction of vulnerabilities that could be
exploited by attackers to compromise the confidentiality, integrity, or availability of software systems. By following
secure coding practices, developers can minimize the risk of common coding errors and vulnerabilities.

Risk Mitigation: Software vulnerabilities can lead to significant financial losses, reputational damage, and legal
consequences for organizations. Secure coding reduces the risk of security breaches, data breaches, and other
security incidents, thereby mitigating the potential impact and associated costs.

Sonia Rafaqat
 Secure Software Development 17

Secure Coding!
Compliance Requirements: Many industry regulations and standards, such as the Payment Card Industry Data
Security Standard (PCI DSS) or the Health Insurance Portability and Accountability Act (HIPAA), require organizations
to follow secure coding practices. Compliance with these standards is crucial for organizations to operate legally and
maintain the trust of their customers.

Trust and Customer Confidence: Secure coding instills trust and confidence in users and customers. When
software systems are built with security in mind, users are more likely to trust the system with their sensitive data
and rely on its functionality. This enhances the reputation of the software and the organization behind it.

Before going into the details of secure coding practices, let’s have a look at some common coding vulnerabilities.

Sonia Rafaqat
 Secure Software Development 18

Coding Vulnerabilities!
Coding vulnerabilities refer to weaknesses or flaws in software code that can be exploited by attackers to
compromise the security and functionality of an application. These vulnerabilities can lead to security breaches, data
leaks, and unauthorized access to sensitive information. Let's discuss some common coding vulnerabilities in detail
along with examples:
Injection Attacks:
Injection attacks occur when untrusted data is inserted into a code statement, allowing attackers to manipulate the
intended behavior of the code. The most common types of injection attacks are SQL injection and OS command
injection.
Example - SQL Injection:
Consider the following code snippet that constructs a SQL query by concatenating user input:
String query = "SELECT * FROM users WHERE username = '" + userInput + "' AND password = '" + password + “’”;
If the user input is not properly validated and sanitized, an attacker can input ' OR '1'='1' as the user input. This input
would modify the query to retrieve all records from the users’ table, bypassing the intended authentication
mechanism.
Sonia Rafaqat
 Secure Software Development 19

Coding Vulnerabilities!
Cross-Site Scripting (XSS):
XSS vulnerabilities occur when untrusted data is displayed on a web page without proper sanitization, allowing
attackers to inject malicious scripts. These scripts can steal user data, manipulate page content, or perform
unauthorized actions.
Example:
Reflected XSS: Consider a website that displays user search queries in the search results page without proper
sanitization:
<h3>Search Results for: <%= userInput %></h3>
An attacker could input a malicious script as the user input, which would then be executed in the victim's browser
when they view the search results page.

Sonia Rafaqat
 Secure Software Development 20

Coding Vulnerabilities!
Cross-Site Request Forgery (CSRF):
CSRF vulnerabilities occur when an attacker tricks a victim into performing unintended actions on a web application
using the victim's authenticated session. This can lead to unauthorized actions, such as changing account settings or
making financial transactions.
Example: There is a popular online banking website called "BankABC" that allows users to transfer funds between
their accounts. When users want to transfer money, they need to visit the BankABC website, log in with their
credentials, and initiate the transfer from their account to another account. Now, imagine a malicious website called
"EvilSite" created by an attacker. The attacker knows that many BankABC users also visit EvilSite. The attacker wants to
exploit the trust between BankABC and its users to perform unauthorized transfers. Here's how the attack unfolds:
1. The attacker, knowing the structure of BankABC's transfer request, creates a hidden form on EvilSite with pre-filled values. This
form includes fields such as the recipient account number, the amount to transfer, and a submit button.
2. The attacker entices a BankABC user to visit EvilSite. This could be done through various means like sending phishing emails,
enticing social media posts, or even embedding the malicious form on a compromised legitimate website.

Sonia Rafaqat
 Secure Software Development 21

Coding Vulnerabilities!
3. When the BankABC user visits EvilSite, the hidden form is automatically submitted using JavaScript without the user's
knowledge. The user's browser, since it's still authenticated with BankABC, includes the user's session cookie in the request to
BankABC.
4. BankABC's server receives the request and sees that it contains a valid session cookie, indicating it's coming from an
authenticated user. It processes the request as if it was initiated by the user and transfers the specified amount to the
attacker's desired recipient account.
5. The user, unaware of the attack, continues browsing EvilSite or leaves the website.
Insecure Direct Object References (IDOR):
Insecure Direct Object References occur when an application exposes internal references, such as database keys or file names, in URLs
or parameters. Attackers can manipulate these references to access unauthorized data or perform unintended actions.
Example:
Suppose a web application uses a URL like http://app.com/profile?user_id=123 to display user profiles. If there are no proper access
controls in place, an attacker can modify the user_id parameter to access other users' profiles, potentially exposing sensitive
information.

