本書以軟件生命周期為脈絡(luò)��,以軟件安全風(fēng)險(xiǎn)評(píng)估��、風(fēng)險(xiǎn)控制技術(shù)及軟件安全評(píng)估指標(biāo)�、軟件安全能力成熟度指標(biāo)為引領(lǐng),將安全理念�����、安全模型����、安全方法與常見的軟件過程模型相融合,系統(tǒng)介紹在軟件開發(fā)的每個(gè)環(huán)節(jié)保障軟件安全的原理和方法�,包括安全需求分析、安全設(shè)計(jì)�����、安全編碼����、安全測(cè)試及軟件部署運(yùn)維中安全配置與軟件加固等各環(huán)節(jié)的流程與常用方法,用于全面指導(dǎo)軟件安全開發(fā),樹立軟件開發(fā)人員的安全意識(shí)����,以期減少或杜絕軟件的安全問題,提高軟件的抗攻擊能力和安全可信度�,助力軟件在各領(lǐng)域、各行業(yè)的推廣應(yīng)用�����。本書適用于高等院校的計(jì)算機(jī)科學(xué)與技術(shù)�����、軟件工程����、網(wǎng)絡(luò)空間安全、信息安全專業(yè)的本科生����,也適用于與軟件開發(fā)相關(guān)的其他各類學(xué)生或軟件開發(fā)從業(yè)者��。
張仁斌�����,合肥工業(yè)大學(xué)計(jì)算機(jī)與信息學(xué)院副教授,2004年參與合肥工業(yè)大學(xué)新成立的信息安全專業(yè)的專業(yè)建設(shè)���,并承擔(dān)《計(jì)算機(jī)病毒與反病毒》課程教學(xué)工作�����,此后陸續(xù)承擔(dān)《計(jì)算機(jī)網(wǎng)絡(luò)系統(tǒng)實(shí)踐》《網(wǎng)絡(luò)工程師綜合實(shí)訓(xùn)》��、《軟件安全》《信息安全專業(yè)導(dǎo)論》《系統(tǒng)與軟件安全綜合設(shè)計(jì)》等多門課程的主講或?qū)嵺`指導(dǎo)�����;主編國(guó)家"十一·五”規(guī)劃教材1部(計(jì)算機(jī)病毒與反病毒技術(shù)����,第1主編)���、安徽省"十一·五”規(guī)劃教材1部(網(wǎng)絡(luò)與信息安全系列課程實(shí)踐教程��,第2主編)����,參編教材2部。主持安徽省教育廳教學(xué)研究課題《計(jì)算機(jī)病毒與網(wǎng)絡(luò)攻防教學(xué)研究與實(shí)踐》�、虛擬仿真實(shí)驗(yàn)教學(xué)項(xiàng)目《工控網(wǎng)絡(luò)攻防虛擬仿真實(shí)驗(yàn)教學(xué)》;主持安徽省年度重點(diǎn)項(xiàng)目8項(xiàng)�;參與省市科技攻關(guān)項(xiàng)目、863項(xiàng)目13項(xiàng)�;公開發(fā)表學(xué)術(shù)論文20余篇。
第1 章 軟件與軟件安全······································································································1
1.1 軟件安全范疇········································································································1
1.1.1 軟件與軟件安全的定義····················································································1
1.1.2 軟件缺陷與漏洞·····························································································3
1.1.3 軟件漏洞分類································································································6
1.1.4 軟件安全與其他安全的關(guān)系···········································································.12
1.2 軟件安全現(xiàn)狀·····································································································.15
1.2.1 軟件安全總體情況·······················································································.15
1.2.2 系統(tǒng)軟件安全現(xiàn)狀·······················································································.17
1.2.3 應(yīng)用軟件安全現(xiàn)狀·······················································································.18
1.2.4 開源軟件安全現(xiàn)狀·······················································································.19
1.3 安全事件的根源··································································································.21
1.3.1 軟件漏洞是安全問題的焦點(diǎn)···········································································.21
1.3.2 產(chǎn)生軟件漏洞的原因····················································································.24
1.4 緩解軟件安全問題的途徑與方法··········································································.27
1.4.1 緩解軟件安全問題的基本策略········································································.27
1.4.2 緩解軟件安全問題的工程化方法·····································································.28
1.4.3 軟件安全問題的標(biāo)準(zhǔn)化��、規(guī)范化解決之路·························································.29
1.4.4 緩解軟件安全問題的技術(shù)探索與舉措·······························································.31
實(shí)踐任務(wù)···················································································································.34
任務(wù)1:相對(duì)路徑攻擊···························································································.34
任務(wù)2:SQL 注入攻擊··························································································.35
思考題······················································································································.35
第2 章 軟件的工程化安全方法·························································································.36
2.1 軟件工程概述·····································································································.36
2.1.1 軟件的發(fā)展過程··························································································.36
2.1.2 軟件危機(jī)···································································································.37
2.1.3 軟件工程···································································································.38
2.1.4 軟件生命周期·····························································································.40
2.2 軟件過程模型·····································································································.43
2.2.1 瀑布模型···································································································.44
2.2.2 快速原型模型·····························································································.45
2.2.3 增量模型···································································································.46
2.2.4 螺旋模型···································································································.47
2.2.5 微軟MSF 過程模型······················································································.48
2.3 軟件質(zhì)量與軟件的安全特性·················································································.49
2.3.1 軟件質(zhì)量···································································································.50
2.3.2 軟件的安全特性··························································································.52
2.3.3 軟件安全特性與軟件質(zhì)量的關(guān)系·····································································.53
2.3.4 確定所需安全特性·······················································································.54
2.3.5 改善軟件的安全特性····················································································.55
2.3.6 功能安全��、安全功能與軟件安全·····································································.59
2.4 軟件安全過程模型······························································································.59
2.4.1 微軟SDL 模型····························································································.60
