Adds

Wednesday, August 12, 2009

Eclipse Overview


This article describes the overview of the Eclipse IDE (www.eclipse.org)

Eclipse Platform
The Eclipse Platform is designed and built to meet the following requirements [8]:
- Support the construction of a variety of tools for application development.
- Support an unrestricted set of tool providers, including independent software vendors (ISVs).
- Support tools to manipulate arbitrary content types (e.g., HTML, Java, C, JSP, EJB, XML, and GIF).
- Facilitate seamless integration of tools within and across different content types and tool providers.
- Support both GUI and non-GUI-based application development environments.
- Run on a wide range of operating systems, including Windows and Linux.
- Capitalize on the popularity of the Java programming language for writing tools.

The Eclipse platform's principal role is to provide tool providers with mechanisms to use, and rules to follow, that lead to seamlessly-integrated tools. These mechanisms are exposed via well-defined API interfaces, classes, and methods. The Platform also provides useful building blocks and frameworks that facilitate developing new tools.

Eclipse Functionalities
Basically Eclipse has three main functionalities [9]:
- A Java Development Environment
Eclipse is a superlative Java development environment. The philosophy behind the Java development tools in Eclipse is to make development process as productive as possible by automating mundane and time consuming operations and by providing advanced tools to help the developer.
The Java editor provides syntax highlighting, code completion, code assist and several complementary views to show the structure of the code and the tasks left to complete.

- A Tool Integration Platform
Eclipse is more than just an IDE, it is also a foundation or technology platform for tool integration. Eclipse provides a common way for all members of a team to work together to create, manipulate, and manage sets of resources.
Eclipse accomplishes this by providing architecture and a set of Java frameworks that make writing integrated tools easier. Experienced developer can use Eclipse to build tools and to integrate the myriad of tools which are used for doing the jobs. For example, developer can use the power and extensibility in the Java Development Tools (JDT) to create additional integrated Java tools. This feature is the main reason why author selects Eclipse as platform for this thesis.

- Open Source Community
Eclipse.org is a collection of technical professionals united by a common interest in using and contributing to the production of a base for tool integration and a set of tools integrated on that base or platform. Through collaboration, corporate professionals, researchers, members of academia, and individual developers who build on Eclipse can further the goal of producing interoperable products and offerings.
From the Eclipse website http://www.eclipse.org, it can be observed that “the mission of Eclipse Project is to adapt and evolve the Eclipse technology to meet the needs of the Eclipse tool building community and its users, so that the vision of Eclipse as an industry platform is realized.” The Eclipse Tools project is for those extending the platform or delivering tools based on it.

The Eclipse Look
The Eclipse user interface basically has three main parts:
- Editors
Editors allow developer to create and change resources, and are associated with a specific resource type. The main focus of developer will be working in an editor. The panes surrounding the editor support the active editing.

- View
A view presents a way to navigate through resources or other information in Eclipse. In Eclipse, the developer is allowed to change resources through view. Modifications made in views show up immediately, as opposed to work done in editors, where developer needs to save changes before they appear.
View can be resized, stacked, tiled, and placed on the shortcut bar. Views complement the file opened in the editor. When developers change data in a view, the contents of that file are modified when they save the file.

- Perspective
A perspective in Eclipse defines a set of editors and views arranged in an initial layout for a particular role or task. For example, the debug perspective is designed for the task of debugging source code. The initial layout of the Resource perspective lists folders and files in the Navigator view, and contains an editor area and supporting views such as the Outline and Tasks views. Eclipse can have one or more perspectives open at a time. Perspectives also can be designed with a predefined set of functions available through the menu bar and toolbar that you can perform while in the perspective. Eclipse has the following perspectives.
- Resource
- Java
- Java Browsing
- Java Type Hierarchy
- CVS Repository Exploring
- Debug
- Install/Update
- Plug-in Development

The Eclipse user interface is shown in the next figure

Secure Programming Overview

Secure programming applies security approaches in the programming/coding phase of software development. Secure programming techniques should be applied by programmer during the coding phase in order to increase the security level of the software.
Since the numbers of the vulnerabilities of software are unlimited, it will be difficult to determine the most important factor in secure programming. From several references such as [1] and [2] there are some aspects that can be mentioned here as the important factors to be applied into secure programming for increasing security level of the software.

1. Avoid Buffer Overrun
When the size of an array input is not verified, it is possible to write outside the allocated buffer. If such an action takes place in memory addresses higher than the buffer, it is called a buffer overrun. By entering a hostile input, the attacker could read addresses of the input character in the memory if buffer overrun happens. Consequently, the validation of input string is an important factor in order to avoid buffer overrun. Actually this flaw is not a big issue in Java since Java has input validation tool, called bytecode verifier.

2. Applying Cryptography
According to [2], strong cryptography is a critical piece of information security that can be applied at many levels, from data storage to network communication. People always think that cryptography is important to protect data from attacking. However, people usually are not realizing that the misapplication of cryptography commonly leads to the security problem.

