Top 10 Secure Coding Practices

最新推荐文章于 2024-07-31 07:30:00 发布
最新推荐文章于 2024-07-31 07:30:00 发布
阅读量1.4k 收藏
点赞数
分类专栏: Software Security

Top 10 Secure Coding Practices

  1.  Validate input. Validate input from all untrusted data sources. Proper input validation can eliminate the vast majority of software vulnerabilities. Be suspicious of most external data sources, including command line arguments, network interfaces, environmental variables, and user controlled files [Seacord 05].
  2.  Heed compiler warnings. Compile code using the highest warning level available for your compiler and eliminate warnings by modifying the code [C MSC00-AC++ MSC00-A]. Use static and dynamic analysis tools to detect and eliminate additional security flaws.
  3.  Architect and design for security policies. Create a software architecture and design your software to implement and enforce security policies. For example, if your system requires different privileges at different times, consider dividing the system into distinct intercommunicating subsystems, each with an appropriate privilege set.
  4.  Keep it simple. Keep the design as simple and small as possible [Saltzer 74, Saltzer 75]. Complex designs increase the likelihood that errors will be made in their implementation, configuration, and use. Additionally, the effort required to achieve an appropriate level of assurance increases dramatically as security mechanisms become more complex.
  5.  Default deny. Base access decisions on permission rather than exclusion. This means that, by default, access is denied and the protection scheme identifies conditions under which access is permitted [Saltzer 74, Saltzer 75].
  6.  Adhere to the principle of least privilege. Every process should execute with the the least set of privileges necessary to complete the job. Any elevated permission should be held for a minimum time. This approach reduces the opportunities an attacker has to execute arbitrary code with elevated privileges [Saltzer 74, Saltzer 75].
  7.  Sanitize data sent to other systems. Sanitize all data passed to complex subsystems [C STR02-A] such as command shells, relational databases, and commercial off-the-shelf (COTS) components. Attackers may be able to invoke unused functionality in these components through the use of SQL, command, or other injection attacks. This is not necessarily an input validation problem because the complex subsystem being invoked does not understand the context in which the call is made. Because the calling process understands the context, it is responsible for sanitizing the data before invoking the subsystem.
  8.  Practice defense in depth. Manage risk with multiple defensive strategies, so that if one layer of defense turns out to be inadequate, another layer of defense can prevent a security flaw from becoming an exploitable vulnerability and/or limit the consequences of a successful exploit. For example, combining secure programming techniques with secure runtime environments should reduce the likelihood that vulnerabilities remaining in the code at deployment time can be exploited in the operational environment [Seacord 05].
  9.  Use effective quality assurance techniques. Good quality assurance techniques can be effective in identifying and eliminating vulnerabilities. Fuzz testing, penetration testing, and source code audits should all be incorporated as part of an effective quality assurance program. Independent security reviews can lead to more secure systems. External reviewers bring an independent perspective; for example, in identifying and correcting invalid assumptions [Seacord 05].
  10. Adopt a secure coding standard. Develop and/or apply a secure coding standard for your target development language and platform.

Bonus Secure Coding Practices

  1.  Define security requirements. Identify and document security requirements early in the development life cycle and make sure that subsequent development artifacts are evaluated for compliance with those requirements. When security requirements are not defined, the security of the resulting system cannot be effectively evaluated.
  2.  Model threats. Use threat modeling to anticipate the threats to which the software will be subjected. Threat modeling involves identifying key assets, decomposing the application, identifying and categorizing the threats to each asset or component, rating the threats based on a risk ranking, and then developing threat mitigation strategies that are implemented in designs, code, and test cases [Swiderski 04].

Bonus Photograph

This photograph illustrates how the easiest way to break system security is often to circumvent it rather than defeat it (as is the case with most software vulnerabilities related to insecure coding practices).

References

[Saltzer 74] Saltzer, J. H. "Protection and the Control of Information Sharing in Multics." Communications of the ACM 17, 7 (July 1974): 388-402.

[Saltzer 75] Saltzer, J. H. & Schroeder, M. D. "The Protection of Information in Computer Systems." Proceedings of the IEEE 63, 9 (September 1975), 1278-1308.

[Seacord 05] Seacord, R. Secure Coding in C and C++. Upper Saddle River, NJ: Addison-Wesley, 2006 (ISBN 0321335724).

