CSE 8990-01

Special Topics in Computer Science: Secure Coding

Spring 2007

Homework Assignment 3

Objectives

• Experience designing solutions to mitigate the risks associated with the security flaws.

Assignment

Provide a risk mitigation/remediation solution for each of the security flaws listed below.

Grading

Satisfactory remediation of each security flaw.

Scenario

See the scenario for Homework 2 in homework2.doc which contains the following information.

• A business requirements document for an application
• A list of company policies
• A list of legal requirements
• A high level visual flow of the application

The following are selected security flaws in the requirements/design of Homework 2.

e-Commerce Application:

• Flaw: No authentication
  Risk: Any customer can order merchandise as another customer.
• Flaw: Improper credit card validation
  Risk: The application can be used to validate stolen credit cards. Also, stolen credit cards can be used for purchasing merchandise.
• Flaw: No accountability of customers
  Risk: No security logs exist of purchases and unauthorized transactions for an audit trail.
• Flaw: Privacy Issues – leakage or man-in-the-middle attack in reference to unencrypted information
  Risk: Customer information used during purchasing transactions can be altered or unknowingly collected resulting in identity theft.
• Flaw: Data validation issues
  Risk: An authorized user can use SQL injection to obtain company information such as customer, vendor, and financial information from back-end systems.
• Flaw: Unauthorized transactions
  Risk: Administrative functions can be performed by unauthorized people.
• Flaw: Potential legal issues for shipping out of country (i.e. customs)
  Risk: If purchases are made from customers that are out of country, there will not receive their purchases because provisions were not made for proper customs transactions.

HTG Cash Register Application:

• Flaw: No authentication of Cashiers and Managers
  Risk: The cash register application can be used by any person running the risk of an unauthenticated person stealing money.
• Flaw: No accountability of Cashiers and Managers
  Risk: The cash register application can be manipulated to perform unauthorized transactions such as giving unauthorized discounts to customers and the company loosing money because there is no logging to keep track of a person’s actions.
• Flaw: Physical access to the kiosk disk drives and operating system
  Risk: An authorized or unauthorized person has the ability to install and unauthorized application such as a key logger on to the application to capture customer credit card numbers. Also, authorized and unauthorized persons can download malicious programs to the kiosk that can infect the operating system and cause the applications on the kiosk not to run properly.
• Flaw: Improper credit card validation and use
  Risk: A stolen credit card can be used to purchase merchandise. Also, a customer’s credit card information can be stolen if the credit card receipt component does not print receipts based on the VISA Merchant rules. Finally, the company runs the risk of loosing their VISA Merchant status because the rules for retaining VISA Merchant status were not followed.[32]
• Flaw: Privacy Issues – leakage or man-in-the-middle attack in reference to unencrypted information transmitted back to the central datacenter and potential for key loggers on kiosks
  Risk: Company sales information can be altered during transmission to back-end company systems. Also, customer credit card information and the information collected during the check approval process can be stolen or altered during the data transmission process of authorized purchasing transactions.
• Flaw: Unauthorized transactions because of authentication and accountability issues
  Risk: Sales information can be falsified.

HTG Inventory Application:

• Flaw: No authentication of Vendors
  Risk: Inventory can be requested from the wrong vendor and back-end systems will be updated with wrong inventory status.
• Flaw: No accountability of Vendors
  Risk: Vendors can create invoices for inventory that was never requested and the company would not have any records to dispute the claim.
• Flaw: No data validation of the transactions or messages sent via web services
  Risk: Unclean data will be added to the company back-end systems causing the dependent applications to not perform properly.
• Flaw: Unauthorized transactions because of authentication and accountability issues
  Risk: Vendors can perform transactions to determine how much inventory is being purchased from their competitors.