Principles of Microsoft Application Security
Application security covers all activities related to securing application software throughout its lifetime. Application software is any computer software that allows users to perform specific tasks. Examples of these tasks are sending and receiving email, browsing the web, creating a document or spreadsheet, or entering orders for materials. Ensuring application software security includes ensuring security during design, development, testing, deployment, maintenance, and retirement. All too often, organizations view application security as a deployment issue. Security must begin earlier in the design and development process. In this chapter, you’ll study how to harden software after it has been completed or acquired by your organization.
A secure application is one that protects each of the three C-I-A properties of data security at all times. The three C-I-A properties are confidentiality, integrity, and availability. Check that your software, whether developed in-house or licensed, makes the data it manages available to authorized users on demand while denying access to unauthorized users. This chapter applies to any application software running on a server or client computer. Your applications provide access to data. They must also make certain that only authorized users can view or modify data based on your organization’s specific security restrictions. In short, application security is all about ensuring that your applications add at least one more layer of controls between users and your data.
Common Application Software Attacks
Understanding the basic principles of securing applications starts with understanding how attackers damage applications. Hackers have many ways to harm applications. Several approaches are more common and deserve the most attention. The more common types of attacks include:
Malformed input—This is one of the most common types of attack. Computer criminals provide input to an application that is designed to cause results the developers did not intend. They use malformed input to crash programs, disclose or modify data, or hijack connections.
Privilege escalation—This adds more authority to the current session than the process should possess. There are several methods to escalate privileges, and all compromise the access control lists (ACLs) you have in place to limit data and resource access.
Denial of service (DoS)—DoS attacks focus on either making the application or network slow enough that it can’t respond to user requests in a timely manner or crashing the application. Either way, users can’t get to the data they need.
Identity spoofing—This means assuming the identity of another user. Spoofing means masquerading as another person or process. In most cases, the other user is one who possesses more privileges, and this greater access allows an attacker to get into more data and resources. In some cases, hackers use identity spoofing just to hide their own identities—not to escalate privileges.
Direct file or resource access—This refers to exploiting holes in access controls that allow a user to directly access files or other resources. If your application allows direct object access, users may be able to bypass normal access controls.
Extra-application data access—This means accessing your application’s data outside the application. This could be from the operating system or from another program, or by just taking or copying backup media.
Each of these attacks is preventable. Some of the controls to stop attacks, such as processing malformed input, depend on the application’s design. You can implement additional controls to stop other attacks. Just as operating systems need to be hardened to be as secure as possible, it is just as important to follow steps to harden each application you run on any computer.
Hardening Applications
Hardening applications generally follows several steps. The specific actions differ from application to application, but the overall strategy remains the same. Here are the general steps to hardening applications:
Install the application using only the options and features you plan to use.
After installing the application, remove any default user accounts and sample data, along with any unneeded files and features.
Configure the application according to the principle of least privilege.
Ensure your application has all of the latest available security patches applied.
Monitor application performance to verify that your application adheres to security policy.
Keep general guidelines in mind and follow the recommendations for each type of application software. You’ll end up with a far more secure environment than when you started.