SlideShare une entreprise Scribd logo

Measuring black boxes

Télécharger en tant que PPTX, PDF
Phil Huggins FBCS CITP
Phil Huggins FBCS CITP

A short presentation (20 minutes) I gave to an internal audience on the use of attack surface and complexity / coupling metrics in analysing system architectures.

BusinessTechnologie
1  sur  20
PracticalArchitecture Analysis 1 Internal Presentation, September 2013, V1 Phil Huggins
 Security Architect for large delivery programmes:  Multiple projects  Challenging stakeholders  Large, complex systems  Multi-year delivery  100+ people customer delivery teams  200+ people supplier delivery teams  Security mattered  Government  Commercial  AirportTerminal New Build  Smart Metering for a Big6 UK Energy Supplier  7x UK Airports security refresh.  UK Banking ecommerce infrastructure  Cloud Software as a Service Provider 2
 Many sub-systems  Multiple stakeholders and connecting parties  Multiple COTS products  Multiple unsupported OSOTS products  System-specific glue code and configuration  Business-specific logic and processes  Shared data models  SDLC doesn’t help for the majority of the vulnerabilities in the systems 3 Trust Issues Design Flaws Software Bugs Configuration Errors Most Vulnerabilities
4
 A measure of attackability NOT of vulnerability.  Doesn’t look inside the box. Michael Howard at Microsoft (2003) Michael Howard & JeanetteWing at Carnegie Mellon (2003)  Relative Attack Surface Quotient  20 AttackVectors (open sockets, weak ACLs, guest accounts etc)  Channels  ProcessTargets  DataTargets  Process Enablers Pretty informal model Needs an expert to apply to software not previously analysed 5
 Pratyusa Manadhata & JeanetteWing at Carnegie Mellon (2004 – 2010)  Positively correlated severity of MS Security Bulletins vulnerabilities with the following indicators:  Method Privilege  MethodAccess Rights  Channel Protocol  ChannelAccess Rights  Data ItemType  Data Item Access Rights  Attackers use a Channel to invoke a Method and send or receive a Data Item 6
Methods Privilege Value Access Rights Value System 5 AuthNAdmin 4 Admin 4 AuthN Priv User 3 Priv User 3 AuthN User 2 User 1 UnAuthN 1 7 Attack Surface Contribution = Method Privilege Value / Method Access Rights Value
8 Channel Protocol Value Access Rights Value Raw Stack Access 5 AuthN Admin 4 Constrained Protocol Access 4 AuthN Priv User 3 Encoded MessageAccess 3 AuthN User 2 SignalOnly 1 UnAuthN 1 Attack Surface Contribution = Channel Protocol Value / Channel Access Rights Value
9 DataType Type Value Access Rights Value Persistent Executable 5 AuthN Admin 4 Persistent File / Data Item 1 AuthN Priv User 3 AuthN User 2 UnAuthN 1 Attack Surface Contribution = Data Type Value / Data Type Access Rights Value
 Attack Surface Measurement = Sum of all Attack Surface Contributions  Assumes probability of a exploitable vulnerability in a Method, Channel or Data Item is 1  Comparing two boxes against each other or against differently configured versions of themselves is relatively easy.  Beware: Similar attack surface scores may hide boxes with a small attack surface but a very high damage potential!  Only considers attackability no consideration of the impact of the attack  This is not risk 10
11
“The worst enemy of security is complexity.” Bruce Schneier “Connectedness and complexity are what cause security disasters.” Marcus Ranum "Risk is a necessary consequence of dependence“ Dan Geer “Left to themselves, creative engineers will deliver the most complicated system they think they can debug.” Mike O’Dell 12
 Coupling  How fast cause and effect propagate through the system.  Time dependent  Rigid ordering  Single path to successful outcome  Complexity  Number of interactions between components.  Branching  Feedback loops  Un-planned sequences of events.  Multiple component failures cause systemic cascade failures or accidents.  Accidents are inevitable in complex, tightly-coupled systems. 13
Also a common solution architecture concern. 14 Simple Component Complexity Fan-In Complexity Sum of all possible protocol connections to the component Fan-Out Complexity Sum of all possible protocol connections from the component Total Component Complexity Sum of Fan-In & Fan-Out Complexity Complex Component Complexity Fan-In Complexity Sum of all Methods offered by the component on each Channel Fan-Out Complexity Sum of all Methods used by the component on each Channel Total Component Complexity Sum of Fan-In & Fan-Out Complexity
 Closely-coupled in security is analogous to highly-trusted.  I propose that measuring the trust of connections has the following aspects: 15 Connection Channel Privilege Value Channel Privacy Value Channel Access Rights Value System 5 PlainText 4 AuthN Admin 4 Admin 4 Binary 4 AuthN Priv User 3 Priv User 3 Obfuscated 3 AuthN User 2 User 1 Encrypted 1 UnAuthN 1 Coupling = Channel Privilege Value x (Channel Privacy Value / Channel Access Rights Value)
 The coupling and connectivity of the system can be represented by a graph:  Components = Nodes  Connections = Edges  Number of Methods = EdgeWeighting  Coupling = EdgeWeighting This doesn’t need special tooling, you can represent a graph in a matrix (A spreadsheet for example). Graphs can be clustered using complexity or coupling to identify structurally related components in a system 16
 A good example representing system graphs matrices in system engineering is a Design Structure Matrix (DSM)  http://www.dsmweb.org  These are easy to knock up while you’re working to aid your analysis. Simple complexity DSM example: 17 WWW APP DB MESSAGE1 MESSAGE2 Fan-Out Total WWW 1 1 1 0 3 3 APP 0 1 1 0 2 3 DB 0 0 0 0 0 2 MESSAGE1 0 0 1 1 4 MESSAGE2 0 0 0 0 0 1 Fan-In 0 1 2 3 1
18
 Components can have  A relative attack surface measurement  A relative total component complexity measurement  Connections between components can be relatively weighted by  Complexity  Coupling  These are all indicators you can use to identify high risk areas of large complex systems that you can then focus to address.  More testing  Re-Design  This has previously highlighted an interesting situation where a firewall HA pair between two logical networks that routed a closely-coupled application protocol connection with a high level of privilege between two components was effectively useless as a security control and was removed. 19
20

