Disclamer

These are my personal notes and not a complete course

Phases of System Software development cycle (SDLC)

Initiation

  • The need for a new system in defined
  • Preliminary risk assessment for
    • Confidentiality 
    • Integrity 
    • Availability

Acquisition or Development

  • New system is either created or purchased 
  • Requirements analysis
  • Formal risk assessment (Identify vulnerabilities and threats)
  • Security functional requirements analysis (Identify protection levels)
  • Security assurance requirements analysis  (Identify the assurance the system has to provide)
  • Thrid-party evaluation 
  • Security plan (Documented security controls)
  • Security test and evaluation plan

Implementation

  • Implementing the system in a production environment 

Operation/Maintenance

  • System is in use and is cared for

Disposal

  • System is removed from the production environment

Software Development Livecycle


https://xbsoftware.com/blog/software-development-life-cycle-waterfall-model/

Requirements Analysis

  • Determine why the software is created
  • Gathering Requirements
    • Security RequirementSecurity Risk RequirementPrivacy Risk RequirementRisk-level Requirement

Design

  • Plan how the software accomplishes the identified goals
  • Attach surface analysis
  • Threat modeling

Development

  • Programming software code

Testing

  • Validating the goals are met
  • Map security risks to test cases and code
  • Security attack and penetration tests
  • Fuzzing is a technique to discover flaws and vulnerabilities 

Maintenance

Deployment and making sure the software is monitored, correctly configured and patched

Vocabulary 

  • Statement of Work (SOW) Describes the product and customer requirements 
  • Work breakdown structure (WBS) A project management tool used to define and group work items
  • Privacy impact rating Indicates the sensitivity level of the data that is processed
  • Computer-aided software engineering (CASE) Software that aids in the development of software
  • Verification Determines if the product  accurately represents and meets the specification
  • Validation Determines if the product provides the necessary solution for the intended real-word problem

Software development model

Build and Fix Model


http://ecomputernotes.com/software-engineering/build-and-fix-model

Waterfall Model


https://xbsoftware.com/blog/software-development-life-cycle-waterfall-model/

V-Model

Prototyping

Incremental Model

  • Rapit-Prototyping
  • SCRUM

Spiral Model

Rapid Application Development

Agile Model

  • Incremental pushes

Capability maturity model integration (CMMI)

Software escrow

Storing the source code of software with e third party escrow agent in case the software vendor goes bankruptcy

Programming languages and concepts

  1. Generation Machine Language. Made for a specific processor. 010101
  2. Generation Assembly language. Made for a specific processor. Assembler
  3. Generation High-Level language that abstracts statements. High level statements like if, then else. Processor independent. C++ 
  4. Generation Very-High-Level language. JavaEE
  5. Generation Natural Language Programming. Artificial Intelligence language

Vocabulary

  • Assemblers convert assembly language into machine code
  • Compilers convert high-level languages into processor independent machine code
  • Interpreters interpret code at runtime
  • Garbage collectors identify unused blocks of memory and recycle them
  • Object oriented programming words with classes and objects to encapsulate functionality
  • Abstraction is the ability to suppress unnecessary details so more important concepts can be easier be examined 
  • Polymorphism allows a two objects to react differently to the same input
  • Data modeling in software engineering is the process of creating a data model for an information 
  • Cohesion refers to the degree to which the elements inside a module belong together.
  • Coupling is the degree of interdependence between software modules

