80 lines
3.4 KiB
Markdown
80 lines
3.4 KiB
Markdown
|
# Target of Evaluation
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
# Security requirements and objectives
|
|||
|
|
|
|||
|
|
## Security requirements
|
|||
|
|
|
|||
|
|
| | Security Requirement | Security Objective |
|
|||
|
|
|-----------------|------------------------------------------------------------------------|---------------------------------|
|
|||
|
|
| Confidentiality | Personal data of users must be protected from external entities | Data encryption, access control |
|
|||
|
|
| Confidentiality | Only registered users should be able to upload and download CAFF files | Data encryption, access control |
|
|||
|
|
| Confidentiality | Only registered users should be able to write comments for CAFF files | Data encryption, access control |
|
|||
|
|
| Integrity | Regular users should not be able to modify or delete data. | Access control |
|
|||
|
|
| Availability | The webshop should be usable with all modern browsers | Browser support |
|
|||
|
|
| Authentication | Users should be able to register | User authentication mechanism |
|
|||
|
|
| Authorization | Only administrators should be able to modify or delete data. | Administrator privileges |
|
|||
|
|
| Authorization | Only administrators can view the purchases of other users | Administrator privileges |
|
|||
|
|
| Auditing | Sign in attempts must be recorded | Logging facilities |
|
|||
|
|
|
|||
|
|
# Threat assessment
|
|||
|
|
|
|||
|
|
## Assets
|
|||
|
|
|
|||
|
|
Physical:
|
|||
|
|
|
|||
|
|
* ‒
|
|||
|
|
|
|||
|
|
Human:
|
|||
|
|
|
|||
|
|
* Users
|
|||
|
|
|
|||
|
|
Logical:
|
|||
|
|
|
|||
|
|
* CAFF files
|
|||
|
|
* Personal data of users
|
|||
|
|
* Login credentials
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## Use Cases
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## Weaknesses - Potential points of attack
|
|||
|
|
|
|||
|
|
* Request from Frontend to Backend
|
|||
|
|
* Response from Backend to Frontend
|
|||
|
|
* Data flow between Backend and User Database
|
|||
|
|
* Data flow between Backend and Image Database
|
|||
|
|
|
|||
|
|
## Possible attack interfaces
|
|||
|
|
|
|||
|
|
* Compromised credentials
|
|||
|
|
* Weak and stolen passwords
|
|||
|
|
* Malicious insiders
|
|||
|
|
* Missing or poor encryption
|
|||
|
|
* Misconfiguration
|
|||
|
|
* Distributed Denial of Service
|
|||
|
|
* Phishing
|
|||
|
|
|
|||
|
|
## Attack methods - Threat agents
|
|||
|
|
|
|||
|
|
* **Script kiddie** ‒ Since we are not dealing with sensitive information and the webshop is not an essential service, the most likely attacker is a script kiddie. They could do a phishing attack and intrude the system. They could also exploit weak passwords.
|
|||
|
|
* **Disgruntled employee** ‒ An employee might have credentials and a deeper understanding of the system to do some damage or steal data.
|
|||
|
|
* **Cyber crime organization** ‒ It is not likely but possible that a cyber crime organization tries to steal passwords hoping that some users use the same password on other websites.
|
|||
|
|
|
|||
|
|
# Risk assessment
|
|||
|
|
|
|||
|
|
| Item Number | Observation | Likelihood | Impact | Risk Rating |
|
|||
|
|
|-------------|------------------------------------------|------------|--------|-------------|
|
|||
|
|
| 1 | User passwords can be guessed or cracked | High | Medium | High |
|
|||
|
|
| 2 | DDOS attack | Low | High | Medium |
|
|||
|
|
| 3 | Accidental file deletion/modification | Medium | High | High |
|
|||
|
|
|
|||
|
|
# Identify countermeasures
|
|||
|
|
|
|||
|
|
1. Enforce minimum passwrd length
|
|||
|
|
2. Monitor the firewall
|
|||
|
|
3. Monitor permissions, previleged users and backups
|