webshop-design/Threat-Modelling.md

80 lines
3.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Target of Evaluation
![alt_text](https://xwiki.kmlabz.com/bin/download/Projektek/UnstableVortex/Threat%20Modeling/WebHome/Target-of-Evaluation.png?rev=1.2)
# Security requirements and objectives
## Security requirements
| | Security Requirement | Security Objective |
|-----------------|------------------------------------------------------------------------|---------------------------------|
| Confidentiality | Personal data of users must be protected from external entities | Data encryption, access control |
| Confidentiality | Only registered users should be able to upload and download CAFF files | Data encryption, access control |
| Confidentiality | Only registered users should be able to write comments for CAFF files | Data encryption, access control |
| Integrity | Regular users should not be able to modify or delete data. | Access control |
| Availability | The webshop should be usable with all modern browsers | Browser support |
| Authentication | Users should be able to register | User authentication mechanism |
| Authorization | Only administrators should be able to modify or delete data. | Administrator privileges |
| Authorization | Only administrators can view the purchases of other users | Administrator privileges |
| Auditing | Sign in attempts must be recorded | Logging facilities |
# Threat assessment
## Assets
Physical:
*
Human:
* Users
Logical:
* CAFF files
* Personal data of users
* Login credentials
![alt_text](https://xwiki.kmlabz.com/bin/download/Projektek/UnstableVortex/Threat%20Modeling/WebHome/Full-system.png?rev=1.1)
## Use Cases
![alt_text](https://xwiki.kmlabz.com/bin/download/Projektek/UnstableVortex/Threat%20Modeling/WebHome/UseCase-diagram.png?rev=1.1)
## Weaknesses - Potential points of attack
* Request from Frontend to Backend
* Response from Backend to Frontend
* Data flow between Backend and User Database
* Data flow between Backend and Image Database
## Possible attack interfaces
* Compromised credentials
* Weak and stolen passwords
* Malicious insiders
* Missing or poor encryption
* Misconfiguration
* Distributed Denial of Service
* Phishing
## Attack methods - Threat agents
* **Script kiddie** Since we are not dealing with sensitive information and the webshop is not an essential service, the most likely attacker is a script kiddie. They could do a phishing attack and intrude the system. They could also exploit weak passwords.
* **Disgruntled employee** An employee might have credentials and a deeper understanding of the system to do some damage or steal data.
* **Cyber crime organization** It is not likely but possible that a cyber crime organization tries to steal passwords hoping that some users use the same password on other websites.
# Risk assessment
| Item Number | Observation | Likelihood | Impact | Risk Rating |
|-------------|------------------------------------------|------------|--------|-------------|
| 1 | User passwords can be guessed or cracked | High | Medium | High |
| 2 | DDOS attack | Low | High | Medium |
| 3 | Accidental file deletion/modification | Medium | High | High |
# Identify countermeasures
1. Enforce minimum passwrd length
2. Monitor the firewall
3. Monitor permissions, previleged users and backups