Introduction
- CIA goals of security
- Authentication
- Nonrepudiation
- Auditability
- Principle of Least Privilege
- Fail-safe Defaults
- Security by Obscurity
- Endpoint Security
- Simple Security Rule
- *-property
- Randomness
- Secure Randomness
|
Defensive Programming
Validate Input
- Handle Exceptions and Errors
- Security by Design
- Defensive Methods
- Defensive Copy
- Runtime Exceptions
- Immutable/Mutable objects
- Protecting file access
- Primitive types
|
Data Defense
- Data states (rest, transit, use)
- Hashing
- Message Digests
- HMAC
- MD5/SHA256
- Salting
- Table/Rainbow Table Attack
- Symmetric v. Asymmetric
- Keyspace
- Plain/Cipher Text
- Shift/Substitution Ciphers
- RSA
- Digital Signatures
- Diffie-Hellman Key Exchange
- SSH Authentication
- Man-in-the-middle Attacks
- Public Key Infrastructure
- Certificates
- Certificate Authority
- Registration Authority
- Certificate Revocation Lists
- Unix File Permissions
|