DOCSLIB.ORG

Cyber Threat Modeling: Survey, Assessment, and Representative Framework

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Threat Modeling: Survey, Assessment, and Representative Framework Prepared for: Department of Homeland Security Cyber Threat Modeling: Survey, Assessment, and Representative Framework April 7, 2018 Authors: Deborah J. Bodeau Catherine D. McCollum David B. Fox The Homeland Security Systems Engineering and Development Institute (HSSEDI)™ Operated by The MITRE Corporation Approved for Public Release; Distribution Unlimited. Case Number 18-1174 / DHS reference number 16-J-00184-01 This document is a product of the Homeland Security Systems Engineering and Development Institute (HSSEDI™). Homeland Security Systems Engineering & Development Institute The Homeland Security Act of 2002 (Section 305 of PL 107-296, as codified in 6 U.S.C. 185), herein referred to as the “Act,” authorizes the Secretary of the Department of Homeland Security (DHS), acting through the Under Secretary for Science and Technology, to establish one or more federally funded research and development centers (FFRDCs) to provide independent analysis of homeland security issues. The MITRE Corporation operates the Homeland Security Systems Engineering and Development Institute (HSSEDI) as an FFRDC for DHS under contract HSHQDC-14-D-00006. The HSSEDI FFRDC provides the government with the necessary systems engineering and development expertise to conduct complex acquisition planning and development; concept exploration, experimentation and evaluation; information technology, communications and cyber security processes, standards, methodologies and protocols; systems architecture and integration; quality and performance review, best practices and performance measures and metrics; and, independent test and evaluation activities. The HSSEDI FFRDC also works with and supports other federal, state, local, tribal, public and private sector organizations that make up the homeland security enterprise. The HSSEDI FFRDC’s research is undertaken by mutual consent with DHS and is organized as a set of discrete tasks. This report presents the results of research and analysis conducted under: HSHQDC-16-J-00184 Next Generation Cyber Infrastructure (NGCI) Apex Cyber Risk Metrics and Threat Model Assessment This HSSEDI task order is to enable the DHS Science and Technology Directorate (S&T) to facilitate improvement of cybersecurity within the Financial Services Sector (FSS). To support NGCI Apex use cases and provide a common frame of reference for community interaction to supplement institution- specific threat models, HSSEDI developed an integrated suite of threat models identifying attacker methods from the level of a single FSS institution up to FSS systems-of-systems, and a corresponding cyber wargaming framework linking technical and business views. HSSEDI assessed risk metrics and risk assessment frameworks, provided recommendations toward development of scalable cybersecurity risk metrics to meet the needs of the NGCI Apex program, and developed representations depicting the interdependencies and data flows within the FSS. The results presented in this report do not necessarily reflect official DHS opinion or policy. For more information about this publication contact: Homeland Security Systems Engineering & Development Institute The MITRE Corporation 7515 Colshire Drive McLean, VA 22102 Email: [email protected] http://www.mitre.org/HSSEDI i Abstract This report provides a survey of cyber threat modeling frameworks, presents a comparative assessment of the surveyed frameworks, and extends an existing framework to serve as a basis for cyber threat modeling for a variety of purposes. The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) Next Generation Cyber Infrastructure (NGCI) Apex program will use threat modeling and cyber wargaming to inform the development and evaluation of risk metrics, technology foraging, and the evaluation of how identified technologies could decrease risks. A key finding of the assessment was that no existing framework or model was sufficient to meet the needs of the NGCI Apex program. Therefore, this paper also presents a threat modeling framework for the NGCI Apex program, with initial population of that framework. The survey, assessment, and framework as initially populated are general enough to be used by medium-to-large organizations in critical infrastructure sectors, particularly in the Financial Services Sector, seeking to ensure that cybersecurity and resilience efforts consider cyber threats in a rigorous, repeatable way. Key Words 1. Cyber Threat Models 2. Next Generation Cyber Infrastructure (NGCI) 3. Cyber Risk Metrics 4. Cybersecurity 5. Threat Modeling Framework ii This page intentionally left blank iii Table of Contents 1 Introduction ...................................................................................................................... 