In order to reduce as much as possible the vulnerabilities and programming errors that can affect not only the quality of the product itself but can also be exploited to launch increasingly sophisticated and growing computer attacks, it’s necessary to guarantee the protection parameters of computer security in terms of integrity, confidentiality and authentication both for the code of an application and for data management. Therefore, it’s essential to carry out a careful risk and impact assessment in order to safeguard the security of the information and the data privacy.
The project must be planned, following a common denominator for the whole software life cycle, to ensure the security requirements for the data, functions and programming language.
The reference model used in this discussion is, for simplicity’s sake, sequential, in which only after completing one phase does one move on to the next. However, it could be envisaged, for greater efficiency and flexibility, to revise and correct the various phases:
The documentation produced must contain the project definition, the reasons with the possible solutions and for each of them costs and benefits, the resources required, and the distribution time of the final product.
The requirements, which aim to determine the functionality required by the client and the properties of the software in terms of performance, security, case of use, portability and maintenance, also take into account the technological and regulatory context and should be recorded in a document. This will allow the client to verify the specified features and the designer to proceed with the implementation of the software architecture.
In particular, the security requirements must absolutely constrain the solutions that will be adopted. Attention must be paid to the operational security of:
It’s also important to develop a user manual and outline how the system will be tested.
The purpose of the designing is the production of a document that contains not only a description of the architecture of the global software and the individual interacting modules but also an assessment of the risks ((ISO 27001, ISO 27034, ISO 29151) to which the product could be exposed and an impact assessment on data processing (GDPR – General Data Protection Regulation, EU regulation 679/2016).
The functions and solutions proposed in the feasibility study will be implemented, the timing and implementation of requirements and tests will be planned, the native features of the application (traditional or web based) and the security rules will be established.
It will be necessary to define with the developers the type of code to be used:
The implementation is when programs are actually built by applying code security best practices and verifying functionality and any vulnerabilities. Coding, documentation, and tests specification performed should be provided for each component or module under consideration. For security purposes, it’s necessary that the development environments, always kept up-to-date and protected, are equipped with audit, backup and access control systems on the basis of shared guidelines and given by providers of support, training and information services such as NVD (National Vulnerability Database), OSWAP (Open Web Application Security Project).
Once assembled all the developed code, the effective compatibility will be verified, solving interaction and security errors. It’s advisable to prepare a testing plan with various simulations, keeping the test environment separate from the development environment and verify the degree of exposure of the software to known vulnerabilitiesand detect anomalies.
In the distribution phase, the system is delivered to users to verify operation and identify any defects with respect to the design specifications. The delivery is generally done in two steps:
The last but not least important phase is the maintenance. It encompasses all the evolution of the system from distribution onwards and therefore can significantly affect the overall costs of the entire life cycle. Planned and periodic testing even in the post-delivery are extremely useful.
Since the price to pay for correcting a vulnerability or error is higher the later it’s detected in the software lifecycle, it’s critical to acquire and verify security requirements as early as possible, i.e., at those early stages when the cost of fixing it’s not yet significant.
For a good result it’s essential to:
About the author: Salvatore Lombardo
IT officer, ICT expert, Clusit member
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, security)