Tag Archives: database applications

A Program in a Program in a Program

2 May 2015

In the past weeks I did a lot security assessments for complex applications. I always use the Socratic Method – i.e. dialogues in small groups with subject matter experts (SME) and support from infrastructure specialists where required. No rocket science! The only but important thing new is, that we look at the applications from the malicious insider’s view.

And, for sure we do a 360-degree assessment which includes

  • People, Processes, Technology,
  • Servers, Middleware, Databases,
  • Interfaces to other Applications and to Infrastructure systems.

Our talks were very fruitful. And it was amazing to see, how fast people have become familiar to the malicious insider’s view.

When it comes to secure operation of databases lots of experts from various disciplines are involved because the database is a complex application for itself. Hardening of a database without hardening the underlying operating system, the application and the middleware makes no sense. Security standards have to be defined and implemented for servers, databases and application components to achieve a good overall security level. Moreover security standards must undergo continuous development because the threat situation is fast developing.

Thus an application security program comprises nested programs for the building blocks of applications.

For each building block security baselines have to be defined in interdisciplinary teams.

In addition a team of innovators is required for continuous development of the baselines.

And a knowledge management team to make sure that all teams share their knowledge of threats, lessons learned from major data breaches and mitigation best practice.

In particular knowledge management is the one of the weak points of many security programs…

Have a good weekend!


14 February 2015

I just finished a week of hard work. Some application owners asked me to run a (short!) security assessment for a single sign-on module they use in their internal database applications.

With the help of an application manager and a copy of the PLSQL code I started developing a threat model. Thanks to the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) frame developed by Microsoft, I was able to get a good understanding of the system and its weaknesses.

Generally threat modeling does not include a review of the program code. But in this case a closer look at the code was very helpful for understanding of the information flows and for answering the questions posed by STRIDE.

I can only recommend to every system development project: Start threat modeling as early as possible to get the most of it. Software quality and system security will increase dramatically, at no more costs.

Happy Valentine’s Day!