1 1.1 Key Concepts and Terminology .................................................................................................... 3 1.2 Uses of Threat Modeling ................................................................................................................ 5 1.2.1 Risk Management and Risk Metrics ....................................................................................... 5 1.2.2 Cyber Wargaming .................................................................................................................... 7 1.2.3 Technology Profiling and Technology Foraging ................................................................... 8 1.3 Survey and Assessment Approach............................................................................................... 9 2 Threat Modeling Frameworks and Methodologies ................................................................. 11 2.1 Frameworks for Cyber Risk Management .................................................................................. 11 2.1.1 NIST Framework for Improving Critical Infrastructure Cybersecurity ............................... 11 2.1.2 Publications Produced by the Joint Task Force Transformation Initiative ....................... 13 2.1.3 CBEST Intelligence-Led Cyber Threat Modelling ................................................................ 14 2.1.4 COBIT 5 and Risk IT ............................................................................................................... 15 2.1.5 Topic-Focused Frameworks and Methodologies ................................................................ 15 2.2 Threat Modeling to Support Design Analysis and Testing ....................................................... 20 2.2.1 Draft NIST Special Publication 800-154, Guide to Data-Centric System Threat Modeling20 2.2.2 STRIDE .................................................................................................................................... 20 2.2.3 DREAD .................................................................................................................................... 21 2.2.4 Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) ................. 21 2.2.5 Intel’s Threat Agent Risk Assessment (TARA) and Threat Agent Library (TAL) .............. 22 2.2.6 IDDIL/ATC ............................................................................................................................... 22 2.3 Threat Modeling to Support Information Sharing and Security Operations ............................ 23 2.3.1 STIX™ ..................................................................................................................................... 23 2.3.2 OMG Threat / Risk Standards Initiative ................................................................................ 24 2.3.3 PRE-ATT&CK™ ...................................................................................................................... 24 2.3.4 Cyber Threat Framework ....................................................................................................... 24 3 Specific Threat Models...................................................................................................... 26 3.1 Enterprise-Neutral, Technology-Focused .................................................................................. 26 3.1.1 Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) ........................ 26 3.1.2 Common Attack Pattern Enumeration and Classification (CAPEC™)............................... 27 3.1.3 Web Application Threat Models ............................................................................................ 28 3.1.4 Invincea Threat Modeling ...................................................................................................... 28 3.1.5 Other Taxonomies and Attack Pattern Catalogs ................................................................. 29 iv 3.1.6 Threat Modeling for Cloud Computing ................................................................................. 30 3.2 Enterprise-Oriented, Technology-Focused ................................................................................ 30 3.2.1 MITRE’s Threat Assessment and Remediation Analysis (TARA) ...................................... 30 3.2.2 NIPRNet/SIPRNet Cyber Security Architecture Review (NSCSAR) .................................... 31 3.2.3 Notional Threat Model for a Large Financial Institution ..................................................... 32 4 Analysis and Assessment ................................................................................................... 34 4.1 Characterizing Threat Models ....................................................................................................
