Lessons learned from offline assessment of security-critical systems: the case of microsoft’s active directory

Ebad, Shouki A.

doi:10.1007/s13198-021-01236-2

Cited by 14 publications

(8 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The secure source code essential can be considered in the former case, and security requirements in the latter case because the assessment may mean validation of requirements and specifications. The meaning might be different whether the assessment was conducted offline or online ‎[9]. Some of these ambiguities might come from English words that can be mapped to different logical interpretations and cannot be removed from the course description by automation specialists.…”

Section: Discussionmentioning

confidence: 99%

“…When issuing certificates and transcripts to students from universities that use two different names for the same courses and programs, and both are recognized by one authority or ministry, the only difference is the name of the course. According to the master's program in cybersecurity at the University of Nevada 9 , the reason behind this difference may simply come down to regional preference-American authors tend to use cybersecurity as one word, whereas British professionals tend to use two words for cyber security. Regardless of this difference, the recommendation is to unify the term.…”

Section: Secure Design Principlesmentioning

confidence: 99%

See 1 more Smart Citation

What topics should or should not be included in software security education—Qualitative content analysis

Ebad

2022

Comp Applic In Engineering

Self Cite

View full text Add to dashboard Cite

Software security education is still not preparing students for the types of high‐skilled technical roles that represent the most severe workforce shortage. Recognizing this, academia has begun redefining the knowledge area concepts of software security curricula to meet the current workforce shortage. This article studies the software security courses in Arab Gulf academic programs and benchmarks their descriptions with the corresponding knowledge area from cybersecurity Curricula (CSEC). 2017, the first set of global cybersecurity curricular guidelines. Using content analysis, six concepts or essentials are investigated: security requirements, secure design principles, secure source code, analysis and testing, patch, and ethics. It was found that no course follows all the CSEC. 2017 essentials. The analysis and testing essential were considered by all courses, and security after deployment, including the patch essential, needs more attention because it was not included in any course. Similarly, the security requirements and ethics essentials were also considered by a few courses. However, software success depends on requirements, and ethics has become critical in the cybersecurity and information assurance fields that depend on law and forensics. The secure source code essential was covered by most courses. The well‐known types of code attacks were covered, and over half of the courses discussed secure design principles essential. However, security by design is an emerging development philosophy. The article discussed observations and recommendations that will assist program managers and their staff in making effective decisions about the essentials and concepts that should be included when they are developing the software security curriculum.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Secure Design Principlesmentioning

confidence: 99%

What topics should or should not be included in software security education—Qualitative content analysis

Ebad

2022

Comp Applic In Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

“…The malicious actor could then log on as a domain administrator using the PKINIT authentication defined in RFC 4556. A compromised AD allows malicious actors to potentially gain access to the network's most vital systems and resources, or obtain administrator privileges, thereby allowing control over the entire domain (Ebad, 2022).…”

Section: Microsoft Ndes Security Risksmentioning

confidence: 99%

On The Zero-Trust Intranet Certification Problem

Botha-Badenhorst,

McDonald,

Barbour

et al. 2024

iccws

View full text Add to dashboard Cite

Securing corporate networks and ensuring the trustworthiness of network resources are critical security concerns for organisations in today's interconnected digital landscape. The zero-trust security model is an approach to designing and implementing ICT systems which prescribes that clients and servers cannot be trusted automatically, even when connected to networks traditionally considered trusted. The implementation of the zero-trust model within the corporate intranet requires a secure method to verify the identity of local servers. On the Internet, trust in the identity of public servers is established by well-known public Certificate Authorities (CAs), which issue digital certificates to securely identify servers. However, local intranet servers exist within the internal address space of the network. Consequently, it is impossible to naturally obtain digital certificates for these servers, validly signed by a public CA, without publicly disclosing sensitive information such as intranet server Domain Name System (DNS) records. This leaves organisations with the option of relying on endpoint management systems to install custom CA root certificates on all corporate browsers or, in some cases, ignoring the problem altogether. In this paper, we draw on practical experience in the deployment of cybersecurity devices in corporate intranets to formally define the intranet certification problem. We specify five requirements that a solution to this problem must satisfy. We then conduct a comprehensive review of existing candidate solutions and academic research relevant to the intranet certification problem. Specifically, existing ICT systems for public key infrastructure and endpoint management are identified and evaluated with respect to their ability to meet the stated requirements for solving the intranet certification problem, as well as their cost. Our study reveals that solutions that meet the technical and security requirements of the intranet certification problem are beyond the reach of smaller private sector companies and public sector organisations in underdeveloped and emerging economies. The high cost and technical expertise required for their implementation and management render these solutions impractical. Consequently, by relying on servers with self-signed certificates, these entities inadvertently leave their servers susceptible to impersonation, information theft, and unauthorised resource access, thus violating the fundamental principles of the zero-trust model. We conclude that a gap exists for a simple, cost-effective, and easily managed solution to the intranet certification problem.

show abstract

“…Such a method fails the psychological acceptability principle. Users have been harangued for decades to pick hard-to-guess passwords, not share them, not use the same one in multiple places, and so on [22]. In reality, several people do not comply those rules [9].…”

Section: ) Are There Any Contradictions Ormentioning

confidence: 99%

Exploring How to Apply Secure Software Design Principles

Ebad

2022

IEEE Access

View full text Add to dashboard Cite

Secure design principles (SDPs) are employed to be a solution against many types of attacks. However, it has been shown that software developers are not familiar with the notion of SDPs or do not know how to implement them in the design stage. This paper tries to bridge this gap by applying SDPs to a real-world software project, electronic promotion system (ePS), and commenting on the contribution of each SDP. Saltzer and Schroeder's eight principles, along with three additional principles proposed by others, are chosen to be applied to ePS. The results indicate that most of the principles enumerated here were instrumental and applied in the ePS's design. Most of the eleven SDPs, economy of mechanism, fail-safe defaults, least privilege, least common mechanisms, sound authentication, defense in depth, and input validation were implemented on ePS to a great extent. Others, namely separation of privileges and psychological acceptability, were applied to a limited extent. The remaining two principles, complete mediation and open design, did not play a vital role, as ePS by itself satisfies these two principles. Some contradictions and interrelations among the SDPs when they were applied were also debated. Taking into account the integration of ePS with other enterprise systems in the same organization, it was felt placing SDPs in a general context would be beneficial and sufficient. This work will bridge the gap between software practitioners and state-of-the-art research on software SDPs.

show abstract

Lessons learned from offline assessment of security-critical systems: the case of microsoft’s active directory

Cited by 14 publications

References 15 publications

What topics should or should not be included in software security education—Qualitative content analysis

What topics should or should not be included in software security education—Qualitative content analysis

On The Zero-Trust Intranet Certification Problem

Exploring How to Apply Secure Software Design Principles

Contact Info

Product

Resources

About