Basically you have two sets of properties that define a secure software that is not, the first are the essential ones, common to the security of any system, whose absence seriously affects the security of an application and a second set, complementary to the previous ones that do not influence its security, but that help to improve it greatly.
The main essential properties are:
Integrity. Capability that ensures that code, assets managed, configurations and behavior cannot be or has not been modified or altered by unauthorized persons, entities or processes both during the development phase and in the operation phase.
Availability. Capacity that guarantees that the software is operational and accessible by authorized persons, entities or processes so that the information and the resources or services that manage it can be accessed, according to their specifications. Among the techniques and mechanisms that are in place to safeguard availability are, for example:
- Analysis of which services and information is critical and how to make them available.
- Use of high availability architectures, with different types of redundancies.
- Use of distributed systems with information replication systems between them.
- Use of recovery systems through images, virtualization, etc.
Confidentiality. Ability to preserve that any of its characteristics, managed assets are hidden from unauthorized users, so as to ensure that only authorized persons, entities or processes can access the information. Among the techniques and mechanisms that are in place to safeguard confidentiality we find, for example:
- Classification of applications and services based on their criticality.
- Fill traffic.
- Role-based system access control techniques.
- The encryption of information and communications.
The following complementary properties:
- Reliability. The ability of the software to function as expected in all situations to which it will be exposed in its operating environment, i.e. the possibility that a malicious agent could alter the execution or result in a manner favorable to the attacker is significantly reduced or eliminated.
- Authentication. A capability that allows software to guarantee that a person, entity or process is who it claims to be or that it guarantees the source from which the data comes. traceability. Capacity that guarantees the possibility of imputing the actions related in a software to the person, entity or process that has originated it.
- Robustness. Ability to resist attacks by malicious agents (malware, hackers, etc.).
- Resilience. Software's ability to isolate, contain, and limit damage caused by failures caused by the exploitation of a software vulnerability and recover by resuming its operation at or above a certain predefined minimum level of acceptable service in a timely manner.
- Tolerance. The software's ability to "tolerate" bugs and failures resulting from successful attacks and continue to function as if the attacks had not occurred.
There are a number of factors that influence the likelihood that a software will be consistent with the properties shown above (Goertzel, K.M., Winograd, T., 2008), these include:
- Design principles and good development practices. The practices used to develop the software and the design principles that govern it. This point is amply developed in the subsequent section.
- Development tools. The programming language, libraries, and development tools used to design, deploy, and test the software, and how they were used by developers.
Components purchased. Both commercial and free software components as they were evaluated, selected, and integrated. - Deployed configurations. How the software was configured during installation in your production environment.
- Operating environment. The nature and configuration of the protections provided by the execution or production environment.
- Professional Knowledge. The level of security awareness and knowledge that analysts, designers, developers, testers and maintainers of the software, or their lack of it.