misuse abuse cases
play

Misuse & Abuse Cases Engineering Secure Software Last Revised: - PowerPoint PPT Presentation

Sep 11, 2023 •365 likes •648 views

Misuse & Abuse Cases Engineering Secure Software Last Revised: October 9, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 What is a Requirement? How do you define it? If done well, what are they useful for? Who

  1. Misuse & Abuse Cases Engineering Secure Software Last Revised: October 9, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1

  2. What is a Requirement? How do you define it? ● If done well, what are they useful for? ● Who benefits from requirements? ● SWEN-331: Engineering Secure Software Benjamin S Meyers 2

  3. Key Properties of Requirements What the system should… ● Do ○ Not do ○ Who interacts with the system (actors) ● Highly domain-specific ● Describe how the surrounding environment has changed as a ● result of the system SWEN-331: Engineering Secure Software Benjamin S Meyers 3

  4. Security is Not a Set of Features Secure is an emergent property of software ● Emergent: result of nothing failing ○ e.g. Being dry in a tent in the rain Being secure is the result of many, many factors, not one feature ○ (e.g. SSL) … so requirements documents should not just be a list of ● features! SWEN-331: Engineering Secure Software Benjamin S Meyers 4

  5. What the System Should Be SWEN-331: Engineering Secure Software Benjamin S Meyers 5

  6. What the What the System System Is Should Be SWEN-331: Engineering Secure Software Benjamin S Meyers 6

  7. What the System Should Be What the System Is SWEN-331: Engineering Secure Software Benjamin S Meyers 7

  8. Unintended Functionality What the System Should Be Vulnerabilities are ● often in areas of too much functionality What the System Is Vulnerabilities are ● features for attackers Vulnerabilities Bugs Faults SWEN-331: Engineering Secure Software Benjamin S Meyers 8

  9. Use Case Review Use Cases include: ● Actor(s) ○ Precondition(s) ○ Main flow describing the primary scenario ○ Alternative flows describing how the system reacts to alternative ○ scenarios SWEN-331: Engineering Secure Software Benjamin S Meyers 9

  10. Misuse & Abuse Cases A scenario within a use case in which an actor compromises ● the system Flow of events, but with malicious usage ● Define the harm done to the system ● Keys: ● Domain, domain, domain ○ Don’t focus on coding and design vulnerabilities here Malicious actors are creative ○ Question the assumptions of the system ○ Focus on what the actor can do over what they will do ○ (prioritize later) SWEN-331: Engineering Secure Software Benjamin S Meyers 10 10

  11. Misuse vs. Abuse Misuse is unintentional ; Abuse is intentional ● Abuse cases imply the actor is actively seeking vulnerabilities ● Misuse cases must still be security-related ● NOT the same as alternative flows ○ e.g. user mistakes are not usually misuse “Crime” of opportunity -- system presents you with an ○ opportunity to do something unintentional A good test: if you COULD do this again intentionally, would that ○ be abuse? If yes, then it’s misuse SWEN-331: Engineering Secure Software Benjamin S Meyers 11 11

  12. Example: Maintain Drug Interactions Actor: Hospital Administrator ● Precondition: Admin is authenticated. ● Main Flow: ● 1. Admin selects two different drug codes from the selection menu 2. Admin enters minimum dosage for both drugs 3. Admin enters text notes about potential consequences of drug interaction 4. Admin is shown table of patient records where interaction rule would apply 5. Admin saves the interaction rule SWEN-331: Engineering Secure Software Benjamin S Meyers 12 12

  13. Example Misuse: Maintain Drug Interactions Actor: Hospital Administrator ● Precondition: Admin is authenticated. ● Main Flow: ● 1. Admin selects two different drug codes from the selection menu 2. Admin enters minimum dosage for both drugs 3. Admin enters text notes about potential consequences of drug interaction 4. Admin is shown table of patient records where interaction rule would apply 5. Admin saves the interaction rule Misuse Case: ● 1. Main flow steps 1-3 2. Admin is shown a set of patient records that have not been authorized for hospital administrator viewing Harm Done: Patient privacy has been violated ● SWEN-331: Engineering Secure Software Benjamin S Meyers 13 13

