Secure Coding in Java

-

Injection Attacks:

  • Interpreted code
  • User input formed maliciously
  • System interprets input as a part of normal operation
  • Unanticipated behavior
Common Types
  • SQL
  • LDAP (Lightweight Directory Access Protocol)
  • XSS/CSS (Cross site scripting)
  • CRLF (Carriage Return and Line Feed)
  • XPath
  • SMTP/IMAP
  • Code injection
  • OS Command injection
  • Host header injection

SQL Injection:

SQL Injection Situation
  • SQL statement formed with variables
  • String concatenation
  • Malicious input repurposes SQL statement
  • Example: foo ' or '1' = ' 1
SQL Injection Prevention
  • Use the concept of PreparedStatement
  • SQL statements accept variable as "?" placeholder
  • Bind variable attached to statements, not query

LDAP Injection:

  • Caused by lack of sanitizing input
  • (&(sn=<USERSN>(userpassword=<USERPASSWORD>))
  • Consider f* for USERSN with * for USERPASSWORD

XPath Injection:

  • Caused by lack of sanitizing input
  • Vey similar to SQL injection in function
  • Can be dangerous in injecting and manipulating data in XSLT contexts
  • Parameterized query input

Sensitive Data Leaks:

  • Any data is controlled by governing body
  • Personal identifiable information (PII)
  • Health Information data
  • Financial Information (PCI)
  • System Information (e.g Stack trace)
  • Confidential Information (Employee data, Financial Info.)
  • Handle all exception through common mechanisms
  • Use consisting messaging 
  • Deny First

Limit Accessibility:

  • Public access for anything safe to be consumed
  • Package private if hidden
  • Package.access
  • Consider method modifiers
  • Seal packages in JAR manifest (Class loader protect)

Mutability:

  • Make a class immutable 
  • Private final attributes
  • Optional private constructors (Static builder pattern)
  • Clone mutable outputs and copy inputs (Work on deep copy not on reference)
  • Create safe copy functionality
  • Don't trust equality
  • Wrapper methods for state change
Why Immutable?
  • Prevent data issues
  • Control all paths in your code
  • Command expected results
  • Prevent bugs, not just security related ones

Extensibility: (Inheritance/Interface)

  • Design classes for inheritance
  • Declare classes final (not extended)
  • Prefer composition to inheritance (Make contract)
  • Superclass features

Build Vulnerabilities:

  • Run a dependency check plugin
  • Use the data and fix dependency versions
  • Java version (Used updated java version and target version properly)
  • Testing (Run unit test)
  • Unit test should include security testing to perform SQL injection
  • Scan your code looking for security flaws
  • Commercial and open-source offerings available
  • Be prepared for false positives

Input Validations:

  • Reusable validation logic (Common framework)
  • Clean and easy to read
  • Consistent error responses
  • Thread safe code
  • Implicit call
  • Bean validation (JSR defined)
  • Default validators (Pattern based etc.)
  • Customizable validators
  • Annotation based
  • Lives on your domain objects
  • Provide for what is accepted (Prefer positive check)
  • Avoid inflexible denials
  • Usually relies on RegEx

Serialization:

  • Mechanics for class data access
  • Bypasses filed access controls
  • Input can be injected maliciously
  • Cannot be avoided for most applications
  • Don't serialize sensitive classes
  •  Guard sensitive data
  • Treat deserialization as object constructions
  • Use SecurityManager 
  • Filter untrusted data

Comments

Post a Comment

Popular posts from this blog

PUTTY - The server's host key is not cached in the registry cache

-
Error: "The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is. The server's rsa2 key fingerprint is: [SSH KEY FINGERPRINT] If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection. Store key in cache? (y/n) y" Answer: Simply run this command in your windows preferred terminal (cmd.exe etc) and agree to accept the host and store the cache: C:\Program Files (x86)\PuTTY\plink.exe -ssh [SSH USERNAME]@[SSH HOST] -P [SSH PORT] echo y | pscp -i /path/to/key/file user@remote:/tmp/file  . echo y | plink -i /path/to/key/file scripts.sh Usually you would hit “y” here, assuming the host key is correct, in order to store it in future connection.  The storage of this goes into the Registry under ...
Read more

OIM-12c Installation - FMW - SOA - IDM

-
Image
Oracle Identity Manager (OIM) 12c Installation Prerequisites: The Oracle Identity Manager software includes the following: 1] Oracle's Java Development Kit (JDK) 1.8 (jdk-8u311-linux-x64.tar.gz) 2]  Fusion Middleware 12.2.1.4.0 3]  SOA Suite 12.2.1.4.0 4] Oracle Identity and Access Management  12.2.1.4.0 What Do You Need? For completing Oracle IDM Setup you will need, Environment as below: Oracle Enterprise Linux 6 or similar, with access to the Internet At least 8GB RAM (16GB recommended) An Oracle Database Enterprise Edition 12 or superior installed and running. Note: Installing a Database for Identity and Access Management (IDM) Suite provides instructions on how to install an Oracle Database that is suitable for Oracle Identity and Access Management Suite. oracle and root user credentials SYS database user credentials Basic understanding of Linux An Oracle Technology Network (OTN) account OIM-11g PS3 Installation Steps: Just for reference https://www.oracle.com/webfol...
Read more

SAML & OAuth 2.0

-
Both SAML (Security Assertion Markup Language) and OAuth 2.0 are widely used protocols for authentication and authorization in web applications, but they serve different purposes. SAML (Security Assertion Markup Language) Purpose: Primarily designed for authentication and single sign-on (SSO) . How it works: A user attempts to access a service provider (SP). The SP redirects the user to an identity provider (IdP). The IdP authenticates the user and sends a SAML assertion to the SP. The SP validates the assertion and grants access to the user. Common use cases: Enterprise applications, government services, and federated identity management systems. OAuth 2.0 Purpose: Designed for authorization , allowing users to grant third-party applications access to their data on a specific service. How it works: A user attempts to access a resource on a service provider. The SP redirects the user to the authorization server. The user grants permission to the application. The authorization s...
Read more