fbpx

Get Cheapest Assignment in Australia, UK, US, UAE, Canada and NZ Order Now

Programming Assignment 1 – Data Races Prevention & Runtime Policy Enforcement Using Aspect

0 Comments

Programming Assignment 1 – Data Races Prevention & Runtime Policy Enforcement Using Aspect

CPS 474/574 Software/Language-based Security, Fall 2021 Dr. Phu Phung

Total point: 30

Released: September 21, 2021

Submission deadline: October 5, 2021 11:55 PM

Table of Contents

 Introduction

 Report and Submission

 PART 1. Fixing time-of-check time-of-use (TOCTOU)

 Program revision

 (3 points) Add a new method safeWithdraw to the Wallet class

 (3 points) Add a new method safeDeposit to the Wallet class

 (3 points) Revise the ShoppingCart class

 (3 points) Fixing the TOCTOU issue

 (3 points) Review all API methods and revise them as needed

 Evaluation of the revised program

 (3 points) Compiling and Testing

 (2 points) Packing the compiled program

 PART 2: Enforcing runtime security policies using AOP (AspectJ).

 Implement security policies in AspectJ

 (3 points) Add a warning message

 (4 points) Change the semantics of the program

 (3 points) Runtime policy enforcement evaluation

 Demonstration

Introduction

This programming assignment is an extension of Lab 1&2. The goals of this assignment are two folds:

  1. Fixing time-of-check time-of-use (TOCTOU) in the vulnerable program and buggy APIs. However, there is an intentional programming flaw in this fixed program that makes it semantically incorrect.
  2. Using AOP (the AspectJ language) to enforce security policies on the fixed program in Part 1 to change the semantics of the program at runtime so that it will function sound.

NOTE: The below functionalities and policies are designed just for understanding the concepts. Of course, you can have better design and implementation of functionalities and policies in both Part 1 and 2. However, you need to implement it as defined in the requirements.

Report and Submission

The report is used to evaluate your performance. Your report must be submitted in a PDF file (reports not in PDF format will be returned without grading!!!). Your report MUST have the course number, course name, the instructor, your name, and UD email. Insert the link of your latest commit to your Bitbucket repository for this assignment.

You MUST organize your report in tasks and sub-tasks with a title following the of this assignment, i.e.:

Part 1. Xxx

  1. Yyy

In each task/sub-task, you need to include some code snippets to illustrate the implementation and explain briefly how you implement the program. If required, you need to include possible screenshots for the demonstration.

You need to include all the source code as plain text (not the screenshot) as an Appendix in your report.

Submit your report by the deadline on Isidore. Please note that only submission on Isidore will be accepted and graded.

 Very important note: Ensure that your report will not be detected with significant similarity to any

 existing material by Turnitin on Isidore, i.e., do NOT copy the content from anywhere, including

 but not limited to lecture notes, lab/assignment/project instructions, online resources, books,

 your friends, to your report. Except for the titles, do NOT copy and paste the descriptions. An

 answer without a title will lose 2p. If your report is detected with a majority similarity with others,

 you will receive 0p for this assignment.

PART 1. Fixing time-of-check time-of-use (TOCTOU)

Recall the ShoppingCart program used in Labs 1 & 2. This program has TOCTOU and other security bugs. In this part of the assignment, you will revise the code to fix the TOCTOU and other issues. You need to create a new folder assignments/assignment1 in your private repository and copy the code from the ShoppingCart folder from the course repository folder of

~/ss-lbs/labs/lab2-irm-reverse/src/ to the newly created folder assignments/assignment1 as introduced in Lecture 9 (9/21/2021)

Before starting your assignment development, you need to push to your Bitbucket repository. For your convenience, the steps are below (replace pphung1 with your correct repository name):

$ cd ~/ss-lbs-pphung1/

$ git add –all

$ git commit -m “Init code for Assignment 1”

$ git push

Once you push all code into your repository, start revising the code according to the requirements below.

1.            Program revision

a.   (3 points) Add a new method safeWithdraw to the Wallet class

Add the new method with an interface as below:

public int safeWithdraw(int valueToWithdraw) throws Exception This method should be used in the ShoppingCart class instead of the setBalance(..) method. This method will check if there is enough balance in the wallet (using the Wallet.getBalance()method), then withdraw the requested value (deduct the value from the wallet). Otherwise, if the value of the wallet is less than the requested value, withdraw all value from the wallet. In both cases, returns the withdrawn value. You must implement necessary protections in this safeWithdraw method to avoid data races. Raise appropriate exceptions if there are any errors.

