0

I am from network and OS operations and not from development background. I have some experience in writing Python and PHP code, and have studied software development in college. As a hobby project (for now), I am planning on building a small website, which will have a component to store PII and sensitive information. I have to give security the first preference, and 2nd to performance (mainly of encryption/decryption).

My target is to have everything encrypted wherever possible, and also to have code which gives as little room as possible (by default) for exploitation. The site will be hosted on linux system.

The whole idea of the project is to learn a language in depth (as much as possible), and I feel I will be much more focused if I pick on some idea that I like. And that idea involves handling PII and other sensitive information. And, if the end product turns out good, then will open it up, hence wanting to make a good choice when choosing the language to write the code in.

I have done some reading, and saw people mentioning that for the backend c/c++ would be good, as it gives good performance and flexibility, but security is not easy. The next best choice would be Ada 2012, as that gives more security than C/C++, and also does not compromise on performance. Java can also provide security, but can be slightly slower. And then Python/Ruby.

I am thinking that Ada 2012 may be a good choice, but I don't want to get into a position wherein I learn it to some extent and then realize that I would have been better off with Python or Java or some other language.

I want to know from the experts answers to these 3 specific questions:

Which language will be ideal to develop this site, so that :

  • the best available encryption/decryption libraries can be used?
  • the features of the language can be leveraged to write inherently secure code?
  • Also, the more performance can be gained, the better?

Please advise. And also, if someone has done website (specially those handling PII) development using Ada, please share your experience.

I know each and every language has advantages and disadvantages, and the intent behind my query is to learn from the experience of those who have spent many years as website developers, and have used multiples languages and frameworks to develop websites handling sensitive data. If the mods think the question can start a good vs bad language war, I apologize as that is not the intent, and I will close the question.

Aseem
  • 33
  • 1
  • 7
  • 1
    Build a highly secure web side... this question is not about a tool you may want to use. You may use whatever you want, security consepts do not depend on programming languages. But if you want to know about how Ada can be used to build secure applicaitons so you should read this book https://www.adacore.com/uploads/books/pdf/AdaCore-Tech-Cyber-Security-web.pdf – Timur Samkharadze Jul 18 '18 at 06:37
  • 3
    Ada may emphasize *safety* but *security* not so much. Safety is generated by the compiler disallowing or warning about unsafe code. Security is generated by carefully designing the business logic you implement with your code. A programming language has only limited use here (although I do admit that bugs like heartbleed would have been averted with Ada). – flyx Jul 18 '18 at 11:40
  • 2
    Performance isn't really that necessary in web applications as most are written in scripting languages now, e.g. Python/Ruby, this is because there is a naturally larger than usual delay in the server getting a request and sending a response, so the thought is that compiled languages aren't really required. But if you don't want someone scraping/hacking your site and getting access to your "scripts" then compiled is the way to go, imo. – Luke A. Guest Jul 20 '18 at 12:48

2 Answers2

2

The features of the language can be leveraged to write inherently secure code? Ada's type system supports writing code that validates data before usage. It's a feature of the language that helps with IT-security. But of course there is much more to IT-security than that. Configuring the firewalls, for example using systemd to specify how many processes of an executable is allowed to run simultaneously by the OS, how much memory each process is allowed to allocate, which directories the different applications have access to and permissions, and so on. I am sure there is lots I don't mention nor cover in this short response.

The best available encryption/decryption libraries can be used? The best library to my knowledge for cryptography is the Ada-Crypto-Library: https://github.com/cforler/Ada-Crypto-Library. But what is asked for is making a safe web application. For encrypting the Secure Socket Layer (https) the Ada-Crypto-Library is not used in any http server implementation that I am aware of. If one wants to develop a web application in Ada there are three options that I see: AWS (Ada Web Server) from AdaCore and that is included in the Community Edition of the GNAT compiler (www.adacore.com), the http server implementation in Dmitry Kazakov's simple components (http://www.dmitry-kazakov.de/ada/components.htm) or GNOGA (www.gnoga.com) that is implemented on top of Dmitry Kazakov's Simple Componenets. Oh wait, Matreshka may also be used but I haven't used it yet so I cannot comment (http://forge.ada-ru.org/matreshka).

