Security Engineering In Vista

Information about Security Engineering In Vista

Published on August 30, 2007

Author: Clown

Source: authorstream.com

Content

How the Security Development Lifecycle (SDL) Improved Windows Vista:  How the Security Development Lifecycle (SDL) Improved Windows Vista Michael Howard [email protected] Senior Security Program Manager Microsoft Corp. 1 Who is this Guy?:  Who is this Guy? [email protected] Microsoft employee for 14 years Always in security A pragmatist! Windows Vista Engineering Process (from 35,000ft!):  Windows Vista Engineering Process (from 35,000ft!) 3 Why All This Security Work?:  Why All This Security Work? 4 Guidance and Education:  Guidance and Education 5 “Quality Gates”:  'Quality Gates' 6 Hang on … What’s SAL?:  Hang on … What’s SAL? 7 Standard Annotation Language:  8 Standard Annotation Language SAL at Work:  9 SAL at Work void FillString( TCHAR* buf, size_t cchBuf, TCHAR ch) { for (size_t i = 0; i andlt; cchBuf; i++) { buf[i] = ch; } } These two arguments are related, but the compiler does not know! SAL at Work:  10 SAL at Work void FillString( __out_ecount(cchBuf) TCHAR* buf, size_t cchBuf, TCHAR ch) { for (size_t i = 0; i andlt; cchBuf; i++) { buf[i] = ch; } } SAL at Work:  11 SAL at Work __out_ecount(cchBuf) Out buffer, function will write to the buffer. Other examples include __in and __inout Element count. Other example includes bcount, byte count. SAL at Work:  12 SAL at Work Warning C6386: Buffer overrun: accessing 'argument 1', the writable size is ‘200*2' bytes, but '420' bytes might be written: Lines: 33, 34 Warning C6387: 'argument 1' might be '0': this does not adhere to the specification for the function 'FillString': Lines: 33, 34 void FillString( __out_ecount(cchBuf) TCHAR* buf, size_t cchBuf, TCHAR ch) { for (size_t i = 0; i andlt; cchBuf; i++) { buf[i] = ch; } } void main() { TCHAR *buff = malloc(200 * sizeof(TCHAR)); FillString(buff,210,_T(’x’)); } Central Analysis (1 of 2):  Central Analysis (1 of 2) 13 char buf[32]; strcpy(buf,src); char buf[32]; strcpy_s(buf,src,32); Central Analysis (2 of 2):  Central Analysis (2 of 2) 14 A Note About Tools:  A Note About Tools 15 Tools DO NOT MAKE SOFTWARE SECURE! They help scale the process and they help enforce policy Threat Analysis:  Threat Analysis 16 External Review:  External Review 17 If all the upfront engineering fails…Windows Vista Defenses:  If all the upfront engineering fails… Windows Vista Defenses 18 Windows Vista Defenses:  Windows Vista Defenses 19 Windows Vista DefensesSecurity Features (1 of 2):  Windows Vista Defenses Security Features (1 of 2) 20 Windows Vista DefensesSecurity Features (2 of 2):  Windows Vista Defenses Security Features (2 of 2) 21 Windows Vista DefensesService Hardening (1 of 2):  Windows Vista Defenses Service Hardening (1 of 2) 22 Windows Vista DefensesService Hardening (2 of 2):  Windows Vista Defenses Service Hardening (2 of 2) 23 Windows Vista Defenses Isolation:  Windows Vista Defenses Isolation 24 Windows Vista DefensesMemory defenses (1 of many):  Windows Vista Defenses Memory defenses (1 of many) 25 Windows Vista DefensesMemory defenses (2 of many):  Windows Vista Defenses Memory defenses (2 of many) 26 Windows Vista DefensesMemory defenses (3 of many):  Windows Vista Defenses Memory defenses (3 of many) 27 Windows Vista DefensesMemory defenses (4 of many):  Windows Vista Defenses Memory defenses (4 of many) 28 Default Exploit Mitigations on Popular Client Operating Systems:  Default Exploit Mitigations on Popular Client Operating Systems 29 Software Security Science:  Software Security Science 30 Summary:  Summary 31 Slide32:  32 Backup Slides:  Backup Slides 33 Banned APIs:  Banned APIs strcpy, strcpyA, strcpyW, wcscpy, _tcscpy, _mbscpy, StrCpy, StrCpyA, StrCpyW, lstrcpy, lstrcpyA, lstrcpyW, _tccpy, _mbccpy strcat, strcatA, strcatW, wcscat, _tcscat, _mbscat, StrCat, StrCatA, StrCatW, lstrcat, lstrcatA, lstrcatW, StrCatBuff, StrCatBuffA, StrCatBuffW, StrCatChainW, _tccat, _mbccat strncpy, wcsncpy, _tcsncpy, _mbsncpy, _mbsnbcpy, StrCpyN, StrCpyNA, StrCpyNW, StrNCpy, strcpynA, StrNCpyA, StrNCpyW, lstrcpyn, lstrcpynA, lstrcpynW strncat, wcsncat, _tcsncat, _mbsncat, _mbsnbcat, StrCatN, StrCatNA, StrCatNW, StrNCat, StrNCatA, StrNCatW, lstrncat, lstrcatnA, lstrcatnW, lstrcatn CharToOem, CharToOemA, CharToOemW, OemToChar, OemToCharA, OemToCharW, CharToOemBuffA, CharToOemBuffW alloca, _alloca wnsprintf, wnsprintfA, wnsprintfW, sprintfW, sprintfA, wsprintf, wsprintfW, wsprintfA, sprintf, swprintf, _stprintf, _snwprintf, _snprintf, _sntprintf, wvsprintf, wvsprintfA, wvsprintfW, vsprintf, _vstprintf, vswprintf, _vsnprintf, _vsnwprintf, _vsntprintf, wvnsprintf, wvnsprintfA, wvnsprintfW strtok, _tcstok, wcstok, _mbstok makepath, _tmakepath, _makepath, _wmakepath, _splitpath, _tsplitpath, _wsplitpath scanf, wscanf, _tscanf, sscanf, swscanf, _stscanf, snscanf, snwscanf, _sntscanf _itoa, _itow, _i64toa, _i64tow, _ui64toa, _ui64tot, _ui64tow, _ultoa, _ultot, _ultow gets, _getts, _gettws IsBadWritePtr, IsBadHugeWritePtr, IsBadReadPtr, IsBadHugeReadPtr, IsBadCodePtr, IsBadStringPtr strlen, wcslen, _mbslen, _mbstrlen, StrLen, lstrlen No Weak Crypto:  No Weak Crypto No new code must use: MD4, MD5, SHA1 (use SHA2 suite) DES (use AES) RC4 (without crypto review) No symmetric keys andlt;128 bits No RSA keys andlt; 1024 bits No weak random number generation No embedded ‘secrets’ Be 'crypt agile'