  14. Example: Maintain Drug Interactions Actor: Hospital Administrator ● Precondition: Admin is authenticated. ● Main Flow: ● 1. Admin selects two different drug codes from the selection menu 2. Admin enters minimum dosage for both drugs 3. Admin enters text notes about potential consequences of drug interaction 4. Admin is shown table of patient records where interaction rule would apply 5. Admin saves the interaction rule SWEN-331: Engineering Secure Software Benjamin S Meyers 14 14

  15. Example Abuse: Maintain Drug Interactions Actor: Hospital Administrator ● Precondition: Admin is authenticated. ● Main Flow: ● 1. Admin selects two different drug codes from the selection menu 2. Admin enters minimum dosage for both drugs 3. Admin enters text notes about potential consequences of drug interaction 4. Admin is shown table of patient records where interaction rule would apply 5. Admin saves the interaction rule Abuse Case: ● Actor: Attacker spoofing Hospital Administrator 1. Repeat main flow 10K times with different rules and vague notes 2. Stop when Main Flow Step 4 takes a long time to complete Harm Done: ● 1. Patients are overwhelmed by alerts and ignore them 2. Availability of the system is compromised SWEN-331: Engineering Secure Software Benjamin S Meyers 15 15

  16. Isn’t this Infinite? Yes ● But even one good abuse case goes a long way ● Easier to think beyond one scenario ○ Starts a discussion ○ Gets stakeholders and developers into a balanced mindset early ○ Motivates good design decisions ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 16 16

  17. Security Requirements Generalized forms of misuse and abuse cases ● Use cases trace to security requirements ● Document these in the main flow ○ Also called “anti-requirements” ● e.g. Maintain Drug Interactions: ● Hospital administrators are only allowed to view a patient’s ○ record with explicit, opt-in indication from the patient All actors are limited to 10 server requests per second ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 17 17

  18. Actor Inspiration Think of the best engineer on your team ● Fire them and humiliate them publicly ● Challenge them to break your system ● What would they go after? ○ What knowledge could they leverage the most? ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 18 18

  19. Assumptions Inspiration What are the other non-malicious users expecting in this ● domain? What are the ramifications of violating access restrictions? ● Where could an attacker “sit in the middle”? ● Sniff the network? ○ Load a plugin? ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 19 19

  20. Abuse/Misuse Cases vs. Risk Assessment Abuse & Misuse Cases Risk Assessment ● ● Involves planning Involves planning ○ ○ Potentially infinite Potentially infinite ○ ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 20 20

  21. Abuse/Misuse Cases vs. Risk Assessment Abuse & Misuse Cases Risk Assessment ● ● Involves planning Involves planning ○ ○ Potentially infinite Potentially infinite ○ ○ Emphasize domain Emphasize all risks ○ ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 21 21

  22. Abuse/Misuse Cases vs. Risk Assessment Abuse & Misuse Cases Risk Assessment ● ● Involves planning Involves planning ○ ○ Potentially infinite Potentially infinite ○ ○ Emphasize domain Emphasize all risks ○ ○ Scenario-driven Quantitative ○ ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 22 22

  23. Abuse/Misuse Cases vs. Risk Assessment Abuse & Misuse Cases Risk Assessment ● ● Involves planning Involves planning ○ ○ Potentially infinite Potentially infinite ○ ○ Emphasize domain Emphasize all risks ○ ○ Scenario-driven Quantitative ○ ○ Originates from abusing Originates from CIA assets, ○ ○ functionality p(exploit) SWEN-331: Engineering Secure Software Benjamin S Meyers 23 23

  24. Abuse/Misuse Cases vs. Risk Assessment Abuse & Misuse Cases Risk Assessment ● ● Involves planning Involves planning ○ ○ Potentially infinite Potentially infinite ○ ○ Emphasize domain Emphasize all risks ○ ○ Scenario-driven Quantitative ○ ○ Originates from abusing Originates from CIA assets, ○ ○ functionality p(exploit) What if this happens? What might happen? ○ ○ SWEN-331: Engineering Secure Software Benjamin S Meyers 24 24

  25. Abuse/Misuse Cases vs. Risk Assessment Abuse & Misuse Cases Risk Assessment ● ● Involves planning Involves planning ○ ○ Potentially infinite Potentially infinite ○ ○ Emphasize domain Emphasize all risks ○ ○ Scenario-driven Quantitative ○ ○ Originates from abusing Originates from CIA assets, ○ ○ functionality p(exploit) What if this happens? What might happen? ○ ○ Helps refine and discover ○ new abuse cases SWEN-331: Engineering Secure Software Benjamin S Meyers 25 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 2 3 4 5 6 Intentional suicidal/parasuicidal ideation, misuse, abuse, unknown

