Software Security Engineering

The rapid development and expansion of network-based applications have changed the computing world in the last decade. However, this overwhelming success has an Achilles’ heel: most software-controlled systems are prone to attacks both by internal and external users of the highly connected computing systems. These software systems must be engineered with reliable protection mechanisms, while still delivering the expected value of the software to their customers within the budgeted time and cost. The principal obstacle in achieving these two different but interdependent objectives is that current software engineering processes do not provide enough support for the software developers to achieve security goals. In this chapter, we reemphasize the principal objectives of both software engineering and security engineering, and strive to identify the major steps of a software security engineering process that will be useful for building secure software systems. Both software engineering and security engineering are ever-evolving disciplines, and software security engineering is still in its infancy. This chapter proposes a unification of the process models of software engineering and security engineering in order to improve the steps of the software life cycle that would better address the underlying objectives of both engineering processes. This unification will facilitate the incorporation of the advancement of the features of one engineering process into the other. The chapter also provides a brief overview and survey of the current state-of-the-art of software engineering and security engineering with respect to computer systems.

Steganography and Steganalysis

In the digital environment, steganography has increasingly received attention over the last decade. Steganography, which literally means “covered writing,” includes any process that conceals data or information within other data or conceals the fact that a message is being sent. Though the focus on use of steganography for criminal and terrorist purposes detracts from the potential use for legitimate purposes, the focus in this chapter is on its role as a security threat. The history of stenography as a tool for covert purposes is addressed. Recent technical innovations in computerized steganography are presented, and selected widely available steganography tools are presented. Finally, a brief discussion of the role of steganalysis is presented.

Deploying Honeynets

When competent computer network system administrators are faced with malicious activity on their networks, they think of the problem in terms of four distinct but related activities: detection, prevention, mitigation, and response. The greatest challenge of these four phases is detection. Typically, detection comes in the form of intrusion detection system (IDS) alerts and automated application and log monitors. These however are fraught with mischaracterized alerts that leave administrators looking for a needle in a haystack. One of the most promising emerging security tools is the honeynet Honeynets are designed to divert the malicious user or attacker to non-production systems that are carefully monitored and configured to allow detailed analysis of the attackers’ actions and also protection of other network resources. Honeynets can be configured in many different ways and implemented from a full DMZ to a carefully placed file that is monitored for access.

The Demilitarized Zone as an Inforamtion Protection Network

This chapter presents some basic concepts for the design, implementation, and management of a network-based enterprise boundary protection mechanism. The reader should not expect to see a complete security solution from the material presented in this chapter. The concepts presented here must be combined with host and application security mechanisms, as well as procedural and administrative mechanisms. The chapter will provide an explanation of some of the security concepts involved before explaining how an information protection network (IPN) enables collaboration and information exchange between the enterprise and external entities on the public Internet. Finally, specific technologies needed to implement an IPN will be discussed.

A Security Blueprint for E-Business Applications

This chapter develops a security blueprint for an e-business environment taking advantage of the three-tiered e-business architecture. This security blueprint suggests best practices in general. It involves (1) security control by layers — from physical access, to network communication, to operating systems, to applications, and (2) different stages of the management process, including planning, deployment, administration, and auditing. Also reported is a case study of the implementation of the proposed security blueprint in a Singapore multinational corporation. Such issues as security control analysis, management process analysis, and cost-benefits analysis are discussed in detail.

Identity Management

This chapter provides an introductory overview of identity management as it relates to data networking and enterprise information management systems. It looks at the strategic value of identity management in corporate and government environments. It defines the terms, concepts, and technologies associated with identity management. This chapter is a capstone to other chapters that deal with the specific technologies (strong identification and authentication, PKI, encryption, LDAP, etc…). Federated identity management is a strategic concept that encapsulates and integrates these disparate technologies into a coordinated, comprehensive strategy to accomplish enterprise-wide goals. This chapter introduces some practical business case concepts to assists the reader in putting together their own identity management strategies using ROI and success criteria.

Digital Forensics

This chapter introduces the field of digital forensics. It is intended as an overview to permit the reader to understand the concepts and to be able to procure the appropriate assistance should the need for digital forensics expertise arise. Digital forensics is the application of scientific techniques of discovery and exploitation to the problem of finding, verifying, preserving, and exploiting digital evidence for use in a court of law. It involves the use of hardware and software for finding evidence of criminal activity on digital media, either in a computer or in a network device, and attributing that evidence to a suspect for the purposes of conviction. Digital forensics can also be used for non-law enforcement purposes. Data recovery is a form of computer forensics used outside of the legal arena. The authors hope that the reader will understand some of the intricacies of digital forensics and be able to intelligently respond to incidents requiring a digital forensic response.

Wireless Security

The introduction of wireless networking provides many benefits, but it also creates new security threats and alters the organization’s overall information security risk profile. Although responding to wireless security threats and vulnerabilities often involves implementation of technological solutions, wireless security is primarily a management issue. Effective management of the threats associated with wireless technology requires a sound and thorough assessment of risk given the environment and development of a plan to mitigate identified threats. This chapter presents a framework to help managers understand and assess the various threats associated with the use of wireless technology. We also discuss a number of available measures for countering those threats.

Malware and Antivirus Deployment for Enterprise Security

Threats to information security are pervasive, originating from both outside and within an organization. The history of computer security is dotted with the tales of newer methods of identification, detection, and prevention of malware, only to be followed by a new set of threats that circumvent those safeguards. The explosive growth of the Internet and wide availability of toolsets and documentation exacerbates this problem by making malware development easy. As blended threats continue to combine multiple types of attacks into single and more dangerous payloads, newer threats are emerging. Phishing, pharming, spamming, spoofing, spyware, and hacking incidents are increasing at an alarming rate despite the release of breakthrough security defense products. A multi-layered, integrated approach using different security products in conjunction with well-defined security policies and antivirus software will form the foundation for effective enterprise security management.

IT Security Governance and Centralized Security Controls

Every enterprise must establish and maintain information technology (IT) governance procedures that will ensure the execution of the firm’s security policies and procedures. This chapter presents the problem and the framework for ensuring that the organization’s policies are implemented over time. Since many of these policies require human involvement (employee and customer actions, for example), the goals are met only if such human activities can be influenced and monitored and if positive outcomes are rewarded while negative actions are sanctioned. This is the challenge to IT governance. One central issue in the context of IT security governance is the degree to which IT security controls should be centralized or decentralized. This issue is discussed in the context of enterprise security management.