Secure by Design

Developing a Secure File Vault Application

Motivation.

  • To gain hands-on experience in applying secure-by-design principles in software development.
  • To create a platform that the Claremont Cybersecurity Club could continuously improve and use for educational purposes.

Hiccups.

01

Recurring CSRF Token Errors During Form Submissions

Lesson: CSRF protection is crucial but requires careful implementation across all forms and AJAX requests

Solution: Implemented Flask-WTF’s CSRFProtect and added token generation to each form.

02

Encryption Key Management

  1. Initially used hardcoded keys (insecure practice)
  2. Moved to environment variables for key storage
  3. Finally, implemented key_generator.py for user-generated keys

Lesson: Proper key management is fundamental to security. Never hardcode or commit encryption keys to version control.

03

GitHub and Version Control

  1. Accidentally pushed sensitive data (encryption keys) to GitHub
  2. Exposed upload folder contents

Solutions:

  1. Implemented .gitignore to exclude sensitive files
  2. Reconfigured repository to exclude the uploads folder
  3. Used environment variables for sensitive information

Lessons:

  • Always set up .gitignore before initial commit
  • Regularly review committed files for sensitive information

Virtual Environment Importance

  1. Isolation
    • It keeps the project dependencies separate from system-wide packages, preventing conflicts.
  2. Reproducibility
    • It keeps the project dependencies separate from system-wide packages, preventing conflicts.
  3. Version Control
    • It allows for better management of package versions specific to the project.

Key Features

User Registration and Authentication

  • Strong password requirements enforced
    • Minimum length of 14 characters
    • Mix of uppercase, lowercase, numbers, and special characters
  • The system enforces these requirements programmatically, rejecting any password that doesn’t meet the criteria. This eliminates weak passwords from the system entirely, significantly enhancing overall security.

Secure File Upload and Storage

  • Only allowed file types can be uploaded, preventing potential security risks from malicious file types
  • Filenames are sanitized and uniquely generated to prevent conflicts and potential security exploits
  • Prevents potential denial-of-service attacks and ensures efficient use of storage resources.

User-specific File Management

  • Strict access controls prevent unauthorized access to other users’ files.
  • Implement principle of least privilege because users are given only the permissions necessary to perform their tasks, minimizing potential security risks.

File Encryption at Rest

  • Ensures data confidentiality even if the storage medium is compromised.
  • This is crucial for protecting against physical theft or unauthorized access to the server

SQL Injection Protection

  • By using SQLAlchemy, we’re taking advantage of well-tested, secure code. This approach of using established libraries for critical security functions is a best practice in secure development. It allows us to benefit from the collective expertise and ongoing maintenance of the wider developer community, rather than trying to implement complex security measures from scratch.
  • Use of SQLAlchemy ORM to prevent SQL injection vulnerabilities

CSRF Prevention

  • CSRF (Cross-Site Request Forgery) is an attack that tricks the victim into submitting a malicious request. It inherits the identity and privileges of the victim to perform an undesired function on the victim’s behalf. By implementing CSRF tokens, we ensure that every request to our server comes from our own forms, not from malicious sites. This adds an extra layer of security to all user actions.
  • Implementation of CSRF tokens to prevent cross-site request forgery attacks