Security in Software Applications
Sicurezza nelle Applicazioni Software
2° semester
2016-2017
PAGE FREQUENTLY UPDATED
PAGINA
AGGIORNATA PERIODICAMENTE
Instructor
: Francesco Parisi-Presicce
Office
: Via Salaria 113, third floor,
room 342
desk phone
06 4991 8512
Email: parisi (AT) di
(DOT) uniroma1 (DOT) it
(include SoftSecurity in Subject )
Orario ricevimento studenti (Office Hours): Tuesday from
2:00
to 4:00 p.m., Thursday after
class from 11:00 a.m. to 1:00 p.m.
(until 9 June 2017) and by
Appointment
AVVISI /
ANNOUNCEMENTS
- NEWEST
The third round of exams will start on Monday September 4 and
will
be by appointment only
Sign-up via infostud
and also from this
page
- NEW
The second round of exams will start on Monday July 3 and will
be
by
appointment only
Sign-up via infostud
and also from this
page
- ALMOST NEW
The
first round of exams will start on Monday June 19 and will be
by
appointment only
Sign-up via infostud
and also from this
page
- IMPORTANT
the lecture on May 23 will be held in AULA B10
on the first floor
- The assignments for the Group Project have been mailed
Drafts must be submitted by 10 p.m. (ore 22) Thursday 25 May
2017
- The Specification of Project 2 is available HERE
This is an individual project
Solutions must be submitted by 10 p.m. (ore 22) Sunday 30 April 2017
from
THIS page
- The lecture on Thursday March 30 from 8:00 to 10:00 has
been moved to AULA ORIANA
(still in Via Salaria, ground floor)
- The Specification of Project 1 is available HERE
This is an individual project
Solutions must be submitted by 10 p.m. (ore 22) Sunday 9 April 2017
from
THIS page
- There will be TWO additional Lectures, on March 29 and
on April 5, same room (Aula Alfa) and from 10:00
to 12:00),
replacing the
lectures originally scheduled for April 20 and April 27
- Students,
who have not done so already, are asked to get an account on
twiki, to be used to submit the results of the individual projets
- The material will not always be available before class
- Students who attend this course are required to send to the
instructor their email address with which they can be contacted to
access course material (homework, project, slides, etc.)
DESCRIPTION
Theory and practice
of software security, focusing in particular on some common software
security
risks, including buffer overflows, race conditions and random number
generation, and on the identification of potential threats and
vulnerabilities
early in the design cycle. The emphasis is on methodologies and tools
for
identifying and eliminating security vulnerabilities, techniques to
prove the
absence of vulnerabilities, and ways to avoid security holes in new
software,
and on essential guidelines for building secure software: how to design
software with security in mind from the ground up and to integrate
analysis and
risk management throughout the software life cycle.
EXAMS /
ESAMI
The exam will consist of an oral part, the solution of some
homework
problems and/or small projects periodically assigned by the instructor
and
possibly
(depending on the size of the class) the presentation in class and
discussion of a project agreed upon with the instructor. The project
could be developed in teams and deal with theoretical and/or
practical aspects of software security.
The solutions to the assigned
problems and the oral examination are *individual* endavours.
Substantial overlap or the indication that they have been "shared" will
make them void and will cause the 'perpetrators' to (at least) skip an
exam
session.
L'esame consiste in una prova orale, la risoluzione di alcuni problemi
e/o piccoli progetti assegnati periodicamente durante il corso dal
docente, e (forse: dipende dalle dimensioni della classe) la
presentazione a lezione e discussione
di un progetto concordato con il
docente. Il progetto può essere sviluppato in gruppi di uno o
due studenti e può riguardare sia aspetti teorici che aspetti
pratici della sicurezza nelle applicazioni.
La consegna delle soluzioni dei problemi e la prova orale sono
individuali. Se ci sono significativi indizi che portano a credere che
il
progetto o le soluzioni consegnati siano stati copiati in tutto o
in parte, il progetto o le soluzioni sono considerati nulli.
PREREQUISITI
/ PREREQUISITES
An undergraduate security course is not a prerequisite..
