Application and system development

This Mind Map covers the Application and Systems Development domain on the Common Body of Knowledge (CBK). This domain addresses the important security concepts that apply to application software development. It outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security.

Get Started. It's Free
or sign up with your email address
Application and system development by Mind Map: Application and system development

1. Assurance, Trust and Confidence Mechanisms

1.1. Integrity

1.1.1. procedures to compare or reconcile what was processed against what was supposed to be processed

1.1.2. check if the right operation was performed on the right data

1.1.3. Examples totals check sequence numbers

1.2. Accuracy

1.2.1. data validation

1.2.2. verification checks

1.2.3. examples character ckecks input characters against expected type of characters range checks input data against predetermined uppoer and lower limits relationship checks input data against data on a master record file reasonableness check input data against expected standard transaction limits check input data against administratively set ceilings on specified transactions

1.3. Auditing

1.3.1. what types of unauthorized activities have taken place and who or what processes took the action

1.4. ECA

1.4.1. Evaluation

1.4.2. Certification

1.4.3. Accreditation

2. Security Technology and Tools

2.1. SDLC

2.1.1. System Feasibility Information Security Policy Standards Legal Issues Early Validation of concepts

2.1.2. Software Plans & Requirements Threats Vulnerabilities Security Requirements Reasonable Care Due Diligence Legal Liabilities Cost/Benefits Analysis Level of protection desired Develop test plans Validation

2.1.3. Product Design Incorporate Security Specifications Adjust Test Plans and Data Determine Access Controls Design Documentation Evaluate Encryption Options Verification

2.1.4. Detailed Design Design Security Controls Commensaturate with legal requirements Design Access Controls Employ Encryption Adapt Security Test Plans Detailed Documentation Design Consider Business Continuity Issues Finalize User GUI Verification

2.1.5. Coding Develop information security-related code Implement Unit Testing Incorporate other modules or units Support business continuity plan Develop documentation

2.1.6. Integration Product Integrate Security Components Test integrated modules Refine Documentation Conduct Security Related product verification

2.1.7. Implementation Install Security Software Run systems Conduct Acceptance Testing Test Security Software Complete Documentation, certification and accreditation

2.1.8. Operations & Maintenance Revalidate Security Controls Conduct Penetration testing and vulnerability analysis Manage Request for Changes Implement change control Deliver changes Evaluate conformance to SLA and validations Update documentation, recertification

2.2. Software Development Methods

2.3. Security in Systems Development Methods (SDM)

2.3.1. Project initiation and planning Identify User Needs Identify Security Needs Evaluate Alternatives Initial Risk Analysis Select / Approve Approach Identify Security Framework

2.3.2. Functional Requirement Definition Prepare project plan Security areas in project plan Develop functional requirements Define security requirements Preliminary test plan Preliminary security test plan Select acquisition strategy Include security requirements in RFP and contracts Establish formal functional baseline Functional baseline has security requirements

2.3.3. System Design Specification Develop detailed design Define security specifications Update testing goals and plans Update security test plan Establish formal baseline / quality controls and requirements Include security area in formal baseline documentation and quality assurance

2.3.4. Build / Development and Documentation Construct source code from detailed design specification Write or procure and install security-related code Perform and evaluate unit tests Perform unit test and evaluate security-related code Implement detailed design into final system Ensure approved security components in formal baseline are included

2.3.5. Documentation and Common program controls Program / application Operating instructions / procedures Utilities Privileged functions Job and system docs Compontents Restart and recovery procedures Common program controls Edits Logs Who, what, when Timestamps Before and after images Counts for process integrity checks total transactions batch totals hash totals balances Internal checks checks for data integrity from when the program gets the data to when it is done with the data Parameter ranges and data types Valid and legal address references Completion codes Code Peer review Program or data library when developing software applications Automated control system Current versions Record of changes made Erroneous / invalid transactions when detected are writeen to a report and reviewed by developes and management

2.3.6. Acceptance Test system components Test security components Validate system performance Test security in integrated system Install system Install security code with necessary modifications Prepare project manuals Document security controls Perform acceptance test Conduct acceptance test Accept system Accept / verify project security

