Architecture Software Design

Software security is best if it is designed and built into the foundation of operating systems and applications, not added on as an afterthought. Security should be talked about and planned within the requirements phase of a project. So stakeholders like users, operators, maintainers, developers, and suppliers know and understand it function, and why it is important it be included from the onset. Each stakeholder in the past had their own concerns pertaining to the system, which can be performance, functionality, maintainability, quality of service, and usability.

 

Security for the most part did not come into the decision till later which was a grave misfortune.  The software industry as a whole focused more on functionality, interoperability, and portability at the expense of security; the consumer and user of the software suffered for it. But things are changing because governments and consumers have started questioning the high rate of identity theft. In addition, governments are now starting to take action given the amount of cyber espionage and network attacks happening across the world.

Computer Architecture - Computer architecture encompasses all of the parts of a computer system that are necessary for it to function, including the operating system, memory chips, logic circuits, storage devices, input and output devices, security components, buses, and networking interfaces. . The actual execution of the instructions is done by the arithmetic logic unit (ALU). The ALU performs mathematical functions and logical operations on data. The ALU can be thought of as the brain of the CPU, and the CPU as the brain of the computer. The control unit manages and synchronizes the system while different applications’ code and operating system instructions are being executed. The control unit is the component that fetches the code, interprets the code, and oversees the execution of the different instruction sets. The program counter register contains the memory address of the next instruction to be fetched. After that instruction is executed, the program counter is updated with the memory address of the next instruction set to be processed. Memory addresses of the instructions and data to be processed are held in registers until needed by the CPU. The CPU is connected to an address bus, which is a hardwired connection to the RAM chips in the system and the individual input/output (I/O) devices. Memory is cut up into sections that have individual addresses associated with them. I/O devices (CD-ROM, USB device, printers, and so on) are also allocated specific unique addresses. If the CPU needs to access some data, either from memory or from an I/O device, it sends a fetch request on the address bus. The fetch request contains the address of where the needed data are located. The circuitry associated with the memory or I/O device recognizes the address the CPU sent down the address bus and instructs the memory or device to read the requested data and put it on the data bus. Now you might say what does this all mean when it comes to security? Memory management and structure still play a big part in how viruses can access your systems.

 

Process management - Different operating system types work within different process models. For example; Unix, and Linux systems allow their processes to create new children processes, which is referred to as forking. Windows systems do not fork new children processes, but instead create new threads that work within the same context of the parent process. The operating system keeps a process table, which has one entry per process. The table contains each individual process’s state, stack pointer, memory allocation, program counter, and status of open files in use. The reason the operating system documents all of this status information is that the CPU needs all of it loaded into its registers when it needs to interact with, for example, process 1. When process 1’s CPU time slice is over, all of the current status information on process 1 is stored in the process table so that when its time slice is open again, all of this status information can be put back into the CPU registers. So, when it is process 2’s time with the CPU, its status information is transferred from the process table to the CPU registers, and transferred back again when the time slice is over. It a programmer does not design within his/her code to manage memory effectively - a hacker can intercept it and use it to gain access to critical system functions. Example:

Thread management - A process is a program in memory. More precisely, a process is the program’s instructions and all the resources assigned to the process by the operating system. It is just easier to group all of these instructions and resources together and control them as one entity, which is a process. A program that has been developed to carry out several different tasks at one time (display, print, interact with other programs) is capable of running several different threads simultaneously. An application with this capability is referred to as a multithreaded application. As the complexity of our systems increases, the potential of truly securing them decreases. There is an inverse relationship between complexity and security. So why am I doing this? Memory and how its stored, managed, and accessed play a key role in modern systems.

Memory Protection Issues - There is many different types of memory and each reacts and works different within a computer system. All of these issues make it more difficult for memory management to be carried out properly in a constantly changing and complex system. Here is just some example of why memory protection is so difficult.

  • Every address reference may need to be validated for protection.
  • Two or more processes can share access to the same segment with potentially different access rights.
  • Different instruction and data types can be assigned different levels of protection.
  • Processes cannot generate an unpermitted address or gain access to an unpermitted segment.
  •  

Moreover, some of the most effective attacks that have happen on computer systems relates to memory. Target Stores are a good example is one of the most recent attacks that was done using what is a called a "memory scraping." hacking the data while the data is still in the memory buffer unencrypted.  

 

Some Solutions for Memory Protection:  

  • Randomize the stack memory allocation
  • Use Canaries (word guards) to detect buffer overflows
  • Stay away from 'libc' string calls in C++
  • Use Stack-Guard, Pro-Police to automate the protection of stacks
  • Check your bounds within your C++ code. Functions that do perform the necessary boundary checking include strncpy(), strncat(), snprintf(), and vsnprintf().

Vendors of different operating systems (Windows, Unix, Linux, Macintosh, etc.) have implemented various types of protection methods integrated into their memory manager processes. For example, Windows Vista was the first version of Windows to implement address space layout randomization (ASLR), which was first implemented in OpenBSD. If an attacker wants to maliciously interact with a process, he needs to know what memory address to send his attack inputs to. If the operating system changed these addresses continuously, which is what ALSR accomplishes this would greatly reduce the potential success of his attack. You can’t mess with something if you don’t know where it is.

 

Architecture Software Design Continued

 

 

Security Architecture Paper - Click to Download
Security_Architecture_LanceW.docx
Microsoft Word document [517.7 KB]

Lance West

 

DigiBrains@msn.com

 

 

  • Cyber-Security

 

  • Information Assurance training

 

  • IT Risk Analysis

 

  • BIA/BCP Development

 

  • Software Security

 

  • Databases
Print | Sitemap
© DigiBrains LLC