Presentation is loading. Please wait.

Presentation is loading. Please wait.

Discussing “Risk Analysis in Software Design” 1 FEB 2006 - Joe Combs.

Published byGeorgia Flowers Modified over 9 years ago

Similar presentations

Presentation on theme: "Discussing “Risk Analysis in Software Design” 1 FEB 2006 - Joe Combs."— Presentation transcript:

1 Discussing “Risk Analysis in Software Design” 1 FEB 2006 - Joe Combs

2 Risk Analysis Defined …a business-level decision-support tool: it’s a way of gathering the requisite data to make a good judgement call based on knowledge about vulnerabilities, threats, impacts and probability

3 Key Risk Analysis Concepts Asset - object to be protected Risk - probability an asset will suffer an event of a given negative impact Threat - danger source and malicious agent’s motivation Vulnerability - defect or weakness in procedure, design, implementation or internal control that can be exploited by an attacker

4 Key Risk Analysis Concepts Countermeasures - management, operational and technical controls that protect the system’s confidentiality, integrity and availability Impact - what happens if the risk is realized? Probability - likelihood an event will occur, usually expressed as a percentile

5 Calculating Risk Annualized Loss Expectancy = Single Loss Expectancy X Annualized Rate of Occurrence often just a ballpark figure but useful for making relative judgements other calculations get much more subjective - how do you quantify a soiled reputation?

6 Risk Analysis in the Lifecycle Continuous process, not a single stage Fits with requirements, design & testing 50% of security problems result from design flaws

7 Risk Analysis Activities 1. Learn as much as possible about the analysis target 2,3. Discuss security issues surrounding the software, determine the probability of compromise 4. Perform impact analysis, rank risks

8 Risk Analysis Activities 6,7. Report findings, leading the organization to make changes Note the feedback loop in the process, showing the iterative/ongoing nature of risk analysis

9 Required Knowledge Need to build up a consistent view of the system at a reasonably high level What impact does a methodology like Extreme Programming’s “the code is the design” viewpoint have on the limited reach of code-level analysis

10 Risk Analysis & Requirements SecureUML - role-based access control models security requirements for well-behaved applications in predictable environments

11 Risk Analysis & Requirements UMLsec - enables modeling of confidentiality, access control and other security related features

12 Risk Analysis & Requirements Abuse Cases - means of understanding how applications might respond to threats in a less controllable environment

13 Understanding Business Impact Broad categories: Regulatory Financial considerations Contractual obligations Categorize requirements as must have, should have, and nice but not necessary laws & regulations are always must haves unless you’re a goodfella careful analysis of potential impact & probability allows you to categorize financial and contractual obligations

14 Limitations The ALE calculation is an informed guess, not an all knowing Oracle Traditional risk-analysis techniques don’t cover all potential threats at a component/environment level Modern applications span multiple boundaries of trust

15 A Practical Approach Take a forest-level view of the system: don’t get lost in the trees Consider: threat in each tier’s env vulnerabilities within each component as well as dataflows business impact of such technical risks probability of risk being realized feasibility of countermeasures

16 An Example SSL might seem to offer protection between client and web server Need to prevent eavesdropping within and between these 2 tiers as well Might suggest alternate approaches like message level encryption

17 Conclusions Risk analysis focuses on assets, risks, threats, vulnerabilities, countermeasures, impact and probability Risk analysis applies to requirements, design and testing Requires analyst to gain an in-depth understanding of the system Take advantage of tools & techniques like SecureUML, UMLsec, and abuse cases

18 Conclusions Categorize requirements as must have, should have, nice to have regulatory issues are must haves financial and contractual obligations are where the analysis plays a key role System level view can help understand risks in a distributed application

Download ppt "Discussing “Risk Analysis in Software Design” 1 FEB 2006 - Joe Combs."

Similar presentations

Security+ All-In-One Edition Chapter 17 – Risk Management

Security+ All-In-One Edition Chapter 17 – Risk Management
Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.

Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 © 2002 Carnegie.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 

11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.

CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.
Lecture 8: Risk Management Controlling Risk

Lecture 8: Risk Management Controlling Risk
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Application Threat Modeling Workshop

Application Threat Modeling Workshop
Introduction to Network Defense

Introduction to Network Defense
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Visual 3. 1 Lesson 3 Risk Assessment and Risk Mitigation.

Visual 3. 1 Lesson 3 Risk Assessment and Risk Mitigation.
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Similar presentations

Ads by Google