2.3.7. Testing and Evaluation Controls Guidelines for environment type of data test with known good data data validation before and after each test bounds checking sanitize test data Test data should not be production data until preparing for final UAT Testing controls test all changes management acknowledges the results of the test Program librarian retains implementation test data Parallel run requires a separate copy of production data

2.3.8. Certification and Acreditation process of evaluating the security stance of the software system against a predetermined set of security standards how well the system performs its intended functional requirements should be documented analysis of the technical and nontechnical security features and countermeasures that the extent that the system meets the security requirements for its mission and operational environment Certifying officer verifies that the software has been tested verifies that the system meets all applicable policies, regulations, standards for securing information systems Accreditation officer reviews the certification authorizes the system to be implemented in a production Accreditation provisional full

2.3.9. Transition to Production (Implementation) System is transitioned from the acceptance phase to the live production environment activities obtaining security accreditation training the new users according to schedules implementing the system security activites verifiy that the data conversion and data entry are controlled and only privileged users have access acceptable level of risk is determined security accreditation is obtained controls in place to reconcile and validate the accuracy do information after it is entered into the system

2.3.10. Operations and Maintenance Support (Post-Installation) operations activities monitoring the performance of the system ensuring continuity of operations detecting defects or weaknesses managing and preventing system problems recovering from system problems implementing system changes operations security activities testing backup testing recovery procedures ensuring proper controls for data report handling effectiveness of security processes maintenance security activities significant changes common activities verify that any changes to procedures of functionality do not disable or circumvent the security features verify compliance with applicable SLAs according to the initial operational and security baselines

2.3.11. Revisions and System Replacement hardware and software baselines should be subject to periodic evaluations and audits any changes must follow the same SDM and be recorded in a change management system reviews should include security planning and procedures to aviod future problems documenting security incidents when problems occur

2.4. Programming Languages and security

2.5. Assemblers, Compilers and Interpreters

2.6. Software Protection Mechanisms

2.7. DBMS Controls

2.7.1. Lock Controls Page locking Table locking Row locking Field locking ACID test Atomicity Consistency Isolation Durability

2.7.2. Access Controls Discretionary Access Controls (DACs) Mandatory Access Controls (MACs) Access Matrix View-Based Access Controls MAC appropriate use and manipulation of views DB logically devided into pieces controls must be in place to restrict user from bypassing the front end and directly access data View allows the restriction Grant and Revoke Access Controls if a user is granted access without the grant option, the user should not be able to pass grant authority to other users User may copy the relation and subvert the system, then grant access to the copy despite he wasn't owner of the relation cascading efect in revoke statement - all users who may have been granted access by the newly revoked user will be revoked too

2.7.3. Security for OO DBs Problem Most of models have been designed for relational DBs Security models for OO DBs are complex Models differ in their capabilities and protections ORION Explicit Authorizations The authorization model that provides DACs Positive authorization Negative authorization Implicit authorizations SORION MACs SODA Secure Object-Oriented Database model Dr. Thomas Keefe standard example of secure OO models MAC properties and can be executed in systems operating at a multi-level classification levels Multi-party update conflict the system becomes a collection of several distinct database systems, each with its own data. Metadata Controls Goal Security controls Data Contamination Controls Goal Security controls OLTP Online Transaction Processing Detect when individual processes abort Automatically restart an aborted process Back out of a transaction if necessary Allow distribution of multiple copies of application servers across machines Perform dynamic load balancing Knowledge Management Approaches Security controls

3. Information Protection Environment

3.1. Open- and ClosedSource Code

3.2. Software Environment

3.2.1. Threats to the Software Environment Buffer Overflow Citizen Programmers Covert Channel Malicious Code /Malware Virus File infector virus Boot sector infector System infector Multipartie virus E-mail virus Macro virus Script virus Worms Trojan horses Remote Access Trojan Bomb Data diddler Hoax Pranks Memory/Object Reuse Executable Content / Modile Code Social Engineering Time of Check / Time of Use Trapdoor / Backdoor

3.3. DB and DWH Environment

3.3.1. duplicated data of the same entity in the past, often inconsistent as not updated concurrently

3.3.2. information replicated in several files on a system has been replaced by databases which inporporated the information from multiple sources