Recommandé

Evaluating the vulnerability of network traffic using joint security and rout...
Evaluating the vulnerability of network traffic using joint security and rout...Evaluating the vulnerability of network traffic using joint security and rout...
Evaluating the vulnerability of network traffic using joint security and rout...
Mumbai Academisc
 
Practical Security Architecture Analysis
Practical Security Architecture AnalysisPractical Security Architecture Analysis
Practical Security Architecture Analysis
Phil Huggins FBCS CITP
 
The Spark
The SparkThe Spark
The Spark
guest5b4748
 
raim-2015-paper31
raim-2015-paper31raim-2015-paper31
raim-2015-paper31
John Wu
 
Analysis of Application-Layer Filtering Policies With Application to HTTP
Analysis of Application-Layer Filtering Policies With Application to HTTPAnalysis of Application-Layer Filtering Policies With Application to HTTP
Analysis of Application-Layer Filtering Policies With Application to HTTP
Nexgen Technology
 
First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]
Phil Huggins FBCS CITP
 
Delivering Secure Projects
Delivering Secure ProjectsDelivering Secure Projects
Delivering Secure Projects
Phil Huggins FBCS CITP
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]
Phil Huggins FBCS CITP
 

Recommandé

Evaluating the vulnerability of network traffic using joint security and rout...
Evaluating the vulnerability of network traffic using joint security and rout...Evaluating the vulnerability of network traffic using joint security and rout...
Evaluating the vulnerability of network traffic using joint security and rout...
Mumbai Academisc
 
Practical Security Architecture Analysis
Practical Security Architecture AnalysisPractical Security Architecture Analysis
Practical Security Architecture Analysis
Phil Huggins FBCS CITP
 
The Spark
The SparkThe Spark
The Spark
guest5b4748
 
raim-2015-paper31
raim-2015-paper31raim-2015-paper31
raim-2015-paper31
John Wu
 
Analysis of Application-Layer Filtering Policies With Application to HTTP
Analysis of Application-Layer Filtering Policies With Application to HTTPAnalysis of Application-Layer Filtering Policies With Application to HTTP
Analysis of Application-Layer Filtering Policies With Application to HTTP
Nexgen Technology
 
First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]
Phil Huggins FBCS CITP
 
Delivering Secure Projects
Delivering Secure ProjectsDelivering Secure Projects
Delivering Secure Projects
Phil Huggins FBCS CITP
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]
Phil Huggins FBCS CITP
 
