Summary

The system should load encrypted database connection strings from a protected configuration file that resides separately from the source code.

Description

Database connection strings are very sensitive information because they contain credentials that often have high privileges over the systems database. Thus, these strings should not be part of the systems source code and should not be stored in plain text. They should be encrypted using a secure cryptographic algorithm and the encryption key should also be protected.

References

• CWE-259. Use of hard-coded password
• CWE-311. Missing encryption of sensitive data
• CWE-798. Use of hard-coded credentials
• OWASP10-A7. Identification and authentication failures
• OWASPM10-M7. Poor code quality
• OWASPM10-M9. Reverse engineering
• AGILE-9. Continuous attention to technical excellence and good design
• BIZEC-APP-07. Cross-client database access
• CERTC-STR30-C. Do not attempt to modify string literals
• CERTJ-IDS01-J. Normalize strings before validating them
• MITRE-M1013. Application developer guidance
• CMMC-AC_L2-3_1_13. Remote access confidentiality
• ISO27002-8_28. Secure coding
• WASSEC-6_2_4_1. Command execution - Format string attack
• ISSAF-H_15_9. Network security - Intrusion detection (rule configuration and management interface)
• OWASPSCP-11. Database security
• OWASPSCP-13. Memory management
• CWE25-77. Improper neutralization of special elements used in a command (command injection)
• SWIFTCSC-6_3. Database integrity
• SIG-D_6_9_1. Asset and information management
• ISO27001-8_28. Secure coding
• SANS25-16. Improper neutralization of special elements used in a command (command injection)