3.3.3. to integrate and manage the data required for several applications into a common storage area

3.4. DBMS Architecture

3.5. DB Interface Languages

3.6. SAML

3.7. Datawarehousing

3.7.1. Process of building DWH Feed all data into a large, high-availability, and high-integrity database that resides at the confidentiality level of the most sensitive data Normalize the data. Regardless of how the data is characterized in each system, it must be structured the same when moved into the data warehouse. For example, one database could categorize birthdate as “month/date/year,” another as “date/month/year,” and still another as “year/month/date.” The data warehouse must “normalize” the various data categories into only one category. Normalization will also remove redundancies in the data. Mine the data for correlations to produce metadata. Sanitize and export the metadata to its intended users. Feed all new incoming data and the metadata into the data warehouse.

3.7.2. Metadata Information about the data Provides a systemativ method for describing resources and improving the retrieval of information provides valuable information about the unseen relationships between data and the ability to correlate data previously considered unrelated. Dublin Core Metadata Initiative (DCMI) standard Data are accessed through Online Analytical Processing (OLAP) or Knowledge-Discovery in Databases (KDD) methods

3.7.3. OLAP provides ability to formulate queries and, based on the outcome of the queries, to define further queries

3.7.4. Data Mining another tool in addition to OLAP process of discovering information in DWH by running queries on the data Used to reveal hidden relationships, patterns and trends Decision making technics based on a series of analytical techniques taken from mathematics, statistics, cybernetics and genetics Advantages ability to provide better info to managers tools to review audit logs for intrusion attempts helps to discover abnormal events Disadvantages detailed data about individuals might risk a violation of privacy integrity may be at risk, as human data entry may not be accurate (relationships or patterns)

3.8. DB Vulnerabilities and Threats

3.8.1. Aggregation combined unclassified data from separate resources result in sensitive information

3.8.2. Bypass attacks bypass controls at the front end bypass the query engine

3.8.3. Compromising DB views used for Access Control access to restricted views or modification of an existing view

3.8.4. Concurrency running process that use old data running process that updates that are inconsistent running process having a deadlock occur

3.8.5. Data contamination data integrity corruption by input dara errors or erroneous processing file, report, DB

3.8.6. Deadlocking when 2 users attempts the same information and both are denied

3.8.7. DoS poorly designed application query that locks up the table and requires intensive processing

3.8.8. Improper modification of information unauthorized users intentionaly authorized users accidentally

3.8.9. Inference ability to deduce (infer) information from observing available information list of patients and their medicines -> what ilness they have

3.8.10. Interception of data in dial-up and remote access interception of the sesstion

3.8.11. Polyinstantiation information stored in more than one location in the DB multiple levels-of-view and authorization must be effective method for simultaneously updating all occurrences of the same data element

3.8.12. Query attacs query tools to access data normally not alloweb by the trusted front end

3.8.13. Server access protection from unauthorized logical access control from unauthorized physical access

3.8.14. TOC/TOU malicious code could change data between the time that the user's quesry was approved and the time the data is displayed to the user

3.8.15. Web security

3.8.16. Unauthorized access

4. My Geistesblitzes

4.1. Cissp

5. OOP

5.1. Potentially capable of being more reliable and reduces the possible propagation of program change errors

5.2. Items

5.2.1. Classess These tell the system how to make objects, the process of creating an object using directions in a class is called "instantiation"

5.2.2. Objects Objects contatin procedures Called methods Data called attributes Often called black box functions happen, but cannot see

5.2.3. Messages Objects perform work by sending messages to other objects

5.3. Fundamental characteristics

5.3.1. Encapsulation Data hiding

5.3.2. Polymorphism Different objects can react to identical messages in different ways

5.3.3. Polyinstantiation Allows an object to be copied and populated with different data

5.3.4. Inheritance Subclassess inherit settings

5.3.5. All predefined types are objects

5.3.6. All user defined types are objects

5.3.7. All operations are performed by sending messages to objects

5.4. Distributed systems

5.4.1. CORBA Common Object Request Broker Architecture

5.4.2. DCOM Distributed Component Object Model

5.5. ORB

5.5.1. Object Request Brokers

5.5.2. Made available to users over a network

5.5.3. Middleware

5.5.4. Establishes a client-server relationship between objects

6. CBK

6.1. What CISSP should know

6.1.1. Security and controls of the systems development process, application controls, change controls, data warehousing, data mining, knowledgebased systems, program interfaces, and concepts used to ensure dataand application integrity, confidentiality, and availability

