LASCON 2013

An attacker’s ability, with only user credentials, to tamper with requests and directly access sensitive data ("Insecure Direct Object Reference") exposes valuable data and can even result in impersonation. OWASP’s 2007, 2010 and 2013 Top 10 lists include this problem. Common solutions include (1) using indirect object reference maps, or (2) performing authorization checks thoroughly. 

Of the solutions above, only random indirect object maps solve all potential problems associated with insecure object references. However, this may require tons of memory. This talk presents cryptographically protected references: trading increased but acceptable computation time for very little memory requirements. 

Using threat modeling, the talk outlines relevant attack vectors. Next, the talk walks the audience through alternatives in secure design comparing each from security and performance perspectives. For each alternative, concrete comparison includes benchmark results. 

Is secure object reference about access control? Is it about random-looking parameters? What does this have to do with database keys? Audience members will leave with specific guidance to share with developers.