First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]
Phil Huggins FBCS CITP
 
Security Metrics [2008]
Security Metrics [2008]Security Metrics [2008]
Security Metrics [2008]
Phil Huggins FBCS CITP
 
Intelligence-led Cybersecurity
Intelligence-led Cybersecurity Intelligence-led Cybersecurity
Intelligence-led Cybersecurity
Phil Huggins FBCS CITP
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Phil Huggins FBCS CITP
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
Phil Huggins FBCS CITP
 
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Phil Huggins FBCS CITP
 
Penetration Testing; A customers perspective
Penetration Testing; A customers perspectivePenetration Testing; A customers perspective
Penetration Testing; A customers perspective
Phil Huggins FBCS CITP
 
Resilience is the new cyber security
Resilience is the new cyber securityResilience is the new cyber security
Resilience is the new cyber security
Phil Huggins FBCS CITP
 
UK Legal Framework (2003)
UK Legal Framework (2003)UK Legal Framework (2003)
UK Legal Framework (2003)
Phil Huggins FBCS CITP
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
Phil Huggins FBCS CITP
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
Phil Huggins FBCS CITP
 
First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]
Phil Huggins FBCS CITP
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
Phil Huggins FBCS CITP
 
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
Phil Huggins FBCS CITP
 
Probability Calibration
Probability CalibrationProbability Calibration
Probability Calibration
Phil Huggins FBCS CITP
 
PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems
Phil Huggins FBCS CITP
 
Network Reconnaissance Infographic
Network Reconnaissance InfographicNetwork Reconnaissance Infographic
Network Reconnaissance Infographic
Phil Huggins FBCS CITP
 
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
Phil Huggins FBCS CITP
 
Introduction to Hacktivism
Introduction to HacktivismIntroduction to Hacktivism
Introduction to Hacktivism
Phil Huggins FBCS CITP
 
Managing Insider Risk
Managing Insider RiskManaging Insider Risk
Managing Insider Risk
Phil Huggins FBCS CITP
 
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET Journal
 
characteristicsofdistributedsystem-121004123308-phpapp02.ppt
characteristicsofdistributedsystem-121004123308-phpapp02.pptcharacteristicsofdistributedsystem-121004123308-phpapp02.ppt
characteristicsofdistributedsystem-121004123308-phpapp02.ppt
RamkumardevendiranDe
 

Contenu connexe

En vedette

En vedette (20)

First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]
 
Security Metrics [2008]
Security Metrics [2008]Security Metrics [2008]
Security Metrics [2008]
 
Intelligence-led Cybersecurity
Intelligence-led Cybersecurity Intelligence-led Cybersecurity
Intelligence-led Cybersecurity
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
 
Penetration Testing; A customers perspective
Penetration Testing; A customers perspectivePenetration Testing; A customers perspective
Penetration Testing; A customers perspective
 
Resilience is the new cyber security
Resilience is the new cyber securityResilience is the new cyber security
Resilience is the new cyber security
 
UK Legal Framework (2003)
UK Legal Framework (2003)UK Legal Framework (2003)
UK Legal Framework (2003)
 
Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber Shocks
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
 
First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
 
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
 
Probability Calibration
Probability CalibrationProbability Calibration
Probability Calibration
 
PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems
 
Network Reconnaissance Infographic
Network Reconnaissance InfographicNetwork Reconnaissance Infographic
Network Reconnaissance Infographic
 
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
 
Introduction to Hacktivism
Introduction to HacktivismIntroduction to Hacktivism
Introduction to Hacktivism
 
Managing Insider Risk
Managing Insider RiskManaging Insider Risk
Managing Insider Risk
 

Similaire à Measuring black boxes

Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)
Ameer Sameer
 

Similaire à Measuring black boxes (20)

IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content StorageIRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
IRJET- Secure Scheme For Cloud-Based Multimedia Content Storage
 
characteristicsofdistributedsystem-121004123308-phpapp02.ppt
characteristicsofdistributedsystem-121004123308-phpapp02.pptcharacteristicsofdistributedsystem-121004123308-phpapp02.ppt
characteristicsofdistributedsystem-121004123308-phpapp02.ppt
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved Security
 
Presentation of ditributed system
Presentation of ditributed systemPresentation of ditributed system
Presentation of ditributed system
 