According to the documentation of AWS it can be compiled to use either OpenSSL, LibreSSL or GNUTLS (http://docs.adacore.com/live/wave/aws/html/aws_ug/building_aws.html#requirements).

With Simple Components and GNOGA the Secure Socket Layer implementation is provided by GNUTLS.

Another option for providing SSL to a web application is to use the Apache web server as a proxy that handles the encryption (I have never done such a setup, only heard of the existence of this possibility).

Also, the more performance can be gained, the better? I like performance and how to get the best performance is a vast subject. On the whole I think Ada is good programming language choice for those who like performance. Of the top of my head, to maximise performance using Ada one should:

1) When using the standard containers and using the GNAT compiler one may use "pragma Suppress (Tampering_Checks);" to increase the performance of ones application. Not everyone agrees with this view to have one debug build with the tampering checks turned on and then one release build with the checks off since one trades safety for performance, but it has a noticable impact on performance. An alternative to the standard containers one may use the Ada-Trait based containers (https://github.com/AdaCore/ada-traits-containers). They may be the World's most well designed containers for the Ada programming language.

2) Avoid usage of Unbounded_String in the standard library. One may use instead the XString unbounded string implementation in the GNATColl library and may give a 10x performance boost. Also consider allocating ordinary Strings inside memory pools (or subpools) if possible (I've done that in the Xml_Parser application in the repository: https://github.com/joakim-strandberg/wayland_ada_binding)

EDIT: I deliberately avoid arguing whether or not Ada, Java or Python is better and instead focus on, if you would do it in Ada, what would you need to do and consider.

Joakim Strandberg
  • 338
  • 3
  • 9
  • Matreshka has a FastCGI implantation you can use behind an existing http server, Nginx and lighttpd as alternatives to apache. – Luke A. Guest Jul 20 '18 at 02:44
  • @Joakim. Thanks for the insight. I can handle securing the network and system areas (like firewalls and access permissions, etc), but with negligible development experience, I am hard pressed at figuring out which language I should code in to achieve the best security possible. I am doing more research on this by reading the features of each language, and getting the perspective of as many people as possible by asking questions and reading their blogs/articles. – Aseem Jul 20 '18 at 11:23
-1

short answer - No,such a system is never possible. PII is less sensitive than a nuclear program.

Long answer --

1. the best available encryption/decryption libraries can be used? -As your question mentions encryption comes with decryption, the SHA-1 is broken now check alternatives (https://www.forbes.com/sites/forbestechcouncil/2017/04/13/sha-1-encryption-has-been-broken-now-what/#35e33f317ee7) and if you want to dig deep it is not about libraries it is about the algorithm used for the job.Any encryption can be broken sooner or later.

2. The features of the language can be leveraged to write inherently secure code? There is nothing as secure language or features of language to save you there are few frameworks based on some security princiapls;just follow a set of practices to make code secure. You follow them you would be safe if you don't there could be trouble and there are around 5000 free tools (unofficial number)that can be run on a website to break it.Are you willing to test your system against so many number of tools ?

3.Also, the more performance can be gained, the better? -The stronger the encryption and security the more performance you lose always a trade off so choose your treadmill.

Security is a very vague and broad term and everyone gets hacked even the likes of yahoo and Symantec.(https://gizmodo.com/researchers-made-a-clever-tool-to-detect-hacks-companie-1821293404) still not convinced here is the state of the art -https://en.wikipedia.org/wiki/Stuxnet but even this is 20 years old and just 500-kilobyte of threat.

My 2 cents - As we deal in 0 and 1 please define clear goals in terms of security and performance the make a poc(proof of concept) and run some benchmarks test.

Arvind Lal
  • 26
  • 3