Business information leak - Source Code
Need
Protection of sensitive business information in source code
Context
• Usage of Java 8 for developing applications with enhanced features and performance
• Usage of javax.servlet for building Java web applications with Servlet technology
• Usage of java.io for input and output operations in Java
Description
1. Non compliant code
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
public class InfoServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
PrintWriter out = response.getWriter();...The above code is an example of a simple HTTP servlet that responds to GET requests and returns hardcoded business information. The `doGet()` method is the entry point for HTTP GET requests. When a client sends a GET request, the server responds by calling the servlet's `doGet()` method. The `HttpServletResponse` object is used to send the response back to the client. In this case, the response is a simple HTML page that displays business information such as employee and customer details. The vulnerability in this code is that it's exposing sensitive business information to anyone who sends a GET request to the server. This information includes employee and customer details which should be confidential. This is a serious security flaw as it can lead to information leakage. An attacker can exploit this vulnerability to gain unauthorized access to sensitive business information. This can lead to various security threats like identity theft, financial fraud, and can even lead to legal consequences if the leaked information is misused.
2. Steps
• Remove the business information from the source code.
• Store the business information in a secure location, such as a database.
• Implement authentication and authorization mechanisms to control access to the business information.
• Retrieve the business information from the secure location when needed, based on the user's authentication and authorization.
• Ensure that the retrieved business information is properly protected and encrypted during transmission.
• Regularly review and update the authentication and authorization mechanisms to prevent unauthorized access to the business information.
3. Secure code example
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.sql.*;
public class InfoServlet extends HttpServlet {
response.setContentType("text/html");...The updated code now includes authentication and authorization checks before accessing the business information. The `authenticateUser` and `authorizeUser` methods are placeholders for the actual authentication and authorization logic. The business information is no longer hardcoded in the source code. Instead, it is retrieved from a secure location (e.g., a database) using the `getEmployeeInfoFromDB` and `getCustomerInfoFromDB` methods. These methods are also placeholders for the actual logic to retrieve the information from the database. If the user is authenticated and authorized, the business information is retrieved from the database and displayed. If the user is not authenticated or not authorized, an "Access Denied" message is displayed. This approach ensures that the business information is securely stored and only accessible to authenticated and authorized users. It also protects the business information during transmission by using secure protocols and encryption.
References
• 216. Business information leak - Source Code