  • A data structure is a data organization, management and storage format that enables efficient access and modification.
  • Distributed Computing Environment is an industry-standard software technology for setting up and managing computing and data exchange in a system of distributed computers. Client-Server-Model.
  • Common Object Request Broker Architecture (CORBA) is an architecture and specification for creating, distributing, and managing distributed program objects in a network. It allows programs at different locations and developed by different vendors to communicate in a network through an "interface broker."
  • Object request broker (ORB) is a middleware which allows program calls to be made from one computer to another via a computer network, providing location transparency through remote procedure calls.
  • Component Object Model (COM) is a binary-interface standard for software components introduced by Microsoft in 1993. It is used to enable inter-process communication objectcreation in a large range of programming languages.
  • Object linking and embedding (OLE) is a Microsoft technology that facilitates the sharing of application data and objects written in different formats from multiple sources. Linking establishes a connection between two objects, and embeddingfacilitates application data insertion.
  • Service-oriented architecture (SOA) is a style of software design where services are provided to the other components by application components, through a communication protocol over a network. The basic principles of service-oriented architecture are independent of vendors, products and technologies.
  • SOAP (originally Simple Object Access Protocol) is a messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. Its purpose is to induce extensibility, neutrality and independence. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP) or Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission.
  • mashup, in web development, is a web page or web application that uses content from more than one source to create a single new service displayed in a single graphical interface. For example, a user could combine the addresses and photographs of their library branches with a Google map to create a map mashup.
  • Software as a service (SaaS) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
  • Cloud computing is shared pools of configurable computer system resources and higher-level services that can be rapidly provisioned with minimal management effort, often over the Internet. Cloud computing relies on sharing of resources to achieve coherence and economies of scale, similar to a public utility.
  • Code mobility is the ability for running programs, code or objects to be migrated (or moved) from one machine or application to another. This is the process of moving mobile code across the nodes of a network as opposed to distributed computation where the data is moved.
  • A Java applet was a small application that is written in the Java programming language, or another programming language that compiles to Java bytecode, and delivered to users in the form of Java bytecode.
  • A Sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.
  • ActiveX is a software framework created by Microsoft that adapts its earlier Component Object Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded from a network, particularly from the World Wide Web.
  • Code signing/Authenticode is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process employs the use of a cryptographic hash to validate authenticity and integrity.
  • Expert Systems Use artificial intelligence to solve complex problems
  • Inference Engine is a computing program that tries to derive answers from a knowledge base
  • Rule-based Systems are used as a way to store and manipulate knowledge to interpret information in a useful way. They are often used in artificial intelligence applications and research.
  • Artificial neural networks (ANN) are computing systems that constitute animal brains. The neural network itself isn't an algorithm, but rather a framework for many different machine learning algorithms to work together and process complex data inputs.

Threats for Web Environments

  • Information gathering is the process to gather information about a system to infer additional information that can be used to compromise systems
  • Server Side Includes (SSI) is a simple interpreted server-side scripting language used almost exclusively for the Web. The most frequent use of SSI is to include the contents of one or more files into a web page on a web server.
  • The user input validation take place on the Server Side during a post back session is called Server Side Validation and the user input validation take place on the Client Side (web browser) is called Client Side Validation. Client Side Validation does not require a postback.

  • Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.
    • Reflected XSS -> Just remember example of mirror where it reflect what ever we put infront of mirror. So in reflected XSS when we type xss payloads we get it on page. We use html tags to make payload. This type of xss is also called Non-Persistent XSS.
    • Stored XSS -> When we use our malicious payload then it stored in website’s database. So when we visit victim website again and again and again then our payload will be pop up because our payload is saved in database. Generally you will use this payload in register page,any form page where our information save in database like comments,chats etc. This xss is also known as Persistent XSS.
    • DOM XSS -> When an HTML document is loaded into a web browser, it becomes a document object.The document object is the root node of the HTML document and the “owner” of all other nodes

  • Parameter validation
  • Web proxies forward HTTP requests. The request from the client is the same as a regular HTTP request except the full URL is passed, instead of just the path
  • A replay attack (also known as playback attack) is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it, possibly as part of a masquerade attack by IP packet substitution. This is one of the lower tier versions of a "Man-in-the-middle attack".

Database Management Software

A database is an organized collection of data, stored and accessed electronically. Database designers typically organize the data to model aspects of reality in a way that supports processes requiring information, such as (for example) modeling the availability of rooms in hotels in a way that supports finding a hotel with vacancies.

The database management system (DBMS) is the software that interacts with end users, applications, and the database itself to capture and analyze data. A general-purpose DBMS allows the definition, creation, querying, update, and administration of databases. A database is generally stored in a DBMS-specific format which is not portable, but different DBMSs can share data by using standards such as SQL and ODBC or JDBC. The sum total of the database, the DBMS and its associated applications can be referred to as a "database system". Often the term "database" is used to loosely refer to any of the DBMS, the database system or an application associated with the database.

Computer scientists may classify database-management systems according to the database models that they support. Relational databases became dominant in the 1980s. These model data as rows and columns in a series of tables, and the vast majority use SQL for writing and querying data. In the 2000s, non-relational databases became popular, referred to as NoSQL because they use different query languages.

