2 Web applications are easier to create than ever!

Презентация:

Advertisements

Похожие презентации

WiseImage Open Architecture. Why to open? Modern technology demands A growing amount of customers demands for custom commands The limited development.

Advertisements

S11-1PAT301, Section 11, October 2003 SECTION 11 ANALYSIS SETUP.

Overview of the Paysonnel CE. Overview Paysonnel CE Go to URL- 1 Click [Login to Paysonnel CE] 2 How to Log-in to Paysonnel CE 1 2.

S11-1 PAT318, Section 11, March 2005 SECTION 11 ANALYSIS SETUP.

© 2007 Cisco Systems, Inc. All rights reserved.DESGN v Structuring and Modularizing the Network Designing the Network Hierarchy.

© 2006 Avaya Inc. All rights reserved. Embedded File Management and SD-Card Handling.

The new generation of Supervisory System Main Features: MONITORING is based on reading and saving the values from the field and then using these values.

Unit 2 Users Management. Users Every user is assigned a unique User ID number (UID) UID 0 identifies root User accounts normally start at UID 500 Users'

Dynamic Designer Is the easy way for you to cut as much as 80% from the time and cost of getting your new products to market, and improving the old ones.

© 2006 Cisco Systems, Inc. All rights reserved. CIPT1 v Administration of Cisco Unified CallManager Release 5.0 Configuring Cisco Unified CallManager.

Lecture # Computer Architecture Computer Architecture = ISA + MO ISA stands for instruction set architecture is a logical view of computer system.

© 2006 Cisco Systems, Inc. All rights reserved.SNRS v Adaptive Threat Defense Examining Cisco IOS Firewall.

© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Configuring Groups and Policies Building an Agent Kit.

© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Using CSA Analysis Configuring Application Behavior Investigation.

WS17-1 WORKSHOP 17 DIRECT TRANSIENT ANALYSIS OF A CAR CHASSIS NAS122, Workshop 17, August 2005 Copyright 2005 MSC.Software Corporation.

Lesson 3 - HTML Formatting. Text Formatting Tags TagDescription Defines bold text Defines big text Defines emphasized text Defines italic text Defines.

WS15c-1 WORKSHOP 15C MODAL ANALYSIS OF TUNING FORK USING FINE MESH WITH TET4 ELEMENTS NAS122, Workshop 15c, August 2005 Copyright 2005 MSC.Software Corporation.

© 2002 IBM Corporation Confidential | Date | Other Information, if necessary © Wind River Systems, released under EPL 1.0. All logos are TM of their respective.

WS10a-1 WORKSHOP 10A MODAL ANALYSIS OF A CIRCUIT BOARD NAS122, Workshop 10a, August 2005 Copyright 2005 MSC.Software Corporation.

WS1c-1 WORKSHOP 1C NORMAL MODES ANALYSIS WITH FINE MESH NAS122, Workshop 1c, August 2005 Copyright 2005 MSC.Software Corporation.

Транксрипт:

2 Web applications are easier to create than ever!

3 Securing web applications is not nearly as easy!

4

5

6

7 > alert(document.cookie);

8

9

10

11 Application Page A Page B Page C Page D Data Object Write Append Read Write Read Delete Read

12 Application Page A Page B Page C Page D Data Object Write Append Read Write Read Delete Read Output HTML Data Object

13 Application Page A Page B Page C Page D Data Object Write Append Read Write Read Delete Read Output HTML Data Object

14 Application Page A Page B Page C Page D Data Object Write Append Read Write Read Delete Read Proxy that Enforces Security Policies

15 Application Page A Page B Page C Page D Data Object Write Append Read Write Read Delete Read Output HTML Data Object Proxy that Enforces Security Policies

Our Philosophy 16 Security policies should be attached to the data Security policies should be enforced automatically

17 Annotated Ruby on Rails Code Secure Ruby on Rails Code GuardRails Prevent Bugs and Security Vulnerabilities Improve Readability Easy to Use Access Control Policies Fine Grained Taint- Tracking

