Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
27 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
Strongly Typed
|
Java can't access the host computer's memory.
|
Only objects for which the program has a reference can be accessed, can only perform operations that are valid for that object
|
|
|
Classes
|
Java programs are composed of classes, a class defines a collection of data fields, functions and methods that operate on those fields
|
Instances of classes are objects
|
|
|
System Modification
|
Attack that alters the client's computing system
|
Example: Deletes files, changes memory
|
|
|
Invasion of Privacy
|
Attack that steals client's confidential data
|
Example: Steals passwords, credit card numbers ect.
|
|
|
Denial of Service
|
Attack that exhaust's client's computing resource
|
Example: Filling a file system, using up all of systems memory
|
|
|
Antagonism
|
Just annoying as ****
|
|
|
|
3 Components of Java Security Model
|
The Bytecode Verifier, The Class Loader, The security Manager
|
Security depends on all of these parts working together
|
|
|
ByteCode Verifier
|
Checks to see if code is valid, makes sure things are in the correct format. Does check during class loading (loading byte code in the vm, very effecient) , both static and runtime checks. Checks the class tags associated with all java objects. Checks legal references
|
Example: Checks of methods are called with the appropriate number and types of arguments
|
|
|
Class Loader
|
Loads the byte code in the VM and constructs corresponding classes. Manages namespaces, can't have confusion about defintions. Originally meant to be extensible where users can add their own class loaders, but an attacker could load their own security manager and trick you.
|
Example: Final classes are not subclassed and final methods are not overridden. OR Unique class object to which any class name maps within the purview of the applets form the same directory on the same web server
|
|
|
Security Manager
|
Reference Monitor - Decides if requested operations should be allowed. Does a stack inspection
|
Example: A class loader is allowed to create a class of a given name
|
|
|
Primordial Class Loader
|
Bootstrap the Java environment, loading API classes
|
|
|
|
Class Loader Objects
|
Written in Java and can be extended, loads other classes in a heirarchy
|
Each applet gets its own class loader.
|
|
|
Loading Procedure
|
Consults primordial class loader, security manager still makes the real choices, then checks the class file with the verifier
|
|
|
|
Java VM
|
A virtual machine that keeps things away from computer memory
|
Seperates the applet from the operating system
|
|
|
Type Confusion Attack
|
Creates 2 references with different types to the same object
|
|
|
|
Security Manager Trust Model
|
Increasingly refined over time from white and black to "shades of gray" Can configure the policy now
|
1.0.2 - any applet was untrusted. 1.1 - Unsigned applets were untrusted, trusted were isgned applets. Introduced code signing. 1.2 and beyond- many shades of gray.
|
|
|
ActiveX
|
Software freamework created by microsoft that checks security and digitally signs web applications - specifically those made by microsoft
|
|
|
|
DNS
|
Domain Name System, hierarchical naming system for computers, translates memory names and IP addresses
|
|
|
|
SQL Injection
|
Adding your own script and ***** up the SQL and database, when the database scans it, the script gets executed
|
|
|
|
Input Validation HTML
|
A way to detect unauthorized inputs. Sometimes just finding characters, other times more complicated
|
|
|
|
Cross Site Scripting (XSS)
|
XSS vulnerabilities allow the generation of dynamic HTML contents with invalidaded inputs that do different things. These inputs are interpreted by browsers while rendering web pages.
|
|
|
|
Stored XSS
|
Occur when dynamic HTML contents are generated from unprotected info stored in persistance stroage. Content you provide is brought to another browser.
|
Example: Typing a script in to a comment, the server will serve the comment back to the next user who views it and the user's browser will execute the script. Or can transfer cookies to another sie
|
|
|
Reflected XSS
|
Sends email with linke that is a script instead of a file name. Echos back a script not a file name.
|
Name comes from the echo command?
|
|
|
DOM Based XSS
|
Modifieds the DOM "environment" in the victim's browser used by client-side script. Using a ? hides the activity from the server
|
Harder to fix because the server can't see it. Client side problem
|
|
|
Cross site request forgery
|
Serves a form to a user and lets them update their email but actually sends the info to a bad site.
|
Can change the email to something else?
|
|
|
Sanitization
|
Server should try to detect a script
|
attackers can point to javascript using push pull methods or calling images or using html. This is super hard to do. Nothing really works but there are resources
|
|
|
XSS Defense
|
Santization or filtering, encoding or eliminating dangrous constructs in untrusted data.
|
Super hard to get through the filter
|