Load more

Recommended publications
  • Shiva's Waterfront Temples
    Shiva’s Waterfront Temples: Reimagining the Sacred Architecture of India’s Deccan Region Subhashini Kaligotla Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in the Graduate School of Arts and Sciences COLUMBIA UNIVERSITY 2015 © 2015 Subhashini Kaligotla All rights reserved ABSTRACT Shiva’s Waterfront Temples: Reimagining the Sacred Architecture of India’s Deccan Region Subhashini Kaligotla This dissertation examines Deccan India’s earliest surviving stone constructions, which were founded during the 6th through the 8th centuries and are known for their unparalleled formal eclecticism. Whereas past scholarship explains their heterogeneous formal character as an organic outcome of the Deccan’s “borderland” location between north India and south India, my study challenges the very conceptualization of the Deccan temple within a binary taxonomy that recognizes only northern and southern temple types. Rejecting the passivity implied by the borderland metaphor, I emphasize the role of human agents—particularly architects and makers—in establishing a dialectic between the north Indian and the south Indian architectural systems in the Deccan’s built worlds and built spaces. Secondly, by adopting the Deccan temple cluster as an analytical category in its own right, the present work contributes to the still developing field of landscape studies of the premodern Deccan. I read traditional art-historical evidence—the built environment, sculpture, and stone and copperplate inscriptions—alongside discursive treatments of landscape cultures and phenomenological and experiential perspectives. As a result, I am able to present hitherto unexamined aspects of the cluster’s spatial arrangement: the interrelationships between structures and the ways those relationships influence ritual and processional movements, as well as the symbolic, locative, and organizing role played by water bodies.
    [Show full text]
  • K-12 Workforce Development in Transportation Engineering at FIU (2012- Task Order # 005)
    K-12 Workforce Development in Transportation Engineering at FIU (2012- Task Order # 005) 2016 Final Report K-12 Workforce Development in Transportation Engineering at FIU (2012- Task Order # 005) Berrin Tansel, Ph.D., P.E., Florida International University August 2016 1 K-12 Workforce Development in Transportation Engineering at FIU (2012- Task Order # 005) This page is intentionally left blank. i K-12 Workforce Development in Transportation Engineering at FIU (2012- Task Order # 005) U.S. DOT DISCLAIMER The contents of this report reflect the views of the authors, who are responsible for the facts, and the accuracy of the information presented herein. This document is disseminated under the sponsorship of the U.S. Department of Transportation’s University Transportation Centers Program, in the interest of information exchange. The U.S. Government assumes no liability for the contents or use thereof. ACKNOWLEDGEMENT OF SPONSORSHIP This work was sponsored by a grant from the Southeastern Transportation Research, Innovation, Development and Education Center (STRIDE) at the University of Florida. The STRIDE Center is funded through the U.S. Department of Transportation’s University Transportation Centers Program. ii K-12 Workforce Development in Transportation Engineering at FIU (2012- Task Order # 005) TABLE OF CONTENTS ABSTRACT ...................................................................................................................................................... v CHAPTER 1: INTRODUCTION ........................................................................................................................
    [Show full text]
  • Domain Adaptation of Unreal Images for Image Classification
    Master of Science Thesis in Electrical Engineering Department of Electrical Engineering, Linköping University, 2019 Domain Adaptation of Unreal Images for Image Classification Johan Thornström Master of Science Thesis in Electrical Engineering Domain Adaptation of Unreal Images for Image Classification: Johan Thornström LiTH-ISY-EX–20/5282–SE Supervisor: Gustav Häger isy, Linköping University David Gustafsson FOI Erik Valldor FOI Examiner: Per-Erik Forssén isy, Linköping University Computer Vision Laboratory Department of Electrical Engineering Linköping University SE-581 83 Linköping, Sweden Copyright © 2019 Johan Thornström Abstract Deep learning has been intensively researched in computer vision tasks like im- age classification. Collecting and labeling images that these neural networks are trained on is labor-intensive, which is why alternative methods of collecting im- ages are of interest. Virtual environments allow rendering images and automatic labeling, which could speed up the process of generating training data and re- duce costs. This thesis studies the problem of transfer learning in image classification when the classifier has been trained on rendered images using a game engine and tested on real images. The goal is to render images using a game engine to create a classifier that can separate images depicting people wearing civilian clothing or camouflage. The thesis also studies how domain adaptation techniques using generative adversarial networks could be used to improve the performance of the classifier. Experiments show that it is possible to generate images that can be used for training a classifier capable of separating the two classes. However, the experiments with domain adaptation were unsuccessful. It is instead recom- mended to improve the quality of the rendered images in terms of features used in the target domain to achieve better results.