6.1.2. The security and controls that should be included within systems and application software

6.1.3. The steps and security controls in the software life cycle and change control process

6.1.4. Concepts used to ensure data and software integrity, confidentiality, and availability

6.1.5. Computer viruses and other forms of malicious code, including ActiveX and Java

6.1.6. How malicious code can be introduced into the computing environment

6.1.7. Mechanisms that can be used to prevent, detect, and correct malicious code and their attacks

6.2. Components

6.2.1. Application Issues

6.2.2. Distributed Environment Agents Applets ActiveX Java Objects

6.2.3. Local/Non-distributed Environment Attacks Viruses Trojan Horses Logic Bombs Worms

6.2.4. Databases and Data Warehousing Aggregation Data Mining Inference Polyinstantiation Multi-Level Security

6.2.5. DBMS Architecture

6.2.6. Knowledge-based Systems Expert Systems Neural Networks

6.2.7. Systems Development Controls

6.2.8. System Development Life Cycle Requirements Determination Protection Specifications Development Design Review System Test Review Certification and Accreditation Maintenance Service Level Agreement

6.2.9. Malicious code Definitions Jargon Myths/Hoaxes

6.2.10. Attackers hackers crackers phreaks virus writers

6.2.11. Anti-viral protection, Anti-viral software

6.2.12. Various types of computer viruses

6.2.13. Methods of attack Trapdoors Brute-Force Denial-of-Service Dictionary attacks Spoofing Pseudo Flaw Alteration of authorized code Flooding Cramming

6.3. Questions

6.3.1. Define the A-I-C triad as it relates to application security.

6.3.2. Define programming-related aggregation.

6.3.3. Define security-related aggregation.

6.3.4. Define and describe applet as it refers to IT/IS.

6.3.5. Define architectural neural distribution format (ANDF).

6.3.6. Describe artificial neural network (ANN).

6.3.7. Define “backdoor” as related to IT/IS.

6.3.8. Define Common Object Request Broker Architecture (CORBA).

6.3.9. Compare and contrast input controls, output controls, and transaction controls.

6.3.10. Define covert channel, covert storage channel, and covert timing channel.

6.3.11. Define data contamination.

6.3.12. Define data integrity.

6.3.13. Define data mining.

6.3.14. Define distributed systems environment.

6.3.15. Define encapsulation as related to IT/IS.

6.3.16. Define file protection.

6.3.17. Define garbage collection.

6.3.18. Define granularity as related to IT/IS.

6.3.19. Describe potential types of malicious code threats.

6.3.20. Define logic bomb.

6.3.21. Define neural network.

6.3.22. Define Object Linkage and Embedding (OLE).

6.3.23. Define object-oriented design (OOD).

6.3.24. Define object-oriented programming (OOP).

6.3.25. Define polyinstantiation.

6.3.26. Define polymorphism.

6.3.27. Define scalability as it refers to IT/IS.

6.3.28. Compare and contrast trapdoors, Trojan horses, and worms as related to IT/IS.

6.3.29. Distinguish between various IT/IS-related threats and attacks.

6.3.30. Identify system lifecycle phases.

6.3.31. Describe functional design analysis and planning.

6.3.32. Compare and contrast project design activities and parallel security activities.

6.3.33. Describe system design specifications.

6.3.34. Compare and contrast project test activities and parallel security activities.

6.3.35. Identify maintenance support/operations in relation to IT/IS.

6.3.36. Define development methodology controls.

6.3.37. Define object-oriented technology.

6.3.38. Describe object request brokers (ORBs).

6.3.39. Define object-oriented techniques.

6.3.40. Describe the benefits of object-oriented programming (OOP).

6.3.41. Describe methods of object-oriented programming (OOP).

6.3.42. Define the distinguishing features of object-oriented programming (OOP).