Engineering Secure Software. Why do we study risk?  Many outcomes are possible, not all are probable  Enumeration  Prioritization  Discussion.

Slides:



Advertisements
Similar presentations
Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.
Advertisements

Engineering Secure Software. Does Security Even Matter?  At your table, introduce yourselves: Your name, degree, & app domain What is your favorite software.
Engineering Secure Software. Uses of Risk Thus Far  Start with the functionality Use cases  abuse/misuse cases p(exploit), p(vulnerability)  Start.
Engineering Secure Software. The Power of Source Code  White box testing Testers have intimate knowledge of the specifications, design, Often done by.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.
Introducing Computer and Network Security
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Engineering Secure Software. Risk Management  Beyond assessment Assess: Enumerate, Prioritize, Discuss Manage: Act on those discussions  Mitigate risk.
Security+ Guide to Network Security Fundamentals, Fourth Edition
Let’s Play Poker: Effort and Software Security Risk Estimation in Software Engineering Laurie Williams 1 Picture from
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Risk management in Software Engineering T erm Paper By By Praveenkumar Sammita Praveenkumar Sammita CSC532 CSC532.
Conostix S.A. Sensible defence.
Security Risk Assessment Applied Risk Management July 2002.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 1.
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Risk Management Project Management Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours.
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
Chapter 11: Project Risk Management
1 TenStep Project Management Process ™ PM00.7 PM00.7 Project Management Preparation for Success * Manage Risk *
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Risk Analysis & Management
INFORMATION SECURITY MANAGEMENT L ECTURE 7: R ISK M ANAGEMENT I DENTIFYING AND A SSESSING R ISK You got to be careful if you don’t know where you’re going,
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
1 Planning – Agile Style Highsmith, Ch 7 All kinds of iterations! CSSE579 Session 3 Part 1.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Software Engineering Lecture 6: Risk Analysis & Management.
South Wales Cyber Security Cluster A networking group with a purpose Membership Open to anyone with an interest in Cyber Security.
Protection Poker James Walden Northern Kentucky University.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Chap 8: Administering Security.  Security is a combination Technical – covered in chap 1 Administrative Physical controls SE571 Security in Computing.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Computer Security By Duncan Hall.
Information Security Governance and Risk Chapter 2 Part 2 Pages 69 to 100.
IT Security CS5493(74293). IT Security Q: Why do you need security? A: To protect assets.
COST BENEFITS OF IMPLEMENTING CREDIT CARD DATABASE TOKENIZATION USING FAIR CASE STUDY SHARED COURTESY OF RISKLENS CONFIDENTIAL - FAIR INSTITUTE
E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.
Engineering Secure Software. Does Security Even Matter?  Find two other people near you Introduce yourself What is your favorite software development.
Risk Assessment and Risk Management James Taylor COSC 316 Spring 2008.
INFORMATION SECURITY MANAGEMENT L ECTURE 8: R ISK M ANAGEMENT C ONTROLLING R ISK You got to be careful if you don’t know where you’re going, because you.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
By: Mark Reed.  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Information Security, Theory and Practice.
HOW MUCH RISK IS ASSOCIATED WITH IT HYGIENE USING FAIR?
Risk Assessment.
Engineering Secure Software
Evaluating Existing Systems
Evaluating Existing Systems
Security Engineering.
development lifecycle & Principles
INFORMATION SYSTEMS SECURITY and CONTROL
Engineering Secure Software
Security Risk Assessment
Engineering Secure Software
Security Risk Assessment
Engineering Secure Software
Engineering Secure Software
White Box testing & Inspections
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Engineering Secure Software
A New Concept for Laboratory Quality Management Systems
ONAP Risk Assessment – Preparation Material - Overview of the Process - Terminology - Assumptions
Presentation transcript:

Engineering Secure Software

Why do we study risk?  Many outcomes are possible, not all are probable  Enumeration  Prioritization  Discussion

Naïve Security Risk Assessment  The naïve approach Write down your worst fears for the system Try to avoid those things  Cons Requires a big “bag of tricks” Easily overwhelming for security

What is risk?  p(occurrence)*impact  The risk associated with an event is the probability that the event will happen times the impact magnitude of the event  For the math-oriented… expected value  Matches how people generally think Low p(occ), high impact … terrorist attacks, struck by lightning High p(occ), low impact … credit card theft, keeping my old truck unlocked © Andrew Meneely

What is security risk?  p(exploit)*value of an asset  p(exploit) The probability that an exploit will occur on your system  Asset A [tangible or intangible] resource of the system that has value in confidentiality, integrity, availability

p(exploit)  Increased by more vulnerabilities  Increased by a far-reaching vulnerability  Increased by discoverable vulnerabilities …although you cannot rely on security through obscurity alone …  Increased by scope of the project …although sometimes that is unavoidable…  Other factors that we cannot control Market share  exposure New malicious actors (e.g. activism spike) Many, many other factors that we must ignore for the sake of simplicity  Thus, we generally assume p(vulnerability) is proportional to p(exploit)

Assets  Every software system has assets Domain-specific e.g. patient records Domain-independent e.g. passwords Intangible properties e.g. availability  These can be identified at the requirements and design stages  Assets exist in the deployed system, so source code is not (necessarily) an asset

Places where assets live  Database tables  User-supplied data  Configuration files  Configuration consoles  File systems  Security feature inputs  Logs  Sandboxing features  Built-in examples  Network traffic  Cookies  User interfaces

Risk Assessment in Process  From:

The Planning >= The Plan  One of the most important elements of risk analysis is the process itself Discussions that are brought up Fighting over the mitigation strategies  Communication is very important at this stage  Assessing the change in risk is more sound than the final numbers New assets? Increased p(exploit)?

Abuse Cases vs. Risk Assessment  Abuse & Misuse Cases Involves planning Potentially infinite Emphasize domain Scenario-driven Originates from abusing functionality What if?  Risk Assessment Involves planning Potentially infinite Emphasize all risks Quantitative Originates from CIA, assets, p(exploit) What might?

Protection Poker  A combination of product & process risk Trace stories to assets Quantify the risk for prioritization ○ Ease of attack ○ Value of the asset Discuss the elements of the risk  Originally designed for agile processes Assumes we are in a sprint Not comprehensive, but just-in-time

Story Points Estimation  In PP, we use story points Dimensionless (unit-less) Should not translate to hours, effort, etc.  Limited to a few choices Why argue over 51 vs. 50? Exponential in scale (~Fibonacci)  Ease of attack ~ p(vulnerability)

Protection Poker in Action  Identify some assets  Calibrate your asset values  Calibrate your ease of attack  For each item Trace the item to the assets affected Vote on affected asset values, as needed Vote on ease of attack  Examine two rankings Ease*Max(value) Ease*Sum(value)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.