Sonia Rafaqat
 Secure Software Development 22

Coding Vulnerabilities!
Security Misconfigurations:
Security misconfigurations occur when software or systems are not properly configured, leaving them vulnerable to
attacks. These vulnerabilities can include default or weak passwords, unnecessary open ports, or outdated software
versions.
Example:
Leaving the default administrative username and password unchanged on a web-based management interface exposes
the system to unauthorized access. Attackers can easily guess or discover the default credentials and gain complete
control over the system.
These are just a few examples of common coding vulnerabilities. It is crucial for developers to be aware of these
vulnerabilities, follow secure coding practices, and implement proper input validation, output encoding, and access
controls to mitigate the risk of these vulnerabilities in software applications.

Sonia Rafaqat
 Secure Software Development 23

Secure Coding Practices!

Secure coding principles and practices are essential guidelines and techniques that developers should follow to
minimize vulnerabilities and build more secure software applications. Here are some key principles and practices in
secure coding along with examples:
Input Validation and Sanitization:
Validate and sanitize all user-provided input to ensure it meets the expected format, length, and content. This helps
prevent injection attacks and other vulnerabilities.
Example:
If a web application accepts user input for a search query, it should validate and sanitize the input to prevent
potential cross-site scripting (XSS) attacks. Special characters and HTML tags should be properly escaped or
removed.
Output Encoding:
Ensure that all user-generated or dynamic content is properly encoded before being displayed in web pages or
other output contexts. This prevents XSS attacks by rendering user input as plain text instead of executable code.

Sonia Rafaqat
 Secure Software Development 24

Secure Coding Practices!

Example:
Instead of directly embedding user input into HTML elements like <div> or <span>, use output encoding
mechanisms provided by the programming language or web framework. For instance, in Java, use methods like
escapeHtml() in Apache Commons Text or HTML encoding functions in frameworks like Spring.

Secure Authentication and Authorization:

Implement strong authentication mechanisms and enforce proper authorization controls to ensure that only
authorized users can access sensitive resources or perform privileged actions.
Example:
Enforce password complexity requirements (e.g., minimum length, uppercase and lowercase letters, special
characters) and apply strong hashing algorithms (e.g., bcrypt) to store user passwords securely. Additionally,
implement role-based access controls (RBAC) to grant appropriate permissions to users based on their roles.

Sonia Rafaqat
 Secure Software Development 25

Secure Coding Practices!

Secure Session Management:
Implement secure session management techniques to protect user sessions from hijacking, fixation, and other
attacks. This involves generating secure session identifiers, setting proper session timeouts, and handling session
termination securely.
Example: Use secure, randomly generated session IDs that are resistant to guessing or brute-force attacks. Set
appropriate session timeouts to ensure that inactive sessions are invalidated after a specific period of inactivity.
Implement secure logout mechanisms to invalidate sessions properly.
Secure Error Handling:
Handle errors and exceptions securely to prevent the leakage of sensitive information or system details that can aid
attackers in exploiting vulnerabilities.
Example: Avoid displaying detailed error messages to end-users that reveal sensitive information or provide
insight into the system's internal workings. Instead, log errors securely for debugging purposes and present generic
error messages to users.

Sonia Rafaqat
 Secure Software Development 26

Secure Coding Practices!

Secure Communication:
Ensure that sensitive data transmitted over networks is protected through secure communication channels using
encryption and proper protocols like HTTPS.
Example:
When transmitting sensitive data, such as login credentials or financial information, always use secure
communication protocols like TLS/SSL. This prevents eavesdropping and data interception by encrypting the
information in transit.
Secure Coding Libraries and Frameworks:
Utilize secure coding libraries and frameworks that have undergone security testing and have a track record of
regular updates and patches.
Example:
Instead of implementing custom cryptographic algorithms, use well-established and tested cryptographic libraries
like OpenSSL or Bouncy Castle for encryption and hashing operations. These libraries have undergone extensive
security reviews and provide more robust implementations.
Sonia Rafaqat
 Secure Software Development 27

Secure Coding Practices!

Regular Security Testing and Code Reviews:
Conduct regular security testing, including penetration testing and vulnerability assessments, to identify and address
potential security issues. Additionally, perform code reviews to identify insecure coding practices and vulnerabilities
early in the development lifecycle.
Example:
Integrate security testing tools and frameworks, such as static code analysis tools, dynamic vulnerability scanners,
and security testing suites, into the development process. Regularly review code for potential security weaknesses
and involve security experts or third-party auditors for comprehensive security assessments.

By following these secure coding principles and practices, developers can significantly reduce the risk of introducing
vulnerabilities into their software applications. It is important to incorporate these practices into the entire software
development lifecycle, from design and implementation to testing and maintenance, to ensure the overall

Sonia Rafaqat
 S e c u r e S o ft w a r e D e v e l o p m e n t 28

SSD

Thanks
P E S
C r e a ti o n s

Sonia Rafaqat