2.4.2 安全接觸點(diǎn)過程模型····················································································.64
2.4.3 實(shí)施軟件安全過程的建議··············································································.68
2.5 軟件安全開發(fā)初體驗(yàn)···························································································.72
2.5.1 賬號(hào)安全···································································································.72
2.5.2 簡(jiǎn)單的口令驗(yàn)證及其破解示例········································································.74
2.5.3 用戶操作的隨意性·······················································································.77
實(shí)踐任務(wù)···················································································································.80
任務(wù)1:網(wǎng)絡(luò)監(jiān)聽與https 的配置··············································································.80
任務(wù)2:MD5 動(dòng)態(tài)加鹽防篡改·················································································.80
任務(wù)3:暴力破解登錄密碼·····················································································.81
思考題······················································································································.82
第3 章 軟件安全風(fēng)險(xiǎn)管理·······························································································.82
3.1 風(fēng)險(xiǎn)管理的基本過程與方法·················································································.82
3.1.1 風(fēng)險(xiǎn)管理的定義··························································································.82
3.1.2 軟件安全風(fēng)險(xiǎn)評(píng)估基本要素及其關(guān)系·······························································.83
3.1.3 軟件安全風(fēng)險(xiǎn)評(píng)估基本流程···········································································.85
3.1.4 手動(dòng)評(píng)估和工具輔助評(píng)估··············································································.89
3.1.5 風(fēng)險(xiǎn)控制···································································································.90
3.2 軟件安全風(fēng)險(xiǎn)評(píng)估······························································································.90
3.2.1 評(píng)估準(zhǔn)備···································································································.91
3.2.2 軟件安全風(fēng)險(xiǎn)識(shí)別·······················································································.93
3.2.3 軟件安全風(fēng)險(xiǎn)分析·······················································································.95
3.2.4 基于DREAD 模型的威脅評(píng)級(jí)········································································.97
3.2.5 基于標(biāo)準(zhǔn)的漏洞等級(jí)劃分··············································································.99
3.2.6 基于形式化方法的軟件安全風(fēng)險(xiǎn)評(píng)估·······························································103
3.3 軟件安全風(fēng)險(xiǎn)控制······························································································108
3.3.1 基于風(fēng)險(xiǎn)管理框架的安全風(fēng)險(xiǎn)控制··································································108
3.3.2 基于軟件項(xiàng)目風(fēng)險(xiǎn)管理的安全風(fēng)險(xiǎn)控制···························································.111
3.3.3 軟件供應(yīng)鏈安全風(fēng)險(xiǎn)控制·············································································.111
3.4 軟件安全能力成熟度模型····················································································112
3.4.1 安全性能力成熟度模型·················································································113
3.4.2 軟件保障成熟度模型····················································································117
3.4.3 安全構(gòu)建成熟度模型····················································································125
3.4.4 系統(tǒng)安全工程能力成熟度模型········································································129
實(shí)踐任務(wù)···················································································································137
任務(wù)1:Web 安全現(xiàn)狀調(diào)研與Web 應(yīng)用防火墻(WAF)原理分析···································137
任務(wù)2:CWE“軟件開發(fā)視圖”(CWE-699)研習(xí)························································138
思考題······················································································································138
第4 章 軟件需求與安全需求····························································································139
4.1 軟件需求與需求工程···························································································139
4.1.1 軟件需求的定義與分類·················································································139
4.1.2 需求工程概述·····························································································143
4.1.3 安全需求工程·····························································································144
4.2 需求引出············································································································145
4.2.1 需求引出過程·····························································································145
4.2.2 安全需求引出源··························································································147
4.2.3 提取安全需求的基本方法··············································································150
4.3 需求分析建��!ぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁ150
4.3.1 分析建模的任務(wù)··························································································150
4.3.2 需求分析的基本方法····················································································151
4.3.3 安全需求分析的策略與方法···········································································157
4.3.4 基于誤用例和濫用例的安全需求分析·······························································169
4.4 需求定義與需求驗(yàn)證···························································································173
4.4.1 需求定義···································································································173
4.4.2 需求驗(yàn)證···································································································176
4.5 安全質(zhì)量需求工程簡(jiǎn)介························································································178
