Secure Coding Guidelines
Security plays a critical role in the implementation of business operations based on any new technologies.
The main purpose of a secure coding guideline is to guide the developer/ programmer to develop a secure application. To reduce the e the security vulnerabilities caused by programmer error, developers should adhere to recommended coding guidelines.
The general Coding Guidelines that needs to be followed are:
- Assume nothing on user input.
- Formulate validation criteria for all user input.
- Enforce the validation criteria on all user input.
- Validate the data on a trusted machine (the server).
- Trust only what you validated.
- Use multiple-tier validations.
- Only data known to be good is allowed into the system
- Unknown, unrecognized or evil data is rejected.
For example, an input field consisting of user name can be checked for characters that are allowed to be in a user name (e.g. alphanumeric characters). The input field can be checked for hazardous characters such as an apostrophe, or for forbidden patterns such as double hyphen.
Trusting user input is the number one enemy of web application security. The major source for user input in a web application is the parameters submitted in HTML forms. Failing to validate these parameters may result in a severe security hole.
Consider this query which is querying a back end Data Base server, assuming the variables “user” and “password” are taken as-is from the user input.
SqlQuery my_query = new SqlQuery(“SELECT * FROM table WHERE _user='” + user +”‘ AND _password='” + password + ‘”‘, _connection);
Let’s look at the result
While this looks relatively innocent, it in fact opens the gate to a most vicious SQL injection attack. By choosing the input field “user” to be ‘ OR 1=1’ the attacker can probably log- in into the system as an arbitrary user. A refinement of this is (assuming the attacker knows that the super-user’s user name is “admin”) to inject the data admin as the user field, in which case the attacker will be logged in as the super-user. And finally, it may be possible to execute shell commands, simply by appending the appropriate call right after the query
There are several types of field validator. In this case, we can use a regular expression validator (i.e. we use a validator that enforces that the user input field matches a given regular expression). In order to block the attack shown above, we need to forbid the apostrophe character, thus taking the negative security approach – “[^’]*”. Better yet, we can formulate a regular expression that allows only alphanumeric characters for this field (thus taking the positive security approach) – “[a-zA-Z0-9]*”.
By incorporating and correctly using the field validator mechanism, the developer can programmatically secure all input fields of the application against attacks such as cross site scripting and SQL injection.
Information leakage happens whenever a system that is designed to reveals some information to unauthorized parties.
Information about the application internals leaks out
Problem with the configuration file.
… (no <machineKey> element)
Encrypt the data using some algorithm like 3DES etc..