Data Models

  • Relational model is a database model based on first-order predicate logic. Its core idea is to describe a database as a collection of predicates over a finite set of predicate variables, describing constraints on the possible values and combinations of values.The power of the relational data model lies in its mathematical foundations and a simple user-level paradigm. (Like MySQL)
  • Hierarchical model The hierarchical model is similar to the network model except that links in the hierarchical model form a tree structure, while the network model allows arbitrary graph. (Like LDAP)
  • Network model This model organizes data using two fundamental constructs, called records and sets. Records contain fields, and sets define one-to-many relationships between records: one owner, many members.The network data model is an abstraction of the design concept used in the implementation of databases.
  • Object-relational model Similar to a relational database model, but objects, classes and inheritance are directly supported in database schemas and in the query language.
  • Data definition language (DDL) is a syntax similar to a computer programming language for defining data structures, especially database schemas.
  • Data manipulation language (DML) is a computer programming language used for adding (inserting), deleting, and modifying (updating) data in a database.
  • Polyinstantiation is the concept of type (class, database row or otherwise) being instantiated into multiple independent instances (objects, copies). It may also indicate, such as in the case of database polyinstantiation, that two different instances have the same name (identifier, primary key).
  • Online transaction processing (OLTP) is where information systems facilitate and manage transaction-oriented applications, typically for data entry and retrieval transaction processing.

  • Atomic transactions are an indivisible and irreducible series of database operations such that either all occur, or nothing occurs.ACID (Atomicity, Consistency, Isolation, Durability) is a set of properties of database transactions intended to guarantee validity even in the event of errors, power failures, etc. In the context of databases, a sequence of database operations that satisfies the ACID properties is called a transaction.
    • Consistency in database systems refers to the requirement that any given database transaction must change affected data only in allowed ways.
    • Isolation determines how transaction integrity is visible to other users and systems. For example, when a user is creating a Purchase Order and has created the header, but not the Purchase Order lines, is the header available for other systems/users (carrying out concurrent operations, such as a report on Purchase Orders) to see?
    • Durability is the ACID property which guarantees that transactions that have committed will survive permanently. For example, if a flight booking reports that a seat has successfully been booked, then the seat will remain booked even if the system crashes.

Database Vocabulary


https://sites.google.com/site/merasemester/dbm/relational-model

  • Data warehouses are central repositories of integrated data from one or more disparate sources.

Database Programming Interfaces

  • Open Database Connectivity (ODBC) is a standard application programming interface (API) for accessing database management systems (DBMS). The designers of ODBC aimed to make it independent of database systems and operating systems.
  • OLE DB (Object Linking and Embedding, Database), an API designed by Microsoft, allows accessing data from a variety of sources in a uniform manner. The API provides a set of interfaces implemented using the Component Object Model (COM); it is otherwise unrelated to OLE.
  • ActiveX Data Objects (ADO) comprises a set of Component Object Model (COM) objects for accessing data sources. A part of MDAC (Microsoft Data Access Components), it provides a middleware layer between programming languages and OLE DB (a means of accessing data stores, whether databases or not, in a uniform manner).
  • Java Database Connectivity (JDBC) is an application programming interface (API) for the programming language Java, which defines how a client may access a database.

Integrity

  • Semantic integrity ensures that data entered into a row reflects an allowable value for that row.
  • Entity Integrity ensures that there are no duplicate records within the table and that the field that identifies each record within the table is unique and never null.
  • Referential integrity is a relational database concept, which states that table relationships must always be consistent. In other words, any foreign key field must agree with the primary key that is referenced by the foreign key.

Malware Types

  • Virus is a small application that infects host applications and spreads from there to other physical hosts or host applications.
  • A Macro Virus is a virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications).
  • A Compression Virus is an example of a benevolent computer virus, invented by Fred Cohen. It searches for an uninfected executable file, compresses the file and prepends itself to it. The virus can be described in pseudo code
  • A Stealth Virus is a type of malicious software that hides the modifications it makes
  • A Polymorphic Virus is code that uses a polymorphic engine to mutate while keeping the original algorithm intact. That is, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all
  • A Multipart Virus has several components to it and can be distributed to different parts of the system
  • A Bot is a software application that runs automated tasks (scripts) over the Internet. A malicious use of bots is the coordination and operation of an automated attack on networked computers, such as a denial-of-service attack by a botnet.
  • A Worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.
  • A Logic Bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company.
  • A Rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.
  • Trojan is any malicious computer program which misleads users of its true intent.
  • Remote Access Trojan (RAT) is a type of malware that controls a system through a remote network connection. While desktop sharing and remote administration have many legal uses, "RAT" connotes criminal or malicious activity.
  • Immunizer Attaches code to a file of application, which would fool the virus into "thinking" it was already infected
  • Behavior blocking Allowing the suspicious code to execute within the operating system and watch its interactions with the operating system, looking for suspicious activities