1 2 3 4 5 6 Intentional suicidal/parasuicidal ideation, misuse, abuse, unknown

1 2 3 4 5 6 Intentional suicidal/parasuicidal ideation, misuse, abuse, unknown Unintentional accidental, therapeutic error, occupational hazard,environmental 7 8 Give some ideas to the pharmacists on safe drug use in educating the

855 views • 40 slides
ARE YOU HAVING TOO MUCH FUN? Partnership for Health Substance Abuse Action Team PEOPLE MISUSE

ARE YOU HAVING TOO MUCH FUN? Partnership for Health Substance Abuse Action Team PEOPLE MISUSE

ARE YOU HAVING TOO MUCH FUN? Partnership for Health Substance Abuse Action Team PEOPLE MISUSE DRUGS FOR MANY DIFFERENT REASONS Get feeling of euphoria Relieve emotional and physical pain Be sociable Peer pressure Curiosity

726 views • 29 slides
Help prevent the misuse, abuse and diversion of ADHD prescription stimulants among college

Help prevent the misuse, abuse and diversion of ADHD prescription stimulants among college

Help prevent the misuse, abuse and diversion of ADHD prescription stimulants among college students A u g u s t 5 , 2 0 1 5 AGENDA About the Coalition to Prevent ADHD Medication Misuse (CPAMM) What we know about ADHD medication

538 views • 30 slides
Where do the Children Play? Where do the Children Play? The Misuse Defense in Children s

Where do the Children Play? Where do the Children Play? The Misuse Defense in Children s

Where do the Children Play? Where do the Children Play? The Misuse Defense in Children s s The Misuse Defense in Children Products Liability Cases Products Liability Cases Stuart J. Goldberg, Esq. Mark W. Sandretto, Esq. What is the

452 views • 42 slides
AND MISUSE OF EXPERT TESTIMONY IN BAD FAITH ACTIONS Michael Cohen Jeffrey Bittick, Jr.

AND MISUSE OF EXPERT TESTIMONY IN BAD FAITH ACTIONS Michael Cohen Jeffrey Bittick, Jr.

ce Litigation. ~~~~~~~~~~ G!E Seminar ~1~~ ~i#CS~3i4, ~' ~ ~. F , ~ Expert Witnesses Can't Live With `Em Can't Live Without `Em. Tips On The Use and Misuse Of Experts In Bad Faith And Coverage Cases THE USE AND

572 views • 17 slides
2015-2016 Denville K-8 Annual Report on Violence, Vandalism, Substance Abuse and HIB Substance

2015-2016 Denville K-8 Annual Report on Violence, Vandalism, Substance Abuse and HIB Substance

2015-2016 Denville K-8 Annual Report on Violence, Vandalism, Substance Abuse and HIB Substance Abuse and Weapons- 0 reported cases Harassment, Intimidation and Bullying (HIB) 5 confirmed HIB cases 15 investigations Vandalism:

157 views • 3 slides
Reducing Opioid Abuse Among Older Adults Dr. Arlesia Mathis and Denesha Merchant, MPH Florida

Reducing Opioid Abuse Among Older Adults Dr. Arlesia Mathis and Denesha Merchant, MPH Florida

10/31/2019 Learning Objectives Compare levels of opioid abuse or misuse among older adults by gender, race and geographic location. Formulate strategies for improving appropriate medication use among older adults with chronic health

270 views • 5 slides
Objectives Objectives Addiction Medicine Addiction Medicine Describe and discuss tramadol as

Objectives Objectives Addiction Medicine Addiction Medicine Describe and discuss tramadol as

Objectives Objectives Addiction Medicine Addiction Medicine Describe and discuss tramadol as a novel opioid, including risks and benefits Describe and discuss the problem of opioid misuse and abuse. opioid misuse and abuse James R.