[Swiderski 04] Swiderski, F. & Snyder, W. Threat Modeling. Redmond, WA: Microsoft Press, 2004.

https://www.securecoding.cert.org/confluence/display/seccode/Top+10+Secure+Coding+Practices

chuwachen
关注
专栏目录
【AI人工智能】用于代码生成的大型语言模型 Large Language Models for Code Generation
程序员光剑
06-09 1万+
大型语言模型通常采用Transformer等注意力机制架构,能够有效捕获输入序列中长程依赖关系。具体而言,编码器将输入序列映射为上下文表示,解码器则根据上下文和已生成的部分序列预测下一个token。代码生成任务中的输入序列可以是自然语言的问题描述、函数签名、测试用例等形式。模型通过学习大量的代码-自然语言语料对,建立两者之间的映射关系。在生成阶段,给定输入序列,解码器基于学习到的知识逐步推理和生成目标代码。
第54课作业实战成功:用phpMyAdmin等数据库可视化软件操作MySQL,并且通过远程操作MySQL;
段智华的博客
10-05 1743
phpMyAdmin等数据库可视化软件操作MySQL 大数据Spark “蘑菇云”行动第54课: 作业讲解与广告点击实现代码.作业:用phpMyAdmin等数据库可视化软件操作MySQL,并且通过远程操作MySQL; 目的:在华为的windows本地服务器上使用phpMyAdmin连接操作虚拟机vmvare的集群中的master上安装的mysql. 实现图形化,可视化操作my
Secure.Coding.in.C.and.Cplusplus.2nd.Edition.0321822137.epub
07-20
Learn the Root Causes of Software Vulnerabilities and How to Avoid Them Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed tens of thousands of vulnerability reports since 1988, CERT has determined that a relatively small number of root causes account for most of the vulnerabilities. Secure Coding in C and C++, Second Edition, identifies and explains these root causes and shows the steps that can be taken to prevent exploitation. Moreover, this book encourages programmers to adopt security best practices and to develop a security mindset that can help protect software from tomorrow’s attacks, not just today’s. Drawing on the CERT’s reports and conclusions, Robert C. Seacord systematically identifies the program errors most likely to lead to security breaches, shows how they can be exploited, reviews the potential consequences, and presents secure alternatives. Coverage includes technical detail on how to Improve the overall security of any C or C++ application Thwart buffer overflows, stack-smashing, and return-oriented programming attacks that exploit insecure string manipulation logic Avoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functions Eliminate integer-related problems resulting from signed integer overflows, unsigned integer wrapping, and truncation errors Perform secure I/O, avoiding file system vulnerabilities Correctly use formatted output functions without introducing format-string vulnerabilities Avoid race conditions and other exploitable vulnerabilities while developing concurrent code The second edition features Updates for C11 and C++11 Significant revisions to chapters on strings, dynamic memory management, and integer security A new chapter on concurrency Access to the online secure coding course offered through Carnegie Mellon’s Open Learning Initiative (OLI) Secure Coding in C and C++, Second Edition, presents hundreds of examples of secure code, insecure code, and exploits, implemented for Windows and Linux. If you’re responsible for creating secure C or C++ software–or for keeping it safe–no other book offers you this much detailed, expert assistance. Table of Contents Chapter 1 Running with Scissors Chapter 2 Strings Chapter 3 Pointer Subterfuge Chapter 4 Dynamic Memory Management Chapter 5 Integer Security Chapter 6 Formatted Output Chapter 7 Concurrency Chapter 8 File I/O Chapter 9 Recommended Practices
什么是安全编码,为什么它很重要?
最新发布
软件行业技术文化交流。
07-31 93