Students are expected to have some basic knowledge of programming (C,
Java), Operating Systems and Databases (SQL)
Non è richiesto il superamento di un corso di sicurezza della
triennale, ma conoscenze di sicurezza sono ovviamente utili.
Si presume che lo studente abbia conoscenze adeguate di programmazione
(C, Java), Sistemi Operativi e Basi di Dati (SQL).
Schedule
of LECTURES / Diario delle LEZIONI
(frequently
updated / in continuo
aggiornamento )
- February 21-23
Introduction.
Top 25 Most Dangerous Software
Errors
Slides1
- February 28
Buffer Overflow : causes and remedies.
- March 2
Countermeasures
to Buffer Overflow
- March 7-9
Inputo validation. Code Injection.
Animations explaining
Slides2
- March 14-16
SQL injections
Web Security ONE
and TWO
Slides3
- March 21-23
A gentle Introduction to Program
Analysis
Discussion of Project 1
- March 28-30
Java
Architecture
JML and ESC/Java2
- March 29 from 10:00 to 12:00
Java Programming Rules
Slides4
- April 4-6
Sandboxing. TOCTOU. Aliasing
Proof Carrying Code
- G.C.Necula and P.Lee, Safe Kernel Extensions Without
Run-Time Checking and other papers here .
Discussion of Project 2
Slides5
- April 5 from 10:00 to 12:00
Principles of Secure Design
- April 11
OWASP Application Security Verification Standard HERE
Discussion of Group Project
Slides6
- April 20
Lecture moved to March 29 from 10:00 to 12:00
- April 27
Lecture moved to April 5 from 10:00 to 12:00
- May 2
NO CLASS today. Work on Group Project
- May 4
Overview of Types and Type Systems in security
Language-based Security: memory safety
Slides7
- May 9-11
Language-based Security: Information Flow
Slides8
- May 16-18
Website of JIF
- A.Myers JFlow:
Practical Mostly-Static Information Flow Control
(POPL 1999).
- A.C.Myers and B.Liskov, Protecting privacy
using the decentralized
label model ACM TOSEM 2000.
- May 23-25
NOTE the lecture on May 23 in AULA B10
on the first floor
Microsoft Security Development Lifecycle SDL
Reverse Engineering
ByteCode
Obfuscation
- S.Goldwasser and G.N.Rothblum, On best-possible
Obfuscation
Slides9
- May 29-30
Presentation (20 minutes each) of the Group Projects
SIX presentations on Monday May 29 from 3:00 to 6:00 p.m.
TEN presentations on Tuesday May 30 from 9:00 a.m. to 1.00 p.m.
TOOLS
RESOURCES
- UMLSec
- The
24 Deadly
Sins of Software Security,
by Michael Howard, David LeBlanc and John Viega, McGraw-Hill, 2009
- Chris Steel, Ramesh Nagappan, Ray Lai, Core Security
Patterns, Ch3,
SUN
- JATAC, DACS, Software Security Assurance:
State of
the
Art Report ,
July 31, 2007
- A
Taxonomy of Computer Program Security Flaws, by C.E.Landwehr
et al.
- TOP 25 Most Dangerous Programming Errors ,
SANS Institute 2013
- J.Viega,
G.McGraw, Secure Programming Cookbook,
O'Reilly chapter
on random numbers
Useful Links
REFERENCES
- R.Anderson, Security Engineering: a guide to
building
dependable distributed systems , 2nd ed., John Wiley
and Sons 2008
Disponibile/Available HERE
- J.Viega,
G.McGraw, Building Secure Software,
Addison-Wesley 2002
book web page
http://www.buildingsecuresoftware.com/
sample
chapters
- G.Hoglung, G.McGraw, Exploiting Software: how to
break code ,
Addison-Wesley 2004
book web page
http://www.exploitingsoftware.com/
sample
chapter
- G.McGraw, E.Felten Securing Java, John Wiley and
Sons
1999, book web page
- D.A.Wheeler, Secure Programming for Linux and Unix
HOWTO online
or downloadable
In
class, we may discuss vulnerabilities
in
general computer systems. This is NOT intended as an
invitation to go
and exploit those vulnerabilities. Breaking into
other
people's systems is inappropriate, and the existence of a security hole
is no
excuse.