Managing Software Risk with CAST
Managing Software Risk with CASTManaging Software Risk with CAST
Managing Software Risk with CAST
 
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
 
Intro to distributed systems
Intro to distributed systemsIntro to distributed systems
Intro to distributed systems
 
Crypto Mark Scheme for Fast Pollution Detection and Resistance over Networking
Crypto Mark Scheme for Fast Pollution Detection and Resistance over NetworkingCrypto Mark Scheme for Fast Pollution Detection and Resistance over Networking
Crypto Mark Scheme for Fast Pollution Detection and Resistance over Networking
 
Stream connectors
Stream connectorsStream connectors
Stream connectors
 
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANAn Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLAN
 
An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANAn Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLAN
 
spamzombieppt
spamzombiepptspamzombieppt
spamzombieppt
 
How Romanian companies are developing secure applications on Azure.pptx
How Romanian companies are developing secure applications on Azure.pptxHow Romanian companies are developing secure applications on Azure.pptx
How Romanian companies are developing secure applications on Azure.pptx
 
Cloud Storage and Security
Cloud Storage and SecurityCloud Storage and Security
Cloud Storage and Security
 
2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf2010.hari_kannan.phd_thesis.slides.pdf
2010.hari_kannan.phd_thesis.slides.pdf
 
Finding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for NetworkFinding Critical Link and Critical Node Vulnerability for Network
Finding Critical Link and Critical Node Vulnerability for Network
 
Survey on Security Aspects Related to DOIP
Survey on Security Aspects Related to DOIPSurvey on Security Aspects Related to DOIP
Survey on Security Aspects Related to DOIP
 
Ch18
Ch18Ch18
Ch18
 
IRJET- The Hidden Virus Propagation Search Engine Attack
IRJET- The Hidden Virus Propagation Search Engine AttackIRJET- The Hidden Virus Propagation Search Engine Attack
IRJET- The Hidden Virus Propagation Search Engine Attack
 
Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)Security of software defined networking (sdn) and cognitive radio network (crn)
Security of software defined networking (sdn) and cognitive radio network (crn)
 

Dernier

👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
ritikaroy0888
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Abortion pills in Kuwait Cytotec pills in Kuwait
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
dollysharma2066
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Dipal Arora
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Workforce Group
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
Roland Driesen
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Dipal Arora
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
Renandantas16
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
Abortion pills in Kuwait Cytotec pills in Kuwait
 

Dernier (20)

KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pillsMifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
Mifty kit IN Salmiya (+918133066128) Abortion pills IN Salmiyah Cytotec pills
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 