Design Goals Top Priority: Automatically enforce security policies Other Objectives: Preserve application functionality Easy for developers to use Lesser Goals: Minimize performance cost 18

19 Annotated Ruby on Rails Code Secure Ruby on Rails Code GuardRails Prevent Bugs and Security Vulnerabilities Improve Readability Easy to Use Access Control Policies Fine Grained Taint-Tracking

20 Annotated Ruby on Rails Code Secure Ruby on Rails Code GuardRails Prevent Bugs and Security Vulnerabilities Improve Readability Easy to Use Access Control Policies Fine Grained Taint-Tracking

21

if include_subprojects && !active_children.empty? ids = [id] + active_children.collect {|c| c.id} conditions = ["#{Project.table_name}.id IN (#{ids.join(',')})"] 22

if include_subprojects && !active_children.empty? ids = [id] + active_children.collect {|c| c.id} conditions = ["#{Project.table_name}.id IN (#{ids.join(',')})"] 23

if include_subprojects && !active_children.empty? ids = [id] + active_children.collect {|c| c.id} conditions = ["#{Project.table_name}.id IN (#{ids.join(',')}) AND #{Project.visible_by}"] 24

25 application_helper.rb 4 Checks project.rb 2 Checks projects_controller.rb 3 Checks acts_as_searchable.rb 1 Checks :read, :self, lambda{|user|self.is_public or user.memberships.include? self.id} :read, lambda{|user| self.is_public or user.memberships.include? self.id} class Project < ActiveRecord::Base # Project statuses STATUS_ACTIVE = 1… 1 GuardRails Annotation In Project model file:

Access Control Policy Annotations (policy_type, [target], [handler], mediator) :delete, :self, :admin :write, :password, lambda{|user|user.id == self.id } :append, :members, lambda{|user| user.belongs_to?(self)} 26

27 Annotated Ruby on Rails Code Secure Ruby on Rails Code GuardRails Access Control Policies Fine Grained Taint-Tracking

Dynamic Taint Tracking Protects against injection attacks 28 SELECT profile FROM users WHERE username= + user_name + User: + user_name + Good: user_name = jazzFan26 Bad: user_name = ; DROP TABLE users-- Good: user_name = DrKevinPhillips Bad: user_name = alert(document.cookie); SQL Injection: Cross-Site Scripting:

29

30 Application Page A Page B Page C Page D Data Object Write Append Read Write Read Delete Read

31 Application Page A Page B Page C Page D Data Object Write Append Read Write Read Delete Read Output HTML Data Object

Taint Propagation 32 Model Controller Database Data Taint Status View URL Parameters Form Data Other User Input Tainted HTML Sanitization Safe HTML

Expressive Taint Status SoccerFan1985 String Value: Taint: Character Index Different Chunks 33

Transformers {:HTML => { //script => NoDisplay, :default => NoHTMLAllowed }, :SQL => SQLSanitize, :Ruby_eval => NoDisplay} The Default Transformer Use Context Appropriate Sanitization Routine 34

Transformers Raw String Chunk 1 Transformer 1 Raw String Chunk 2 Transformer 2 Raw String Chunk 3 Transformer 3 Use Context Sanitized Chunk Sanitized String 35

Transformer Annotations 36 Different sanitization policies in different contexts Context specified with XPath :taint, :username, {:HTML => AlphaNumericOnly} :taint, :full_name, {:HTML => {TitleTag => LettersAndSpacesOnly, :default => NoHTML}} :taint, :profile, {:HTML => {"//script => Invisible, :default => BoldItalicUnderlineOnly}} taint, target, transformer

37

38

39

Test ApplicationApplication Type Image Gallery (680 lines) E-Commerce (5556 lines) Project Management (30747 lines) E-Commerce (11561 lines) 40

Performance Notes 41

Try GuardRails Alpha Release Now Available! Our Web Page: Full source code can be downloaded from GitHub Contact Info: 42

Questions? Alpha Release Now Available! Our Web Page: Full source code can be downloaded from GitHub Contact Info: 43