Skip to content

Page378

Software Change and Configuration Management

Software Change and Configuration Management provides a framework for managing changes to software as it is developed, maintained, and eventually retired. Some organizations treat this as one discipline; the exam treats configuration management and change management as separate (but related) disciplines.

In regard to the Software Development Security domain, configuration management tracks changes to a specific piece of software. For example: tracking changes to a Content Management System (CMS), including specific settings within the software. Change management is broader, tracking changes across an entire software development program. In both cases, both configuration and change management are designed to ensure that changes occur in an orderly fashion, and do not harm (and ideally improve) information security. We discussed change management in Chapter 8, Domain 7: Security Operations.

NIST Special Publication 80-128: Guide for Security-Focused Configuration Management of Information Systems (available at https://csrc.nist.gov/publications/detail/sp/800-128/final) describes the following configuration management terms:

“A Configuration Management Plan (CM Plan) is a comprehensive description of the roles, responsibilities, policies, and procedures that apply when managing the configuration of products and systems. The basic parts of a CM Plan include:

  • Configuration Control Board (CCB)—Establishment of and charter for a group of qualified people with responsibility for the process of controlling and approving changes throughout the development and operational lifecycle of products and systems; may also be referred to as a change control board;
  • Configuration Item Identification—methodology for selecting and naming configuration items that need to be placed under CM;
  • Configuration Change Control—process for managing updates to the baseline configurations for the configuration items; and
  • Configuration Monitoring—process for assessing or testing the level of compliance with the established baseline configuration and mechanisms for reporting on the configuration status of items placed under CM”[25].

Databases

A database is a structured collection of related data. Databases allow queries (searches), insertions (updates), deletions, and many other functions. The database is managed by the Database Management System (DBMS), which controls all access to the database and enforces the database security. Databases are managed by Database Administrators (DBAs). Databases may be searched with a database query language, such as the Structured Query Language (SQL). Typical database security issues include the confidentiality and integrity of the stored data. Integrity is a primary concern when replicated databases are updated.

Additional database confidentiality issues include inference and aggregation attacks, discussed in detail in Chapter 4, Domain 3: Security Architecture and Engineering. Aggregation is a mathematical attack where an attacker aggregates details at a lower classification to determine information at a higher classification. Inference is a similar attack, but the attacker must logically deduce missing details: unlike aggregation, a mystery must be solved.

Types of Databases

Formal database types include relational (two dimensional), hierarchical, and object-oriented. The simplest form of database is a flat file: a text file that contains multiple lines of data, each in a standard format. A host file (located at /etc/hosts on UNIX systems, and c:\windows\system32\drivers\etc\hosts on many versions of Microsoft Windows) is an example of a flat file: each entry (line) contains at least an IP address and a host name.