4.6 需求變更及其風(fēng)險(xiǎn)控制························································································180
4.6.1 需求變更···································································································180
4.6.2 需求變更的負(fù)面影響····················································································181
4.6.3 需求變更風(fēng)險(xiǎn)控制·······················································································182
實(shí)踐任務(wù)···················································································································182
任務(wù)1:結(jié)構(gòu)化需求分析························································································182
任務(wù)2:基于誤用例的安全需求分析·········································································183
思考題······················································································································183
第5 章 安全設(shè)計(jì)·············································································································184
5.1 軟件設(shè)計(jì)概述·····································································································184
5.1.1 軟件設(shè)計(jì)基本概念·······················································································184
5.1.2 軟件概要設(shè)計(jì)·····························································································184
5.1.3 軟件詳細(xì)設(shè)計(jì)·····························································································191
5.2 安全設(shè)計(jì)及其原則······························································································191
5.2.1 安全設(shè)計(jì)目標(biāo)與設(shè)計(jì)內(nèi)容··············································································191
5.2.2 安全設(shè)計(jì)原則·····························································································192
5.2.3 制訂安全計(jì)劃·····························································································196
5.3 安全策略與安全模型···························································································197
5.3.1 多級(jí)安全策略·····························································································197
5.3.2 商業(yè)安全策略·····························································································198
5.3.3 安全模型···································································································199
5.3.4 面向云計(jì)算的訪問控制·················································································201
5.4 威脅建����!ぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁぁ201
5.4.1 威脅建模的作用··························································································201
5.4.2 威脅建模方法·····························································································202
5.4.3 威脅建模過程·····························································································207
5.4.4 威脅建模示例·····························································································210
5.5 基于復(fù)用的軟件安全設(shè)計(jì)····················································································216
5.5.1 攻擊樹及其緩解措施的復(fù)用···········································································216
5.5.2 基于安全模式的軟件設(shè)計(jì)··············································································216
5.5.3 常用安全功能設(shè)計(jì)·······················································································217
5.6 基于容錯(cuò)技術(shù)的功能安全設(shè)計(jì)··············································································223
5.6.1 軟件容錯(cuò)···································································································223
5.6.2 基于容錯(cuò)的抗攻擊措施·················································································225
5.7 軟件體系結(jié)構(gòu)與安全設(shè)計(jì)分析··············································································226
5.7.1 軟件體系結(jié)構(gòu)·····························································································226
5.7.2 軟件體系結(jié)構(gòu)復(fù)用·······················································································230
5.7.3 安全體系結(jié)構(gòu)·····························································································234
5.7.4 體系結(jié)構(gòu)分析與安全設(shè)計(jì)分析········································································238
5.7.5 安全設(shè)計(jì)常見問題·······················································································240
實(shí)踐任務(wù)···················································································································240
任務(wù)1:結(jié)構(gòu)化設(shè)計(jì)與威脅建模···············································································240
任務(wù)2:安全體系結(jié)構(gòu)設(shè)計(jì)·····················································································241
任務(wù)3:訪問控制設(shè)計(jì)···························································································241
思考題······················································································································242
第6 章 安全編碼與代碼審核····························································································243
6.1 軟件編碼概述·····································································································243
6.1.1 軟件編碼···································································································243
6.1.2 編碼規(guī)范···································································································244
6.1.3 代碼檢查···································································································246
6.2 安全編碼規(guī)范·····································································································247
6.2.1 安全編碼建議·····························································································247
6.2.2 應(yīng)用軟件安全編程國(guó)家標(biāo)準(zhǔn)···········································································250
