Java Reference
In-Depth Information
◾
hreat proiling
◾
hreat modeling
5.4.4.1 Threat Proiling
hreat proiling
is the process of envisioning threat scenarios. Usually, this is the only process that
is followed when performing enterprise risk assessment, but in the case of Web applications, both
threat proiling and modeling yield better results as they provide a deep insight into the threat and
the attack vectors that may be used to compromise the application.
hreat proiling is the activity performed where several threat scenarios are created for the various
threat actors for a given information asset. A threat proile usually captures the following details:
◾
Asset name
◾
hreat actor/agent
◾
hreat access
◾
hreat motive
◾
hreat outcome
As part of the threat proiling process for a Web application, we will need to identify the threats
from human actors using a network.
Let us explore a simple threat proile. A malicious user of an e-commerce application is able to
perform actions on behalf of other users of the application. In this scenario, the asset in question
is customer login information, which basically means the customer's username and password; his
account-speciic information forms the constituents of the asset. he threat actor in this case is the
malicious user, a human outsider. he malicious user accesses the Web application via a browser,
over the Internet, essentially meaning that he is using network access, which is the threat access.
he threat motive in this case is a deliberate attempt by the malicious user to gain access to other
user accounts. he outcome of the threat is that there is a loss of conidentiality, because the mali-
cious user was able to gain access to a diferent customer's information and have complete access to
the legitimate user's account. It is not always that humans are the threat actors; with several Web
application worms and botnets, there are several cases of self-propagating worms being responsible
for Web application attacks.
As we can clearly see from the preceding example, the threat proile has been created with the
basic information about the type of threat that might afect adversely the application. To sensitize
management and other stakeholders relating to the application, a threat proiling exercise is very
beneicial as it creates awareness among the nontechnical stakeholders and sensitizes them to the
fact that security is an important consideration for the application. he threat proiles may be
tabulated for easy reading as given in Table 5.1.
hreat proiling, while useful for a preliminary understanding of the type of threat and its
outcome, is far from adequate while assessing Web application threats. hreat proiling should
be done to understand, at a high level, the types of threats that might have an adverse efect on
the critical information asset. Management, application owners, or customers who are the key
stakeholders in the application development process need to be aware of the types of threats that
might hinder the smooth functioning of the Web application. A threat proile conveys to these
stakeholders the type of damage that can be caused by a particular threat actor. hreat proiling
as an activity is useful to create a preliminary threat scenario for the consumption of nontechnical
Search WWH ::
Custom Search