    [Show full text]
  • 122 the Effect of Virtual Reality Rehabilitation On
    122 Élliott V1, Fraser S1, Chaumillon J1, de Bruin E D2, Bherer L1, Dumoulin C1 1. Centre de recherche de l'institut universitaire de gériatrie de Montréal, 2. Institute of Human Movement Sciences and Sport, ETH, Zurich, Switzerland. THE EFFECT OF VIRTUAL REALITY REHABILITATION ON THE GAIT PARAMETERS OF OLDER WOMEN WITH MIXED URINARY INCONTINENCE: A FEASIBILITY STUDY Hypothesis / aims of study Dual-task walking deficit and mixed urinary incontinence (UI) (1) are both associated with an increased risk of falls in older adults. Moreover, walking with a full bladder is recognised as a divided attention activity (i.e., a dual task) and the strong desire to void has been associated with increased gait variability in continent adults. Given that, the combined impact of trying to retain urine while walking (a dual task) has a negative impact on gait pattern (2), UI treatments based on dual-task training could prove to be an effective treatment for reducing UI and gait variability (linked to walking with full bladder) and, indirectly, preventing falls among the elderly. Virtual reality rehabilitation (VRR) is a proven dual-task treatment approach; one that could also prove to be effective in treating conditions linked to or acerbated by dual-task demands. Thus, the study’s aim was to assess whether pelvic floor muscle (PFM) training using a dual-task training VRR approach could improve the gait parameters of older women with mixed UI when walking with full bladder. Study design, materials and methods This study employed a quasi-experimental pre-test, post-test design. Twenty-four community-dwelling women 65 and older with mixed UI symptoms were recruited from a bank of potential participants operated by a research centre.
    [Show full text]
  • Connor Hughes
    Connor Hughes - 3D Artist 978-471-8533 2 Quay Road, Ipswich Ma, 01938 Education: Email: [email protected] Southern New Hampshire University Portfolio: https://kerdonkulus.artstation.com/ Bachelor of Science in Game Development and Programming LinkedIn: www.linkedin.com/pub/connor-hughes/a1/368/b31/ Minor in Game Art and Development Concentration: Entrepreneurism and Business Graduated Cum Laude, May 2016, GPA: 3.7 TECHNICAL SKILLS AND SOFTWARE Modeling Software ZBrush, 3ds Max, Maya, Substance Painter, Designer & B2M, Photoshop, VRay, Marmoset 3, 3D Coat, and Crazy Bump Art Skills High and low poly modeling, unwrapping, baking, texturing, rendering and some animation capabilities Game Engines Unity, Unreal Engine, Game Maker Business Software Jira and Confluence, Trello, Testlink, Github and Source Tree (version control) Other Experience Mobile, PC and Console development experience, production and project management experience, excellent verbal and written communication skills, and knowledge and proficiency in C#, C++ and Java PUBLISHED TITLES AND PROJECTS WORKED: Personal Projects & Titles Industry Titles • Lunar Lander: Winning title from the Stride competition, published • Arkham Underworld (Mobile Title) - Turbine by Stride for use by students in their educational game services. • Lord of the Rings Online (MMO) - Turbine • Kritter Kart: 3rd place in second annual Stride competition • Infinite Crisis (MOBA) - Turbine • Country Crowd Surfer: 2nd place in Meadowbrook Competition • Unreleased Mobile Game - Carbonated Inc. PROFESSIONAL EXPERIENCE Carbonated Inc, El Segundo, CA September 2016 – January 2017 The Brain Trust, Manchester NH May 2016 – August 2016 (Production Artist) (Contract Developer & Programmer) • Creating 3D models and assets based on provided concept art. • Responsible for overall development of gameplay and • Texturing assets using a stylized, hand painted art style.