Please NOTE that this design has an intentional flaw. The goal is to illustrate that if the software contains flaws after release, it can be fixed using Aspect-oriented programming introduced in Part 2. Therefore, it is important that you have to implement the method as described.

b.   (3 points) Add a new method safeDeposit to the Wallet class

Add to the Wallet class a method as below interface:

public void safeDeposit(int valueToDeposit) throws Exception  This method takes an input is a value and put (add/deposit) it to the wallet, i.e., update the database (the file). Again, you must implement necessary protections in this method to avoid data races. Raise appropriate exceptions if there are any errors. Note that this is just an additional API that will be invoked by another program. Please NOTE that this method will not be invoked in this current program. It will be used for Part 2.

c.   (3 points) Revise the ShoppingCart class

In this task, you need to revise the ShoppingCart class in order to replace the use of

setBalance(..) with the new safeWithdraw(..) method. Note that you have to

 revise the argument value accordingly to preserve the semantics of the program.

d.   (3 points) Fixing the TOCTOU issue

You need to implement a mechanism to prevent the TOCTOU issue identified in Lab 1. You need to follow the provided solution for Lab 1.

e.   (3 points) Review all API methods and revise them as needed

Review all API methods to see if they are vulnerable to data races or any other flaws. If so, revise them accordingly.

2.            Evaluation of the revised program

a.   (3 points) Compiling and Testing

You need to compile and run program for testing. As in Lab 1, your name must appear in the program console. You need to include screenshots to demonstrate that your revised program can fix the TOCTOU issue. Hints: You can perform the attack again as in Lab 1 and show that the attack failed.

b.   (2 points) Packing the compiled program

After successfully compiling and testing the program, pack all *.class files into a ShoppingCart.jar as in Lab 2. Copy the ShoppingCart.jar and wallet.txt and pocket.txt into a separate folder, e.g., part2, to do Part 2. Capture a screenshot of this ShoppingCart.jar file in the new folder and its proper execution to include in your report for demonstration.

PART 2: Enforcing runtime security policies using AOP (AspectJ).

The ShoppingCart.jar program in Part 1 should not have the TOCTOU issue as it has been fixed. There was a programming flaw that makes the semantics of the program incorrect: the

user can lose all of their money if the current balance is less than the product’s price. In this part, you will develop runtime policies in aspects to print a warning message and to fix that incorrect behavior.

1.  Implement security policies in AspectJ

Write an AspectJ program to implement policies as below. In your report, insert the corresponding code in plaintext under each item with a brief explanation in your own words.

a.            (3 points) Add a warning message

Write a policy/aspect to monitor the execution of the Wallet.safeWithdraw(..)method that before calling the method, check if there is enough money in the wallet for the product. If not, warn the user that the wallet has less value than the requested one.

b.            (4 points) Change the semantics of the program

In this task, you will develop a policy in aspects as below to modify the programming flaw that makes the semantics of the program incorrect in Part 1.

After calling the Wallet.safeWithdraw(..)method, check if the real withdrawn value is less than the requested value. If so, deposit the money back to the wallet (using the Wallet.safeDeposit(..) implemented in Part 1 above), warn the user of this information, and exit the program.

Hint: You can use the following advice template for this task:

pointcut safeWithdraw(int price):

call(* Wallet.safeWithdraw(int)) && args(price);

//other code

after(int price) returning (int withdrawnAmount): safeWithdraw( price) {

//your implementation

}

2.    (3 points) Runtime policy enforcement evaluation

You need to test your aspect-oriented policies by weaving the aspect into the program and execute the modified program to ensure it can fix the incorrect semantics.

As in Lab 2, using the ‘ajc’ compiler to compile the aspects with the ShoppingCart.jar generated in Part 1 to generate a new Jar file (e.g., ShoppingCart-IRM.jar). Execute the new program and test with the incorrect scenario in Part 1 to demonstrate the runtime policies are soundly enforced and the incorrect semantics have been fixed. In your report, describe briefly your understanding of this evaluation and include a screenshot that shows the above steps.

Demonstration

You will select a 5-minute slot to show your implementation to the instructor. Your demonstration should cover the following items:

Part 1: The TOCTOU issue has been fixed, but there is a use case that the user can lose their money if the current balance is less than the product’s price.

Part 2: The problem in Part 1 has been fixed with Aspect code.

Leave a Reply

Your email address will not be published. Required fields are marked *