Introduction to Nanjing hanhaiyuan Security Testing (1)

1. Nature of security issues

The essential understanding of security issues is the key to determining whether the security vulnerability analysis and security testing ideas are correct or not. Nanjing hanhaiyuan Information Technology Co., Ltd. believes that the essence of security issues is the breakthrough or widespread use of permissions and capabilities, all system security problems can be attributed to the breakthrough or widespread use of permissions and capabilities.

 

2. security capability or problem level

In the security model of Nanjing hanhaiyuan Information Technology Co., Ltd., security capabilities include five levels:

Security design: The design does not directly contain specific security vulnerabilities, but is a key factor affecting security vulnerabilities. A poor or security design is not taken into account, the defined security functions, security policies, and security implementations cannot be effectively implemented. Some serious design errors may cause the functions to become security vulnerabilities. Therefore, you can analyze the security design of the system based on the system's system and function design. Analyze the systems and functions that may affect security and the modules involved in these systems and functions, this is the object of key security vulnerability analysis.

Security Functions: security functions are specifically implemented by the system and used for system security protection. In an IT system, you need to implement functions such as identity authentication, encryption, tamper-proofing, and log review based on the system's confidentiality, integrity, and availability requirements, and use the necessary strength and protection scope to ensure that the information and system security requirements are met. If a system with corresponding security requirements lacks corresponding security functions, or the implemented functions do not meet the requirements in terms of strength and protection coverage, or, if some specific conditions cause these functions to become invalid or degraded, it means security vulnerabilities exist. Therefore, from the asset value protected by the system, security risk level, external environment, and external permission object analysis, the system's own requirements for security functions, strengths, and coverage can be obtained, it can also be used as a guide to check and detect whether the system has security vulnerabilities in its own security functions.

Ø security policy: security policy refers to the implementation of specific deployment and configuration of systems and associated systems to ensure specific functions of the system, data and physical entities are not easily obtained or accessed by unauthorized users, or unauthorized users can be promptly discovered or detected for system abuse, or the system data may be irrecoverable due to unexpected events. In IT systems, according to the confidentiality, integrity, and availability requirements of the system, as well as external associated systems and environments, corresponding to the types of threats that the system may face, proposes security policies and coverage for preventing and solving threats, including specific division or implementation methods under specific security policies, such as the minimum Privilege Policy, and analyzes the minimum privilege set and minimum function deployment, analyze the necessary functions. If a system with similar threats lacks corresponding security policies, or the Implementation coverage fails to meet the requirements, or the set is divided incorrectly during implementation, or if these security policies can be invalidated or downgraded due to certain conditions, it means they are prone to security vulnerabilities. Although these points are not necessarily specific security vulnerabilities, the system's vulnerabilities will greatly increase under specific environments and assumptions, attackers may exploit other vulnerabilities that are hard to exploit to easily break through the overall defense of the system. Therefore, from the system security level, external systems and environments, as well as the types of threats to be addressed, combined with the experience of security personnel, we can analyze the security policies and coverage of the system, as well as the requirements of specific indicators and solutions, it can also be used as a guide to check and detect whether the system has security vulnerabilities in its own security policies.

Security Implementation: security implementation means that the system does not take security issues or omissions into account due to design, coding, and other aspects when implementing its own functions, the resulting functions or codes cause attackers to exploit certain vulnerabilities to bypass the protection of system security functions and security policies when processing data, the system has obtained the permissions and capabilities beyond its own limits directly in the internal area of the system. In the IT system, the potential threats of each data stream on the attack interface of the system analyzed based on the threat modeling model, as well as the Data Processing Form on the data stream, combined with security experience, the corresponding types of security vulnerabilities can be obtained. These types of security vulnerabilities are the vulnerabilities that may occur in your code security, such as buffer overflow and SQL injection. If a system with similar threats and data flow operations lacks corresponding detection and prevention measures for these security vulnerabilities, or there are omissions or errors in the implementation of code that do not meet the requirements or that are tested and prevented, or some specific conditions that result in the failure or degradation of these detection and prevention mechanisms, this means that security vulnerabilities exist. Attackers may exploit other vulnerabilities that are hard to exploit to easily break through the overall defense of the system. Therefore, from the system security level, external systems and environments, as well as the types of threats to be addressed, combined with the experience of security personnel, we can analyze the security policies and coverage of the system, as well as the requirements of specific indicators and solutions. We can use this guidance to check and detect whether the system has security vulnerabilities in security policies. Therefore, the attack interface obtained from the system threat model analysis may face specific threat types, combined with the data on the data stream may be processed, combined with security experience, it can be concluded that the system should detect and prevent those types of security vulnerabilities and prevent specific measures for processing specific data streams, it can also be used as a guide to check and detect whether the system has security vulnerabilities in its own security implementation.

Ø external security protection system: a good external defense system can effectively reduce the hazards and availability of known security vulnerabilities and form a defense system in depth. However, with the addition of these external defense systems, they may also have security vulnerabilities that may cause their own protection to be bypassed, and may even become a new attack interface for attackers. Therefore, they are also an important factor affecting security vulnerabilities.