    [Show full text]
  • (12) United States Patent (10) Patent No.: US 8,702,430 B2 Dibenedetto Et Al
    USOO870243OB2 (12) United States Patent (10) Patent No.: US 8,702,430 B2 Dibenedetto et al. (45) Date of Patent: Apr. 22, 2014 (54) SPORTS ELECTRONIC TRAINING SYSTEM, 3,742,937 A 7, 1973 Manuel et al. AND APPLICATIONS THEREOF 3,802,698 A 4, 1974 Burian et al. 3,838,684. A 10, 1974 Manuel et al. 3,859,496 A 1/1975 Giese (75) Inventors: Christian Dibenedetto, North Plains, 3,935,669 A 2f1976 Potrzuski et al. OR (US); Mark Arthur Oleson, Portland, OR (US); Roland G. Seydel, (Continued) Lake Oswego, OR (US); Scott Tomlinson, Portland, OR (US); Allen W. FOREIGN PATENT DOCUMENTS Van Noy, Portland, OR (US); Amy CN 1588275 3, 2005 Jones Vaterlaus, Portland, OR (US); CN 1601.447 3, 2005 Stephen Michael Vincent, Portland, OR (Continued) (US) OTHER PUBLICATIONS (73) Assignee: adidas International Marketing B.V., Amsterdam (NL) Extended European Search Report for Application No. EP080 14368. 8, Applicant: adidas International, mailed Aug. 24, 2010. (*) Notice: Subject to any disclaimer, the term of this patent is extended or adjusted under 35 (Continued) U.S.C. 154(b) by 835 days. Primary Examiner — Xuan Thai (21) Appl. No.: 11/892,023 Assistant Examiner — Jerry-Daryl Fletcher (74) Attorney, Agent, or Firm — Sterne, Kessler, Goldstein (22) Filed: Aug. 17, 2007 & Fox PL.L.C. (65) Prior Publication Data (57) ABSTRACT US 2009/0047645 A1 Feb. 19, 2009 A sports electronic training system, and applications thereof, are disclosed. In an embodiment, the system comprises at (51) Int. Cl. least one monitor and a portable electronic processing device G09B 9/00 (2006.01) for receiving data from the at least one monitor and providing G09B 9/00 (2006.01) feedback to an individual based on the received data.
    [Show full text]
  • Dance Dance Convolution
    Dance Dance Convolution Chris Donahue 1 Zachary C. Lipton 2 Julian McAuley 2 Abstract Dance Dance Revolution (DDR) is a popular rhythm-based video game. Players perform steps on a dance platform in synchronization with mu- sic as directed by on-screen step charts. While many step charts are available in standardized packs, players may grow tired of existing charts, or wish to dance to a song for which no chart ex- ists. We introduce the task of learning to chore- ograph. Given a raw audio track, the goal is to produce a new step chart. This task decomposes naturally into two subtasks: deciding when to place steps and deciding which steps to select. For the step placement task, we combine recur- rent and convolutional neural networks to ingest spectrograms of low-level audio features to pre- dict steps, conditioned on chart difficulty. For step selection, we present a conditional LSTM Figure 1. Proposed learning to choreograph pipeline for four sec- generative model that substantially outperforms onds of the song Knife Party feat. Mistajam - Sleaze. The pipeline n-gram and fixed-window approaches. ingests audio features (Bottom) and produces a playable DDR choreography (Top) corresponding to the audio. 1. Introduction Step charts exhibit rich structure and complex semantics to ensure that step sequences are both challenging and enjoy- Dance Dance Revolution (DDR) is a rhythm-based video able. Charts tend to mirror musical structure: particular se- game with millions of players worldwide (Hoysniemi, quences of steps correspond to different motifs (Figure2), 2006). Players perform steps atop a dance platform, fol- and entire passages may reappear as sections of the song lowing prompts from an on-screen step chart to step on the are repeated.
