Information Technology Reference
In-Depth Information
Table 3. Assets and threats
Assets
Threats
User and system data (stored, transmitted)
- Unauthorized access (stored data)
- Eavesdropping (transmitted data)
- Unauthorized publishing
- Manipulation
- Erroneous data
Identity information
- Eavesdropping
- Manipulation
Credentials (private keys, passwords)
- Theft / Spoofing (masquerade as a certain user, illegal use of software)
- Publishing
Accounting
- Manipulation of log entries, CPU/memory usage, number and size of processes
- Acquire information about competitor's work
CPU-/Storage-/Mobile devices-/Network-
resources
- Misuse (e.g. Spambot)
- Denial of Service
General System
- Security holes / exploits
- Malicious / compromised resources
- Backdoors, viruses, worms, Trojan horses
can identify those security use cases and misuse
cases that fit in with the attacks and threats for
this application identified in the previous step.
In this first iteration, the misuse cases that we
have found in the repository and that fit in with
the threats identified for this application are:
Alteration info, Disclosure info, Unauthorized
access and Masquerade.
In the repository, these misuse cases are de-
fined in a generic way, therefore, we have to adapt
them to this case study with the specific elements
(actors, messages, assets, etc.) of this application.
Table 4 shows the definition of these misuse cases.
With these misuse cases, we can identify se-
curity use cases that mitigate them observing the
information offered by the repository for secu-
rity use cases and the diagrams defined where we
can see the relationships of mitigation between
security use cases and misuse cases. In case that
the required use cases are not in the repository
we can define them and specify relationships as
it is convenient.
We find in the repository the security use
cases (including Grid security use cases and Grid
actors) that are related to the misuse cases identi-
fied. These security use cases are: Authenticate,
Authorize access, Ensure Confidentiality and
Ensure Integrity.
Some security use cases have different in-
stances depending on the use case path defined
(Firesmith, 2003) so that we have to define some of
them relating to the assets and misuse cases identi-
fied in this first iteration. For example, “Ensure
Integrity” security use case has three instances,
one related to message integrity from Grid to user,
other related to message from user to Grid, and
other related to data stored in the Grid. All these
paths are important to be taken into account in the
application, but here we only show one of them
for simplicity making the same analysis for the
rest of paths of these security use cases.
Table 5 shows the instances of the security use
cases selected in this first iteration and which are
defined in the Grid use cases repository. These
security use cases selected are related to misuse
cases identified previously mitigating the threats
and attacks defined in such misuse cases.
Search WWH ::
Custom Search