網站的安全防護 (使用ESAPI)

網站的安全防護 (使用ESAPI)

網站的安全防護有什麼什麼可以參考的 opensource lib?

這裡我們介紹的就是 ESAPI,這篇文章主要說明下列幾種威脅的防護

  • Information Leakage
  • Broken Authentication
  • Insecure Storage
  • Insecure Communications
  • Failure to restrict URL

什麼是ESAPI?

ESAPI 是OWASP的一個開源專案, 該專案框架提供網站安全編碼的設計框架

讓開發人員可以直接使用得到網站防護的效果, 而不用重新開發網站防護的機制

錯誤的處理

駭客常利用錯誤處理不當或是額外的錯誤訊息來進行攻擊

ESAPI提供相對完整的錯誤處理方式與日誌

Exception Summary
AccessControlException An AccessControlException should be thrown when a user attempts to access a resource that they are not authorized for.
AuthenticationAccountsException An AuthenticationException should be thrown when anything goes wrong during login or logout.
AuthenticationCredentialsException An AuthenticationException should be thrown when anything goes wrong during login or logout.
AuthenticationException An AuthenticationException should be thrown when anything goes wrong during login or logout.
AuthenticationHostException An AuthenticationHostException should be thrown when there is a problem with the host involved with authentication, particularly if the host changes unexpectedly.
AuthenticationLoginException An AuthenticationException should be thrown when anything goes wrong during login or logout.
AvailabilityException An AvailabilityException should be thrown when the availability of a limited resource is in jeopardy.
CertificateException A CertificateException should be thrown for any problems that arise during processing of digital certificates.
ConfigurationException A ConfigurationException should be thrown when a problem arises because of a problem in one of ESAPI’s configuration files, such as a missing required property or invalid setting of a property, or missing or unreadable configuration file, etc.
EncodingException An EncodingException should be thrown for any problems that occur when encoding or decoding data.
EncryptionException An EncryptionException should be thrown for any problems related to encryption, hashing, or digital signatures.
EncryptionRuntimeException An EncryptionRuntimeException should be thrown for any problems related to encryption, hashing, or digital signatures.
EnterpriseSecurityException EnterpriseSecurityException is the base class for all security related exceptions.
EnterpriseSecurityRuntimeException EnterpriseSecurityRuntimeException is the base class for all security related runtime exceptions.
ExecutorException An ExecutorException should be thrown for any problems that arise during the execution of a system executable.
IntegrityException An IntegrityException should be thrown when a problem with the integrity of data has been detected.
IntrusionException An IntrusionException should be thrown anytime an error condition arises that is likely to be the result of an attack in progress.
ValidationAvailabilityException
ValidationException A ValidationException should be thrown to indicate that the data provided by the user or from some other external source does not match the validation rules that have been specified for that data.
ValidationUploadException

 

認證與授權處理

 public void doPost(ServletRequest request, ServletResponse response) {
 try {
 User user = ESAPI.authenticator().login(request, response);
 // continue with authenticated user
 } catch (AuthenticationException e) {
 // handle failed authentication (it's already been logged)
 }
 

ESAPI Authentication參考

http://www.owasp.org/index.php/Top_10_2007-Broken_Authentication_and_Session_Management

https://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/Authenticator.html

 

ESAPI 加密

http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/esapi4java-core-2.0-symmetric-crypto-user-guide.html

https://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/Encryptor.html

    String myplaintext = "My plaintext";
    try {
        CipherText ciphertext =
            ESAPI.encryptor().encrypt( new PlainText(myplaintext) );
        PlainText recoveredPlaintext = ESAPI.encryptor().decrypt(ciphertext) );
        assert myplaintext.equals( recoveredPlaintext.toString() );
    } catch(EncryptionException ex) {
        // Log error then return error designation however appropriate.
    }

 

Insure Communication

確保資料傳輸過程中是加密處理, 也就是透過 TLS / SSL 傳輸

可以使用ESAPI

void assertSecureChannel(javax.servlet.http.HttpServletRequest request)
                         throws AccessControlException
ESAPI.httpUtilities().assertSecureChannel();

 

Failure to restrict URL Access

https://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/AccessController.html

針對網站資源的授權認證檢查 ESAPI提供完整的驗證檢查, 參考如下

Method Summary
 void assertAuthorized(java.lang.Object key, java.lang.Object runtimeParameter)
assertAuthorized executes the AccessControlRule that is identified by key and listed in the resources/ESAPI-AccessControlPolicy.xml file.
 void assertAuthorizedForData(java.lang.String action, java.lang.Object data)
Checks if the current user is authorized to access the referenced data.
 void assertAuthorizedForFile(java.lang.String filepath)
Checks if the current user is authorized to access the referenced file.
 void assertAuthorizedForFunction(java.lang.String functionName)
Checks if the current user is authorized to access the referenced function.
 void assertAuthorizedForService(java.lang.String serviceName)
Checks if the current user is authorized to access the referenced service.
 void assertAuthorizedForURL(java.lang.String url)
Checks if the current user is authorized to access the referenced URL.
 boolean isAuthorized(java.lang.Object key, java.lang.Object runtimeParameter)
isAuthorized executes the AccessControlRule that is identified by key and listed in the resources/ESAPI-AccessControlPolicy.xml file.
 boolean isAuthorizedForData(java.lang.String action, java.lang.Object data)
Checks if the current user is authorized to access the referenced data, represented as an Object.
 boolean isAuthorizedForFile(java.lang.String filepath)
Checks if the current user is authorized to access the referenced file.
 boolean isAuthorizedForFunction(java.lang.String functionName)
Checks if the current user is authorized to access the referenced function.
 boolean isAuthorizedForService(java.lang.String serviceName)
Checks if the current user is authorized to access the referenced service.
 boolean isAuthorizedForURL(java.lang.String url)
Checks if the current user is authorized to access the referenced URL.

 

https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

https://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/overview-summary.html

 

 

 

Leave a Reply

Your email address will not be published.