notes from a Cigital architecture risk analysis (ARA) training

• CIA (confidentiality, integrity, availability) is very high level and Viega and McGraw has a more granular list of specific goals/concerns.
• Time to check to time to us (TOCTOU) is an example of a race condition.
• "Struts" is a framework for Java and not a word that has meaning in a greater computer science way as I suspected it might.
• validateRequest is a .NET Framework sanity-checker of sorts for input values.
• Tightly coupled code and data together in a single package wherein data may be interpreted as code opens the door to injection attacks. This is (John) Von Neumann's curse.
• Defense in depth conceptually means that you do not rely on any one single means to provide security for a point of vulnerability.
• There is a distinction between symmetric and asymmetric encryption. In asymmetric encryption one shares a public key for encrypting and keeps a private key for decrypting allowing others to send one messages that only that party may read. In contrast, everyone just reads and writes with the same key in the symmetric approach.
• Hash functions must have 1. efficiency, 2. pre-imaging (you cannot just reverse the hash function to unhash something) and 3. collision resistance.
• SHA1 and MD5 are popular hash functions.
• Message authentication codes (MAC) are cryptographic primitives which, through the use of a shared key, will allow one to tell if a party was the author of the hash. A CBC (Cipher Block Chaining) MAC is based on a block cipher like AES (Advanced Encryption Standard). The value of the last cipher text block is the MAC because it depends on the values of all of the blocks which precede it. HMAC (hash-based message authentication code) is a CBC alternative.
• XACML (Extensible Access Control Markup Language) is a standard for exchanging authentication and access controls information.