通过遵循 OWASP 和 SEI CERT 等标准,您可以使您的软件对用户更安全,并避免因任何漏洞利用、黑客攻击或违规而导致的法律和财务复杂性。安全编码的重要性:幸运的是,通过遵循一些已经建立的安全编码标准,比如OWASP(开放网络应用安全项目)和SEI Cert(软件工程研究所的认证),可以缓解大多数常见的软件安全漏洞。如果您几乎没有安全编码的经验,那么使用他们的服务来确保源代码的安全性和健壮性将是一个好主意。此外,请查看他们的工具,该工具可以查找可能影响您项目的依赖关系和公开披露的漏洞。
IOS安全编码指南 Secure Coding Guide -- 01 Introduction 上
静静燃烧的雪的专栏
06-05 1007
IOS安全编码指南 Secure Coding Guide -- 01 Introduction 上 Introduction to Secure Coding Guide     Secure coding is the practice of writing programs that are resistant to attack by maliciou
CERT C/C++ Secure Coding Standard
yasi_xi的专栏
10-28 3798
CERT C Secure Coding Standard CERT C++ Secure Coding Standard
security 相关标准secure coding
cnbird's blog
12-20 1007
http://www.cert.org/secure-coding/scstandards.html http://cwe.mitre.org/top25/index.html
2021年Github项目Top100
weixin_45747731的博客
04-19 5436
2021年Github项目Top100 1. freeCodeCamp/freeCodeCamp 323k JavaScript freeCodeCamp.org’s open source codebase and curriculum. Learn to code for free. curriculum react nodejs javascript d3 teachers community education programming math freecodecamp learn-to-code
2021年Github项目Top400
weixin_45747731的博客
04-19 3300
301. akullpp/awesome-java A curated list of awesome frameworks, libraries and software for the Java programming language. awesome awesome-list 28.4k 302. lukehoban/es6features Overview of ECMAScript 6 features 28.3k 303. ariya/phantomjs Scriptable Headless
OWASP,以开源的方式支撑企业应用安全体系化建设.pdf
08-08
除了OWASP Top 10,OWASP还提供诸如OWASP Secure Coding Practices - Quick Reference Guide的指南,其中总结了安全编程的最佳实践;OWASP Application Security Verification Standard(ASVS)提供了一套安全验证...
SECURE_CODING 概要 zz
hi
08-15 814
以下总结的内容来自于Coverity Prevent分析,SECURE_CODING 是Prevent中关于编码安全方面的一个检查器,是全球百万余开发人员从历史上的各种安全漏洞事件中总结出来的。 × [VERY RISKY]. Use of "strcpy" has been known to cause a buffer overflow when used incorrectly. 
IOS开发NSSecureCoding
李小源的博客
02-04 529
NSSecureCoding 官方解释:A protocol that enables encoding and decoding in a manner that is robust against object substitution attacks. 一种协议,它以一种抗对象替换攻击的健壮方式实现编码和解码。 NSSecureCoding相对NSCoding来说对数据的处理添加了一定的安全性 存与取 NSData *data = [NSData dataWithContentsOf.
Secure Coding Guideline
走马观花
03-19 747
http://wiki.developerforce.com/page/Secure_Coding_Guideline Secure Coding Guidelines The following documentation walks you through the most common security issues salesforce.com has identified whi
sonar问题及方案记录
seanyang_的博客
11-23 1644
不要用纯文本或者快速hash算法存储password ,应该使用安全的算法产生hash。原因1、预防暴力破解攻击2、预防撞库攻击3、密码应该加salt来降低彩虹表攻击的风险。这个规则会报告问题,当密码被纯文本存储或者使用容易被暴力破解攻击的hash算法存储密码,算法如md5或者sha家族算法,会很快的计算出hash值,因为可能存在暴力破解攻击。
数据治理:数据安全100个基本概念全解
fuyipingwml1976124的博客
01-15 1683
根据DAMA的定义,数据安全指定义、规划、开发、执行安全策略和规程,以提供对数据和信息资产的适当验证、授权、访问和审计。数据安全的目标有三个:启用对企业数据资产的适当访问,并防止不适当的访问理解并遵守所有有关隐私、保护和保密的法规和政策确保所有利益相关方的隐私和保密需求得到执行和审计在《数据治理:一文讲透数据安全》一文中,我对如何实施数据安全进行了相对宏观的介绍。本文将从微观入手,对104个数据安...
java security code guider line
haizhiguang的专栏
03-23 2215
source: http://www.oracle.com/technetwork/java/seccodeguide-139067.html Secure Coding Guidelines for Java SE  Updated for Java SE 8  Document version: 5.0 Published: 02 April 2014 L
Java必知必会系列:安全编码与漏洞防护
程序员光剑
10-17 277
作者:禅与计算机程序设计艺术 1.背景介绍 安全编码(Security coding)和漏洞防护(Vulnerability protection)是一个互相关联且具有重要意义的问题。作为IT界的一名资深工程师、软件架构师或者CTO,你应该理解它的含义、背景、目的、意义、前景以及将来可能遇到的挑战。
secure coding in c and c++
01-08
C和C++的安全编码是指在编写C和C++代码时,采取一系列的措施来确保代码的安全性和防止常见的安全漏洞。由于C和C++是底层的编程语言,它们允许对内存直接进行操作,这也使得它们容易受到各种安全威胁的攻击。...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值