Question
Review the SecurityCheck2.java code snippet below. Identify two security weaknesses based on the security principles discussed in class: Secure the Weakest Link Defense in Depth
Review the SecurityCheck2.javacode snippet below.Identify two security weaknesses based on the security principles discussed in class:
- Secure the Weakest Link
- Defense in Depth
- Fail Securely
- Least Privilege
- Keep it Simple
- Secrets are Not Kept
- The Saltzer and Schroeder Principles (Complete Mediation and/or Separation of Privilege)
Note theprinciple name(e.g. "Secure the Weakest Link") and ashort description of the weaknesswith ascreenshot of the piece of problematic code, for each weaknessidentified.
Note that there are several possible answers to this assignment.Again - you are not expected to be a Java programmer, but you are expected to read the code critically and learn to look for insecure programming patterns.Your explanation of why you identified an item is the most important thing I am looking for - I want to see that you understand issues to look for in the code.
*****************************************************************************************************************
package com.dcx.ps.dcppcp.bm.dao;
public class SecurityCheck2 {
private static final String CLASS = "SecurityCheck2";
/** A Dcppcp constant that controlls messge output */
private final static boolean DEBUG = true;
/** A variable for maintaining a single reference for an error msg */
private static String errorMsg;
/** A variable for maintaining a single reference for keys */
private static String keys;
/**
* This method writes debug statements when the constant is true.
*/
public static void debug(String s) {
if (DEBUG) {
System.out.println(s);
}
}
/**
* This method writes debug statements and prints a stacktrace.
*/
private static void debug(String message,Exception e) {
if (DEBUG) {
System.out.println(message);
e.printStackTrace();
}
}
private String getSecretFormula() {
String formula= new String();
final String METHOD = "updateSecureData()";
debug(CLASS + "." + METHOD + "==>Begin");
formula = "dt=dt' . (1 - v/c)1/2 " ;
return formula;
}
}
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started