6.2.3 SEI CERT 安全編碼系列標(biāo)準(zhǔn)··········································································257
6.2.4 ISO/IEC C 安全編碼規(guī)則···············································································269
6.2.5 面向特定行業(yè)領(lǐng)域的安全編碼規(guī)則··································································270
6.3 安全編碼過程管理與代碼安全審核·······································································273
6.3.1 安全編碼過程管理·······················································································273
6.3.2 源代碼靜態(tài)安全分析····················································································274
6.3.3 代碼安全審核·····························································································278
實(shí)踐任務(wù)···················································································································281
任務(wù)1:安全登錄模塊的實(shí)現(xiàn)··················································································281
任務(wù)2:代碼安全分析···························································································282
任務(wù)3:ASLR�����、DEP 與棧保護(hù)················································································282
思考題······················································································································283
第7 章 軟件測(cè)試與安全分析····························································································284
7.1 軟件測(cè)試············································································································284
7.1.1 軟件測(cè)試及其目標(biāo)·······················································································284
7.1.2 軟件測(cè)試基本原則·······················································································285
7.1.3 軟件測(cè)試分類·····························································································286
7.1.4 軟件測(cè)試過程·····························································································289
7.1.5 軟件測(cè)試過程模型·······················································································291
7.2 軟件安全測(cè)試·····································································································293
7.2.1 安全測(cè)試及其與傳統(tǒng)測(cè)試的區(qū)別·····································································294
7.2.2 軟件安全測(cè)試分類·······················································································295
7.2.3 軟件安全測(cè)試基本流程·················································································300
7.3 二進(jìn)制程序安全分析···························································································303
7.3.1 語法語義與二進(jìn)制程序分析···········································································304
7.3.2 二進(jìn)制代碼分析常用技術(shù)··············································································307
7.3.3 二進(jìn)制代碼相似性分析·················································································309
7.4 典型的軟件安全測(cè)試技術(shù)····················································································312
7.4.1 典型安全測(cè)試技術(shù)概述·················································································312
7.4.2 模糊測(cè)試···································································································313
7.4.3 滲透測(cè)試···································································································319
7.5 軟件安全合規(guī)性審核···························································································321
實(shí)踐任務(wù)···················································································································321
任務(wù)1:基于AWVS 的Web 漏洞掃描·······································································321
任務(wù)2:基于AFL 的模糊測(cè)試·················································································322
思考題······················································································································323
第8 章 軟件部署運(yùn)維與軟件保護(hù)·····················································································324
8.1 軟件部署與安全配置···························································································324
8.1.1 軟件部署···································································································324
8.1.2 安全配置···································································································325
8.1.3 應(yīng)用程序的容器化部署·················································································326
8.2 系統(tǒng)運(yùn)維與應(yīng)急響應(yīng)···························································································327
8.2.1 系統(tǒng)運(yùn)維···································································································327
8.2.2 應(yīng)急響應(yīng)···································································································328
8.3 軟件保護(hù)與軟件加固···························································································330
8.3.1 軟件反逆向分析··························································································330
8.3.2 軟件防篡改································································································333
8.3.3 軟件版權(quán)保護(hù)·····························································································335
8.3.4 軟件加固···································································································336
實(shí)踐任務(wù)···················································································································338
任務(wù)1:Web 應(yīng)用Java Script 代碼安全發(fā)布································································338
任務(wù)2:Apache HTTP 服務(wù)器安全配置······································································338
思考題······················································································································339
參考文獻(xiàn)··························································································································340
書單推薦