Related presentations


Other presentations created by Clown

nano technology presentation
30. 08. 2007
0 views

nano technology presentation

TC2000 Presentation AAII
22. 04. 2008
0 views

TC2000 Presentation AAII

chapter 28 notes
17. 04. 2008
0 views

chapter 28 notes

dacorogna
13. 04. 2008
0 views

dacorogna

CH6Slides
09. 04. 2008
0 views

CH6Slides

WHERE DOES WEATHER COME FROM
07. 04. 2008
0 views

WHERE DOES WEATHER COME FROM

ISSJS
30. 03. 2008
0 views

ISSJS

PeakOil
27. 03. 2008
0 views

PeakOil

Scales and Questionnaire Tips
05. 11. 2007
0 views

Scales and Questionnaire Tips

sasaki
17. 06. 2007
0 views

sasaki

Political Cartoons
17. 06. 2007
0 views

Political Cartoons

principles of restoration
17. 06. 2007
0 views

principles of restoration

Revolutionary War Powerpoint
28. 02. 2008
0 views

Revolutionary War Powerpoint

4 How to never get sick again
13. 12. 2007
0 views

4 How to never get sick again

03 RFID
29. 02. 2008
0 views

03 RFID

ch 08 international issues
27. 09. 2007
0 views

ch 08 international issues

MHP in Germany sto v1
12. 10. 2007
0 views

MHP in Germany sto v1

Wireless Broadband Korea Kim
11. 09. 2007
0 views

Wireless Broadband Korea Kim

JimBasney
11. 09. 2007
0 views

JimBasney

Grade 105 Presentation
02. 10. 2007
0 views

Grade 105 Presentation

Dongxian He APAN 2004
11. 10. 2007
0 views

Dongxian He APAN 2004

OWASP Denver Nov 06 presentation
30. 08. 2007
0 views

OWASP Denver Nov 06 presentation

2004 religion Killen Shibley
30. 08. 2007
0 views

2004 religion Killen Shibley

allied partnerships 170505051319
30. 08. 2007
0 views

allied partnerships 170505051319

Satellite Broadcast
30. 08. 2007
0 views

Satellite Broadcast

vslive2005 keynote
28. 11. 2007
0 views

vslive2005 keynote

ADSL QoS
29. 11. 2007
0 views

ADSL QoS

RestaurantsKitchens
07. 12. 2007
0 views

RestaurantsKitchens

Othello 1
01. 11. 2007
0 views

Othello 1

LITERACY CENTERS FOR COACHES
05. 11. 2007
0 views

LITERACY CENTERS FOR COACHES

TKaM jeopardy
05. 11. 2007
0 views

TKaM jeopardy

HR XML Seminaire 16 11 2005
30. 08. 2007
0 views

HR XML Seminaire 16 11 2005

Mangenot1 2
02. 11. 2007
0 views

Mangenot1 2

PDC Review Jay 041118
26. 11. 2007
0 views

PDC Review Jay 041118

ks4 where energy
18. 12. 2007
0 views

ks4 where energy

aula voip
28. 12. 2007
0 views

aula voip

Chapter 7
28. 11. 2007
0 views

Chapter 7

Web CT Student Orient
10. 12. 2007
0 views

Web CT Student Orient

ch7S07govt2302
01. 01. 2008
0 views

ch7S07govt2302

Philadelphia FryODiesel
07. 01. 2008
0 views

Philadelphia FryODiesel

Hafner Eco Eng pres1
03. 01. 2008
0 views

Hafner Eco Eng pres1

psy203s authoritarian
30. 08. 2007
0 views

psy203s authoritarian

MMS Spoofing
30. 08. 2007
0 views

MMS Spoofing

WTFD New
01. 10. 2007
0 views

WTFD New

Presentación Cilca 2005
14. 11. 2007
0 views

Presentación Cilca 2005

rtbbntalk
15. 11. 2007
0 views

rtbbntalk

Chapter32
24. 12. 2007
0 views

Chapter32

Homeland Security Congressional
05. 01. 2008
0 views

Homeland Security Congressional

Recursion
07. 01. 2008
0 views