    [Show full text]
  • Designing Arcade Computer Game Graphics
    Designing Arcade Computer Game Graphics Ari Feldman Wordware Publishing, Inc. Library of Congress Cataloging-in-Publication Data Feldman, Ari. Designing arcade computer game graphics / by Ari Feldman. p. cm. ISBN 1-55622-755-8 (pb) 1. Computer graphics. 2. Computer games. I. Title. T385.F447 2000 794.8'166--dc21 00-047319 CIP © 2001, Wordware Publishing, Inc. All Rights Reserved 2320 Los Rios Boulevard Plano, Texas 75074 No part of this book may be reproduced in any form or by any means without permission in writing from Wordware Publishing, Inc. Printed in the United States of America ISBN 1-55622-755-8 10987654321 0010 Product names mentioned are used for identification purposes only and may be trademarks of their respective companies. All inquiries for volume purchases of this book should be addressed to Wordware Publishing, Inc., at the above address. Telephone inquiries may be made by calling: (972) 423-0090 Dedication This book is dedicated to my friends Dina Willensky, Stephanie Worley, Jennifer Higbee, Faye Horwitz, Sonya Donaldson, Karen Wasserman, and Howard Offenhutter, and to my parents, Dr. Bernard Feldman and Gail Feldman. These people stood by me during this project, always offering me encouragement and support when I needed it most. Thanks everyone! I would also like to dedicate this book to my eclectic CD collection, for without the soothing sounds from the likes of Lush, Ride, The Clash, The English Beat, and The Creation this book would have never been completed. iii Contents Foreword .........................................xvi Acknowledgments ...................................xviii Introduction .......................................xix Chapter 1 Arcade Games and Computer Arcade Game Platforms .
    [Show full text]
  • Introduction to Directx Raytracing Chris Wyman and Adam Marrs NVIDIA
    CHAPTER 3 Introduction to DirectX Raytracing Chris Wyman and Adam Marrs NVIDIA ABSTRACT Modern graphics APIs such as DirectX 12 expose low-level hardware access and control to developers, often resulting in complex and verbose code that can be intimidating for novices. In this chapter, we hope to demystify the steps to set up and use DirectX for ray tracing. 3.1 INTRODUCTION At the 2018 Game Developers Conference, Microsoft announced the DirectX Raytracing (DXR) API, which extends DirectX 12 with native support for ray tracing. Beginning with the October 2018 update to Windows 10, the API runs on all DirectX 12 GPUs, either using dedicated hardware acceleration or via a compute-based software fallback. This functionality enables new options for DirectX renderers, ranging from full-blown, film- quality path tracers to more humble ray-raster hybrids, e.g., replacing raster shadows or reflections with ray tracing. As with all graphics APIs, a few prerequisites are important before diving into code. This chapter assumes a knowledge of ray tracing fundamentals, and we refer readers to other chapters in this book, or introductory texts [4, 10], for the basics. Additionally, we assume familiarity with GPU programming; to understand ray tracing shaders, experience with basic DirectX, Vulkan, or OpenGL helps. For lower-level details, prior experience with DirectX 12 may be beneficial. 3.2 OVERVIEW GPU programming has three key components, independent of the API: (1) the GPU device code, (2) the CPU host-side setup process, and (3) the sharing of data between host and device. Before we discuss each of these components, Section 3.3 walks through important software and hardware requirements to get started building and running DXR-based programs.
    [Show full text]
  • Securing Enterprise Web Applications at the Source: an Application Security Perspective
    Securing Enterprise Web Applications at the Source: An Application Security Perspective Author: Eugene Lebanidze [email protected] EXECUTIVE SUMMARY Purpose: This paper considers a variety of application level threats facing enterprise web applications and how those can be mitigated in order to promote security. Evidence shows that perhaps as many as sixty percent of attacks on enterprise web applications are facilitated by exploitable vulnerabilities present in the source code. In this paper we take the approach of examining the various threats specific to the application layer along with their corresponding compensating controls. Threats specific to each of the tiers of the n- tiered enterprise web application are discussed with focus on threat modeling. Compensating controls are addressed at the architecture, design, implementation and deployment levels. The discussion focuses around the core security services, namely confidentiality, integrity, authentication, authorization, availability, non-repudiation and accountability. The paper examines how these core security services are supported in the J2EE and .NET frameworks. Recommendations and standards from various organizations are considered in this paper (e.g. OWASP, NIST, etc.) We also recognize that development and deployment of a secure enterprise web-based application is dependent upon the organization’s enterprise security architecture (ESA) framework. Therefore, we map some elements of our discussion for security architecture and technology issues to the five rings of the enterprise security architecture model, particularly in the context of the Zachman Framework enterprise architecture (EA). While most of the web application security threats and mitigations discussed fall in rings four and five, we tie the local risk to the enterprise risk in ring one of the ESA.