3. Generate Random Numbers Properly
Random numbers is often required in order to provide a key in cryptography. Although random numbers seem as unimportant factor but it could guide to a problem in secure programming. Generate random numbers by using predictable manner will ease attackers to disturb our software. Thus developers need to consider the secure method for generating random numbers.

4. Applying Anti-Tampering
Reverse engineering has been known as a threat to the security of software. Although there are no easy answers for avoiding reverse engineering from a compiled code but developer can still apply anti-tampering methods in order to create obstacles for people who wants to gain the protecting information in their software.

5. Design Error Handling Properly
The most common problem in error handling occurs when the internal error messages provide too detail information such as stack traces which should not be revealed to the user. This simple information can be used by an attacker to disturb our software.

6. Injection Flaws
There are many programs which work by accessing the other programs or operating system features. If developers write a code that access to the operating system and the code does not have any protection, a malicious code could be implanted in the program and there will be possibility that the malicious code will be able to access the operating system also.

Besides the aspects above there are still many aspects for secure programming.
Java, which will be used as the platform of this research, is known as a programming language with large numbers of security features:
1. Java has no pointers, it means that a Java code is not able to directly access arbitrary memory locations in the address space.
2. As mentioned above, Java has bytecode verifier. This feature is very useful for avoiding buffer overflow attacks because this feature checks the length of the input before the execution. If the length is not proper Java will reject the input.
3. Java has fine-grained control over resource access for both applets and applications. For instance, an applet could be prohibited from writing or reading to disk space.
4. Java has a large number of library functions for cryptographic building blocks and SSL and authentication and authorization.

Currently, there are many existing methods and tools to help programmer for increasing the security level of their code. Some of them are:

A. Cryptography in Microsoft .NET platform [3].
The Cryptography API contains functions that allow applications to encrypt or digitally sign data in a flexible manner, while providing protection for the user's sensitive private key data. All cryptographic operations are performed by independent modules known as cryptographic service providers (CSPs). One CSP, the Microsoft RSA Base Provider, is included with the MS Windows operating system.
Each CSP provides a different implementation of the Cryptography API layer. Some provide stronger cryptographic algorithms, while others contain hardware components such as smartcards [plastic cards containing microchips that hold security data about the user]. In addition, some CSPs may occasionally communicate with users directly, such as when digital signatures are performed using the user's signature private key.

B. The Java Authentication and Authorization Service (JAAS) [4].
The Java Authentication and Authorization Service (JAAS) is a set of Java APIs that can be used for two purposes:
- For authentication of users, to reliably and securely determine who is currently executing Java code, regardless of whether the code is running as an application, an applet, a bean, or a servlet; and
- For authorization of users to ensure they have the access control rights (permissions) required to do the actions performed.

JAAS authentication is performed in a pluggable fashion. This permits Java applications to remain independent from underlying authentication technologies. New or updated technologies can be plugged in without requiring modifications to the application itself. JAAS authorization extends the existing Java security architecture that uses a security policy to specify what access rights are granted to executing code. That architecture, as introduced in the Java 2 platform, was code-centric. That is, the permissions were granted based on code characteristics: where the code was coming from and whether it was digitally signed and if so by whom. With the integration of JAAS into the Java 2 SDK, the java.security.Policy API handles Principal-based queries, and the default policy implementation supports Principal-based grant entries. Thus, access control can now be based not just on what code is running, but also on who is running it.

C. The IBM Secure Shell Library for Java [5].
The Secure Shell (SSH-2 or simply SSH) is a protocol for secure remote log-in and other secure network services over an insecure network. The protocol consists of three major components:
- The Transport Layer Protocol provides server authentication, confidentiality, and integrity.
- The User Authentication Protocol authenticates the client to the server.
- The Connection Protocol multiplexes the encrypted tunnel into several logical channels.

IBM Secure Shell Library for Java is a lightweight implementation of the IETF SSH-2 protocol. The library currently implements only the basic SSH features such as password log-in and command execution. Advanced features such as tunning and X-forwarding are currently not supported.
A session is started with a handshake in order to determine the security mechanisms to be used (the client and server must, of course, agree on this). The process is as follows:
1. Decide on security parameters.
2. Establish a shared secret in order to protect the communication.
3. Authenticate the previous exchange.
4. Authenticate the client and server.

This process is similar to that of the SSL protocol (for good reason). From a high-level point of view, the main difference between the two is that SSL relies on a PKI and, therefore, on X.509 certificates. The SSH protocol was created with extensibility in mind and consequently supports a wide range of authentication methods, including passwords and X.509 certificates.

References
[1] Howard, M., LeBlanc, D., “Writing Secure Code – Practical Strategies and Techniques for Secure Application Coding in A Networked Word”, Microsoft Press, 2003
[2] Viega, J., Messier, M., “Secure Programming Cookbook – for C and C++”, Sebastopol, CA, O’Reilly & Associates, Inc., 2003.
[3] Microsoft Library http://msdn.microsoft.com/library/?url=/library/en-us/dncapi/html/msdn_cryptapi.asp
[4] Java Authentication and Authorization Service Documentation
http://java.sun.com/products/jaas/overview.html
[5] IBM Secure Shell Library for Java Documentation
http://www.alphaworks.ibm.com/tech/sshlite