Measuring black boxes

  • 2.  Security Architect for large delivery programmes:  Multiple projects  Challenging stakeholders  Large, complex systems  Multi-year delivery  100+ people customer delivery teams  200+ people supplier delivery teams  Security mattered  Government  Commercial  AirportTerminal New Build  Smart Metering for a Big6 UK Energy Supplier  7x UK Airports security refresh.  UK Banking ecommerce infrastructure  Cloud Software as a Service Provider 2
  • 3.  Many sub-systems  Multiple stakeholders and connecting parties  Multiple COTS products  Multiple unsupported OSOTS products  System-specific glue code and configuration  Business-specific logic and processes  Shared data models  SDLC doesn’t help for the majority of the vulnerabilities in the systems 3 Trust Issues Design Flaws Software Bugs Configuration Errors Most Vulnerabilities
  • 4. 4
  • 5.  A measure of attackability NOT of vulnerability.  Doesn’t look inside the box. Michael Howard at Microsoft (2003) Michael Howard & JeanetteWing at Carnegie Mellon (2003)  Relative Attack Surface Quotient  20 AttackVectors (open sockets, weak ACLs, guest accounts etc)  Channels  ProcessTargets  DataTargets  Process Enablers Pretty informal model Needs an expert to apply to software not previously analysed 5
  • 6.  Pratyusa Manadhata & JeanetteWing at Carnegie Mellon (2004 – 2010)  Positively correlated severity of MS Security Bulletins vulnerabilities with the following indicators:  Method Privilege  MethodAccess Rights  Channel Protocol  ChannelAccess Rights  Data ItemType  Data Item Access Rights  Attackers use a Channel to invoke a Method and send or receive a Data Item 6
  • 7. Methods Privilege Value Access Rights Value System 5 AuthNAdmin 4 Admin 4 AuthN Priv User 3 Priv User 3 AuthN User 2 User 1 UnAuthN 1 7 Attack Surface Contribution = Method Privilege Value / Method Access Rights Value
  • 8. 8 Channel Protocol Value Access Rights Value Raw Stack Access 5 AuthN Admin 4 Constrained Protocol Access 4 AuthN Priv User 3 Encoded MessageAccess 3 AuthN User 2 SignalOnly 1 UnAuthN 1 Attack Surface Contribution = Channel Protocol Value / Channel Access Rights Value
  • 9. 9 DataType Type Value Access Rights Value Persistent Executable 5 AuthN Admin 4 Persistent File / Data Item 1 AuthN Priv User 3 AuthN User 2 UnAuthN 1 Attack Surface Contribution = Data Type Value / Data Type Access Rights Value
  • 10.  Attack Surface Measurement = Sum of all Attack Surface Contributions  Assumes probability of a exploitable vulnerability in a Method, Channel or Data Item is 1  Comparing two boxes against each other or against differently configured versions of themselves is relatively easy.  Beware: Similar attack surface scores may hide boxes with a small attack surface but a very high damage potential!  Only considers attackability no consideration of the impact of the attack  This is not risk 10
  • 11. 11
  • 12. “The worst enemy of security is complexity.” Bruce Schneier “Connectedness and complexity are what cause security disasters.” Marcus Ranum "Risk is a necessary consequence of dependence“ Dan Geer “Left to themselves, creative engineers will deliver the most complicated system they think they can debug.” Mike O’Dell 12
  • 13.  Coupling  How fast cause and effect propagate through the system.  Time dependent  Rigid ordering  Single path to successful outcome  Complexity  Number of interactions between components.  Branching  Feedback loops  Un-planned sequences of events.  Multiple component failures cause systemic cascade failures or accidents.  Accidents are inevitable in complex, tightly-coupled systems. 13
  • 14. Also a common solution architecture concern. 14 Simple Component Complexity Fan-In Complexity Sum of all possible protocol connections to the component Fan-Out Complexity Sum of all possible protocol connections from the component Total Component Complexity Sum of Fan-In & Fan-Out Complexity Complex Component Complexity Fan-In Complexity Sum of all Methods offered by the component on each Channel Fan-Out Complexity Sum of all Methods used by the component on each Channel Total Component Complexity Sum of Fan-In & Fan-Out Complexity
  • 15.  Closely-coupled in security is analogous to highly-trusted.  I propose that measuring the trust of connections has the following aspects: 15 Connection Channel Privilege Value Channel Privacy Value Channel Access Rights Value System 5 PlainText 4 AuthN Admin 4 Admin 4 Binary 4 AuthN Priv User 3 Priv User 3 Obfuscated 3 AuthN User 2 User 1 Encrypted 1 UnAuthN 1 Coupling = Channel Privilege Value x (Channel Privacy Value / Channel Access Rights Value)
  • 16.  The coupling and connectivity of the system can be represented by a graph:  Components = Nodes  Connections = Edges  Number of Methods = EdgeWeighting  Coupling = EdgeWeighting This doesn’t need special tooling, you can represent a graph in a matrix (A spreadsheet for example). Graphs can be clustered using complexity or coupling to identify structurally related components in a system 16
  • 17.  A good example representing system graphs matrices in system engineering is a Design Structure Matrix (DSM)  http://www.dsmweb.org  These are easy to knock up while you’re working to aid your analysis. Simple complexity DSM example: 17 WWW APP DB MESSAGE1 MESSAGE2 Fan-Out Total WWW 1 1 1 0 3 3 APP 0 1 1 0 2 3 DB 0 0 0 0 0 2 MESSAGE1 0 0 1 1 4 MESSAGE2 0 0 0 0 0 1 Fan-In 0 1 2 3 1
  • 18. 18
  • 19.  Components can have  A relative attack surface measurement  A relative total component complexity measurement  Connections between components can be relatively weighted by  Complexity  Coupling  These are all indicators you can use to identify high risk areas of large complex systems that you can then focus to address.  More testing  Re-Design  This has previously highlighted an interesting situation where a firewall HA pair between two logical networks that routed a closely-coupled application protocol connection with a high level of privilege between two components was effectively useless as a security control and was removed. 19
  • 20. 20