    [Show full text]
  • Attack–Defense Trees
    Attack–Defense Trees Patrick Schweitzer Supervisor: Prof. Dr. Sjouke Mauw (University of Luxembourg) Daily advisor: Dr. Barbara Kordy (University of Luxembourg) © 2013 Patrick Schweitzer The author was employed at the University of Luxembourg and received support from the Fonds National de la Recherche, Luxembourg (PHD-09-167) in the project “Security Analysis through Attack–Defense Trees”. PhD-FSTC-2013-28 The Faculty of Sciences, Technology and Communication DISSERTATION Presented on 8 November 2013 in Luxembourg to obtain the degree of DOCTEUR DE L’UNIVERSITÉ DU LUXEMBOURG EN INFORMATIQUE by Patrick SCHWEITZER Born on 25 January 1980 in Saarbrücken–Dudweiler (Germany) ATTACK–DEFENSE TREES Dissertation defense committee Dr. Barbara Kordy, vice-chairman Université du Luxembourg Dr. Sjouke Mauw, dissertation supervisor Professor, Université du Luxembourg Dr. Christian W. Probst, member Assistant Professor, The Technical University of Denmark Dr. Yves Le Traon, chairman Professor, Université du Luxembourg Dr. Jan Willemson, member Cybernetica, Estonia Summary The advent of the information age has notably amplified the importance of security. Unfortunately security considerations still widely occur as an afterthought. For many companies, security is not a requirement to conduct business and is therefore readily neglected. However the lack of security may obstruct, impede and even ruin an otherwise flourishing enterprise. Only when internal computer networks shut down, web portals are inaccessible, mail servers are attacked, or similar incidents affect the day to day business of an enterprise, security enters into the field of vision of companies. As such, security by design is only slowly becoming accepted practice. Amongst security researchers, there is no dispute that a reasonable approach to- wards uninterrupted business activities includes security measures and controls from the beginning.
    [Show full text]
  • Chapter 1- Web Application Security Fundamentals
    Chapter 1- Web Application Security Fundamentals Improving Web Application Security: Threats and Countermeasures J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan Microsoft Corporation Published: June 2003 See the "patterns & practices Security Guidance for Applications Index" for links to additional security resources. See the Landing Page for the starting point and a complete overview of Improving Web Application Security: Threats and Countermeasures. Summary: This chapter introduces Web application security, explains common security terminology and presents a set of proven security principles upon which many of the recommendations throughout this guide are based. It presents an overview of the security process and explains why a holistic approach to security that covers multiple layers including the network, host and application, is required to achieve the goal of hack-resilient Web applications. This chapter also introduces and defines host configuration categories and application vulnerability categories, which are used throughout the remainder of this guide. Contents We Are Secure -- We Have a Firewall What Do We Mean By Security? Threats, Vulnerabilities, and Attacks Defined How Do You Build a Secure Web Application? Secure Your Network, Host, and Application Securing Your Network Securing Your Host Securing Your Application Security Principles Summary Additional Resources When you hear talk about Web application security, there is a tendency to immediately think about attackers defacing Web sites, stealing credit card numbers, and bombarding Web sites with denial of service attacks. You might also think about viruses, Trojan horses, and worms. These are the types of problems that receive the most press because they represent some of the most significant threats faced by today's Web applications.
    [Show full text]