Misuse Case and Security Requirement Analysis for an Application
Total Page:16
File Type:pdf, Size:1020Kb
MISUSE CASE AND SECURITY REQUIREMENT ANALYSIS FOR AN APPLICATION Thesis Submitted in partial fulfillment of the requirements for the degree of MASTER OF TECHNOLOGY in COMPUTER SCIENCE & ENGINEERING - INFORMATION SECURITY by VINEET KUMAR MAURYA (07IS11F) DEPARTMENT OF COMPUTER ENGINEERING NATIONAL INSTITUTE OF TECHNOLOGY KARNATAKA SURATHKAL, MANGALORE-575025 June, 2009 Dedicated To My parents & Suraksha Group Members D E C L A R A T I O N I hereby declare that the Report of the P.G Project Work entitled "MISUSE CASE AND SECURITY REQUIREMENT ANALYSIS FOR AN APPLICATION" which is being submitted to the National Institute of Technology Karnataka, Surathkal, in partial fulfillment of the requirements for the award of the Degree of Master of Technology in Computer Science & Engineering - Information Security in the Department of Computer Engineering, is a bonafide report of the work carried out by me. The material contained in this report has not been submitted to any University or Institution for the award of any degree. ……………………………………………………………………………….. (Register Number, Name & Signature of the Student) Department of Computer Engineering Place: NITK, SURATHKAL Date: ............................ C E R T I F I C A T E This is to certify that the P.G Project Work Report entitled "MISUSE CASE AND SECURITY REQUIREMENT ANALYSIS FOR AN APPLICATION" submitted by Vineet Kumar Maurya (Register Number: 07IS11F), as the record of the work carried out by him, is accepted as the P.G. Project Work Report submission in partial fulfillment of the requirements for the award of the Degree of Master of Technology in Computer Science & Engineering - Information Security in the Department of Computer Engineering. External Guide Internal Guide (Name and Signature (Name and Signature with date and seal) with date and seal) Chairman – DPGC (Signature with Date and Seal) ACKNOWLEDGMENTS I take this opportunity to express my deepest gratitude and appreciation to all those people who made this project work easier with words of encouragement, motivation, discipline, and faith by offering different places to look forward to expanding my ideas and helped me towards the successful completion of this project work. First, I would like to express my sincere gratitude to my guide Dr. Asoke K. Talukder, visiting faculty, Department of Computer Engineering, NITK, Surathkal and project coordinator & guide Mr. Alwyn Roshan Pais, Sr. Lecturer, Department of Computer Engineering, National Institute of Technology Karnataka, Surathkal for their motivating suggestions, insightful advice, invaluable guidance, help and support in successful completion of this project and also for constant encouragement and advice throughout my M.Tech programme. I would like to take this opportunity to express my thanks to the teaching and nonteaching staff of Department of Computer Engineering, NITK for their invaluable help and support in these two years of my study. I am also grateful to Suraksha group members and all my classmates for their help, encouragement and invaluable suggestions. Finally, I would like to thank all those whose direct and indirect support helped me in completing my project work & thesis in time. ABSTRACT Security is always considered as Non–functional requirement in traditional Software Development Life Cycle (SDLC) and handled outside of software development environment. In the Next Generation Network (NGN) where all applications will be networked it is compulsory that security should be treated as functional requirement. Misuse case diagram is one approach to solve our purpose. In misuse case diagram mis-actor always posed threat to our application. By doing requirement analysis with the help of misuse case diagram, we can figure out the possible way of threat to our application and can apply remedy action in form of the security use case and security patterns. Misuse cases treat security as a functional requirement. If we encapsulate misuse case diagram in the software development process, security can be embedded from early stage in SDLC process, and we can achieve our goal of developing security aware application. This project work is an attempt to develop an approach for security requirement analysis of any application using misuse case. Also a tool named “Suraksha” has been developed with this facility to develop misuse case diagram and misuse case template easily. Keywords – Misuse case, Security requirement analysis, STRIDE, CI5A, Security aware application, Security-aware Software Development Life Cycle, SaSDL. i CONTENTS Abstract i List of Figures iv Nomenclature v 1. INTRODUCTION ............................................................................................. 1 1.1 Use Case ..................................................................................................... 2 1.2 Misuse Case ............................................................................................... 3 1.3 Misuse Case Template ................................................................................ 5 1.3.1 Lightweight Misuse Case Description ............................................. 5 1.3.2 Extensive Misuse Case Description ................................................. 6 1.4 STRIDE...................................................................................................... 6 1.5 Organization of Thesis ................................................................................ 8 2. SOFTWARE DEVELOPMENT LIFE CYCLE ............................................... 9 2.1 Various SDLC Models................................................................................ 9 2.1.1 Waterfall Model .............................................................................. 9 2.1.2 Prototyping Model ........................................................................ 10 2.1.3 Spiral Model ................................................................................. 10 2.1.4 Agile Model .................................................................................. 11 2.1.5 Scrum ........................................................................................... 12 2.1.6 Extreme Programming (XP) .......................................................... 13 2.1.7 Stage-Gate Model ......................................................................... 13 2.2 Requirements ............................................................................................ 15 2.2.1 Functional Requirements ............................................................... 15 2.2.2 Nonfunctional Requirements ......................................................... 15 2.2.3 UML Model for Requirement Elicitation ....................................... 16 2.3 Design ...................................................................................................... 18 2.3.1 Design Patterns ............................................................................. 18 2.3.2 Security Design Patterns ............................................................... 19 2.4 Construction ............................................................................................. 20 ii 2.4.1 Various Techniques & Languages for Construction ....................... 21 2.4.2 Security Bugs in Construction Phase ............................................. 24 2.5 Testing ..................................................................................................... 26 2.5.1 Testing Techniques ....................................................................... 26 2.5.2 Why Security Bugs not Detected ................................................... 27 2.5.3 Security Testing ............................................................................ 28 3. SECURITY-AWARE SOFTWARE DEVELOPMENT LIFE CYCLE (SaSDLC) ......................................................................................................... 32 3.1 Problem Description ................................................................................. 32 3.2 SaSDLC Process ....................................................................................... 32 4. SECURITY REQUIREMENT ELICITATION ............................................. 38 4.1 Suraksha: Open Source Tool ..................................................................... 38 4.1.1 Suraksha: Misuse Case Diagrams .................................................. 39 4.1.2 Suraksha: Misuse Case Template .................................................. 44 4.2 Misuse Case and Security Requirement Analysis ...................................... 49 5. CONCLUSION ................................................................................................ 52 REFERENCES iii LIST OF FIGURES 1.1 A simple use case diagram…………………………………………………...3 1.2 Misuse case diagram example illustrating notations and relationships………4 2.1 Prototyping model…………………………………………………………..10 2.2 A typical Spiral model……………………………………………………....11 2.3 Stage-Gate model…………………………………………………………...14 3.1 Assets identification for an application (Suraksha)………………………...34 3.2 An example of Attack Tree with DREAD rating…………………………...35 4.1 Misuse case diagram user interface………………………………………....39 4.2 Property editor for a node in misuse case diagram window………………...40 4.3 Process to open a misuse case diagram window…………………………....43 4.4 Misuse case diagram for e-commerce application using Suraksha…………44 4.5 Textual representation of misuse case- tamper with database (part 1)……...47 4.6 Textual representation of misuse case- tamper with