软体品质与资讯安全.PPT

軟體品質與資訊安全 交通大學資訊工程系 黃世昆 Outline Background Software Attack Basic Software Process Vulnerability Software Exploitability Dynamic and Static Defense Conclusion Software Engineering and Worms 1968 (conference on software crisis after IC invention, with more complex software) 1988 (Nov 2) Internet Worm 2001 (July 19) Code Red Worm (after 1988) 2003 (Aug 11) Blaster Worm (impact MS) 2005 Worms Anywhere and Anytime Microsoft Software auto-updates more frequently Software Attack Basic The Strength of Cryptography “128-bit keys mean strong security, while 40-bit keys are weak” “triple-DES is much stronger than single DES” “2,048 RSA is better than 1,024 bit RSA” “lock your front door with four metal pins, each of which in one of 10 positions”. There will be 10,000 possible keys… almost impossible to break in NO !!! Strength of Cryptography Burglars won’t try every possible keys or pick the lock. They smash windows, kick in doors, and use chainsaw to the house wall. Most of us design, analyze and break cryptographic system. Few try to do research on published algorithms, protocols and actual products. From Bruce Schneier We don’t have to try every possible key or even find flaws in the algorithms. We exploit errors in design, errors in implementation, and errors in installation. Sometimes we invent a new trick to break a system, but most of the time we exploit the same old mistakes that designers make over and over again. Security Attack Dynamic Event occur during the execution of a piece of software. Attack made possible: weaknesses must exist in the system sequence of weakness exploiting input signals to the system is required Threat threat: an agent outside of a software system to exploit a vulnerability through attacks Vulnerability potential defect or weakness in an information system knowledge required to exploit the defect State Space Vulnerability System state: current configuration of the entities in the system Authorized or unauthorized state: given initial