Introduction
There have been daily reports of security flaws in all kinds of software
products, along with the recent discovery of vulnerabilities in several
implementations of long established and widely deployed protocols such as SNMP.
These are increasing the awareness among the general public that the software
industry hasn't always done its best to ensure the quality of programs and that
some improvements in the way software is created are generally needed today.
Security and safety are two important aspects of the quality of software.
Security is the ability of a system to protect itself against accidental or
intentional attacks. Safety is the ability of the system to operate without
risk, both when performing normal functions and when handling exceptional
conditions.
The need for safer and more secure code is true for every kind of software,
but becomes critical for any program that interacts with other programs over a
network. A few suggestions for the production of safe and secure code are
provided below. These focus particularly on network applications, but many of
the suggestions apply to other types of applications as well. Network
applications are inherently critical because they can become unwanted entry
points into a computer system if not properly designed or implemented.
Network applications are based on protocols, as they need to communicate with
other applications over the network. In the following, it will be assumed that
the software developers are implementing a pre-existing protocol, so that the
focus will be on the software development process, rather than on protocol
design.
The use of Abstract Syntax Notation One (ASN.1) in protocol specifications
greatly reduces the size and complexity of the implementations, thus lessening
the likelihood of defects. However, the developers are still responsible for the
overall quality and security of the application.
Several suggestions are given, but the most important one is probably the
first, which can be summarized as security-consciousness.
Note that the following suggestions apply to the implementation of any type
of communications protocol, whether it is specified using a formal language such
as ASN.1 or XML Schema, or is specified using ad hoc manual techniques such as a
picture of bytes and bits or an ABNF grammar.
It should also be noted that although general suggestions can be formulated
on how to avoid common program defects and security flaws, each specific network
application will usually have other potential vulnerabilities. Developers should
therefore grow a security-conscious mindset and apply it throughout the
development process.
NOTE: This paper offers general suggestions. It does not present a
methodology or provide specific instructions to implement these suggestions. See
the Resource section for a list of reference documents which can be accessed for
specific implementation details and for deeper coverage of the topics briefly
discussed in this paper.
[ Table of Contents ]
|
|