Recursion

CNOMMeetingICC2006
21. 11. 2007
0 views

CNOMMeetingICC2006

airforce camp brief 1
23. 12. 2007
0 views

airforce camp brief 1

favourites
26. 06. 2007
0 views

favourites

Presentation Atelier Bangkok2
31. 12. 2007
0 views

Presentation Atelier Bangkok2

kerala piravi06
26. 06. 2007
0 views

kerala piravi06

jim quinn
26. 06. 2007
0 views

jim quinn

ioc report
26. 06. 2007
0 views

ioc report

Good Movies
26. 06. 2007
0 views

Good Movies

Generation Gap Trivia
26. 06. 2007
0 views

Generation Gap Trivia

gates
26. 06. 2007
0 views

gates

Fulbright Movies
26. 06. 2007
0 views

Fulbright Movies

food and menus
26. 06. 2007
0 views

food and menus

lecture32
07. 10. 2007
0 views

lecture32

Astra Sales Kit 3 1 06
03. 01. 2008
0 views

Astra Sales Kit 3 1 06

KALEB
26. 06. 2007
0 views

KALEB

milestone6 action
27. 11. 2007
0 views

milestone6 action

game consoles edit
26. 06. 2007
0 views

game consoles edit

303lec13
30. 08. 2007
0 views

303lec13

Fabric Spade Amalgam Chief
26. 06. 2007
0 views

Fabric Spade Amalgam Chief

FY2006 Tourism Media Plan
26. 06. 2007
0 views

FY2006 Tourism Media Plan

F303 Class 18
30. 08. 2007
0 views

F303 Class 18

political humor
17. 06. 2007
0 views

political humor

regional dialects
17. 06. 2007
0 views

regional dialects

Quantifying Quality MASTER
17. 06. 2007
0 views

Quantifying Quality MASTER

PS270Lect14
17. 06. 2007
0 views

PS270Lect14

prosestyles
17. 06. 2007
0 views

prosestyles

2091ppt
14. 12. 2007
0 views

2091ppt

rosary
17. 06. 2007
0 views

rosary

rhetorical devices
17. 06. 2007
0 views

rhetorical devices

Research Paper
17. 06. 2007
0 views

Research Paper

Relationships Presentation
17. 06. 2007
0 views

Relationships Presentation

relationships
17. 06. 2007
0 views

relationships

Polyamory 101class
17. 06. 2007
0 views

Polyamory 101class

Hobbes and Locke
30. 08. 2007
0 views

Hobbes and Locke

fastook no movies
26. 06. 2007
0 views

fastook no movies

En Jean Delion Stigma
02. 01. 2008
0 views

En Jean Delion Stigma

Forbrugeren 2008 1
26. 06. 2007
0 views

Forbrugeren 2008 1

FairTrade
16. 11. 2007
0 views

FairTrade

dyna202 5509
05. 11. 2007
0 views

dyna202 5509

recipes
05. 12. 2007
0 views

recipes

NatureAreaTrees
30. 08. 2007
0 views

NatureAreaTrees

CRAY
11. 09. 2007
0 views

CRAY

enum 6
11. 09. 2007
0 views

enum 6

05 ncs courses
12. 03. 2008
0 views

05 ncs courses

20020913 Moon Soo Kang
11. 09. 2007
0 views

20020913 Moon Soo Kang

epomodule
08. 11. 2007
0 views

epomodule

goetz vortragenergie2302
22. 11. 2007
0 views

goetz vortragenergie2302

The Black Power 000
30. 08. 2007
0 views

The Black Power 000

FA05 cs294 5 lecture 6 final
20. 11. 2007
0 views

FA05 cs294 5 lecture 6 final

etherb
01. 01. 2008
0 views

etherb

SDE Presentation
30. 08. 2007
0 views

SDE Presentation

AFuelsCall1 032305
26. 02. 2008
0 views

AFuelsCall1 032305

11th meeting Shuji Shimizu
09. 10. 2007
0 views

11th meeting Shuji Shimizu

2 Fleet Manegement
23. 11. 2007
0 views

2 Fleet Manegement

Biophysics GYoon
04. 01. 2008
0 views

Biophysics GYoon