Information Technology Reference
In-Depth Information
Table 5. continued
A user support agent shall request the misuser's identity and authen-
tication.
2
Contact center Interactions
1) The misuser provides the valid user identity.
2) The misuser states that he or she has a temporary inability to
authenticate himself or herself.
3) The misuser states that he or she has an urgent need to access a
protected resource requiring authentication and authorization.
3
Misuser Interactions
The user support agent shall request one or more alternate forms of
authentication. The user support agent shall check the appropriate
procedures for the proper action.
Contact center Interactions
4
The user support agent shall request one or more alternate forms of
authentication. The user support agent shall check the appropriate
procedures for the proper action.
Contact center Actions
5
Misuser Interactions
The misuser fails to provide a valid alternate form of authentication.
The user support agent shall refuse authentication and authorization
to the requested resource.
6
Contact center Interactions
Alternative Paths
The misuser can quit at any point.
Postco
nditions
1)
The system shall not have authenticated the misuser.
2)
The system shall not have authorized the misuser to access the protected resource.
3)
The system shall record the access control failure.
Task 2.5: Assessment of Security
must be studied and analyzed in this first iteration
and will take part of the Grid use cases diagram
that we will build in the next task. For example,
for alteration and disclosure of information we
can see that if the information is sensitive (per-
sonal data, bank data), these treats represent a
high risk for our system and we must ensure that
attacks (modifying or altering information) do
not attain their objectives. In this case we must
strongly protect the information stored and trans-
mitted between user and system. This assessment
must be present in the next activities and it must
take into account when we design the security
service oriented architecture.
Finally, it is necessary to assess whether the threats
are relevant according to the security level speci-
fied by the security objectives. Therefore we must
estimate the security risks based on the relevant
threats, their likelihood and their potential nega-
tive impacts, in other words, we have to estimate
the impact (what may happen) and risk (what
will probably happen) to which the assets in the
system are exposed. We must therefore interpret
the meaning of impact and risk. In Table 6 we
define the impact and risk for the threats identi-
fied previously. We are going to evaluate risk and
impact with five possible values: Very Low, Low,
Medium, High and Very High. The likelihood of
a threat could be: Very Frequent (daily event),
Frequent (monthly event), Normal (once a year),
Rare (once in several years).
As we can see in the previous table, all threats
have to be dealt with because they cause a high
or very high value of risk in the worst case, there-
fore, misuse cases that represent these threats
FUTURE RESEARCH DIRECTIONS
The main future lines of research open are de-
tailed below:
•
Define the process with a tool that supports
the SPEM notation, such as EPF (Eclipse
Search WWH ::
Custom Search