385 views • 15 slides
REDUCING TEEN Webinar Moderator SUBSTANCE MISUSE: WHAT REALLY WORKS Tracy McPherson, PhD

REDUCING TEEN Webinar Moderator SUBSTANCE MISUSE: WHAT REALLY WORKS Tracy McPherson, PhD

3/7/16 REDUCING TEEN Webinar Moderator SUBSTANCE MISUSE: WHAT REALLY WORKS Tracy McPherson, PhD Senior Research Scientist Substance Abuse, Mental Health and PRESENTED BY: Criminal Justice Studies THE BIG SBIRT INITIATIVE, NATIONAL

545 views • 10 slides
Mental Health, Substance Misuse, And Suicide: Shared Risk and Protective Factors Presented By:

Mental Health, Substance Misuse, And Suicide: Shared Risk and Protective Factors Presented By:

Mental Health, Substance Misuse, And Suicide: Shared Risk and Protective Factors Presented By: Hannah Rose, CEO, Business Coach Innovative Strategies Training & Consulting Sponsored by the Florida Alcohol and Drug Abuse Association and

1.22k views • 85 slides
Lessons from the First Year Implementing A Local Prescription Drug Abuse Coalition Matt Willis,

Lessons from the First Year Implementing A Local Prescription Drug Abuse Coalition Matt Willis,

Lessons from the First Year Implementing A Local Prescription Drug Abuse Coalition Matt Willis, MD MPH Public Health Officer Marin County What can we do as a community to prevent prescription drug misuse and abuse and save lives? Marin:

554 views • 37 slides
VICTIMS RIGHTS IN CRIMINAL CASES OF POLICE MISCONDUCT & ABUSE FINAL REPORT OF

VICTIMS RIGHTS IN CRIMINAL CASES OF POLICE MISCONDUCT & ABUSE FINAL REPORT OF

VICTIMS RIGHTS IN CRIMINAL CASES OF POLICE MISCONDUCT & ABUSE FINAL REPORT OF PRESIDENTS TASK FORCE ON VICTIMS OF CRIME (1982) Somewhere along the way, the U.S. criminal justice system had become appallingly out of balance,

335 views • 12 slides
THEORIES OF HARM AND EFFICIENCY JUSTIFICATIONS IN ABUSE OF DOMINANCE CASES Paolo Buccirossi

THEORIES OF HARM AND EFFICIENCY JUSTIFICATIONS IN ABUSE OF DOMINANCE CASES Paolo Buccirossi

THEORIES OF HARM AND EFFICIENCY JUSTIFICATIONS IN ABUSE OF DOMINANCE CASES Paolo Buccirossi Belgrade 3 June 2016 Outline Theory of harm Notion Features of a well developed theory of harm How to test a theory of

562 views • 17 slides
Preventing Opioid Misuse and Disorder through Benefit Design Addressing Opioid Misuse and Pain:

Preventing Opioid Misuse and Disorder through Benefit Design Addressing Opioid Misuse and Pain:

Preventing Opioid Misuse and Disorder through Benefit Design Addressing Opioid Misuse and Pain: A 6-Month Employer Journey Cohort Meeting 1 of 3 | November 1, 2019 Welcome KHC Co-Directors Teresa Couts, Ed.D Randa Deaton, MA UAW Director

489 views • 22 slides
MY CUP RUNNETH OVER: IDENTIFYING AND TREATING ALCOHOL USE DISORDER Learning Objectives

MY CUP RUNNETH OVER: IDENTIFYING AND TREATING ALCOHOL USE DISORDER Learning Objectives

MY CUP RUNNETH OVER: IDENTIFYING AND TREATING ALCOHOL USE DISORDER Learning Objectives Describe the neurobiological impact of alcohol abuse Improve identification of patients with alcohol misuse and abuse Integrate currently

829 views • 49 slides
How do I recognize child abuse? Physical Abuse 1. Physical Neglect 2. 3. Sexual Abuse 4.

How do I recognize child abuse? Physical Abuse 1. Physical Neglect 2. 3. Sexual Abuse 4.

Child Abuse, Bullying and Strategies You Can Use to Protect Yourself How do I recognize child abuse? Physical Abuse 1. Physical Neglect 2. 3. Sexual Abuse 4. Emotional Maltreatment 1 Physical Abuse Physical indicators Behavioral indicators

737 views • 7 slides
COMP2111 System Modelling and Design 1 Who are we? Lecturer in Charge: I am Dr. Christine

COMP2111 System Modelling and Design 1 Who are we? Lecturer in Charge: I am Dr. Christine

COMP2111 System Modelling and Design 1 Who are we? Lecturer in Charge: I am Dr. Christine Rizkallah, a lecturer at UNSW who works on, among other things, formal verification and programming languages. I work on several projects with Data61.

394 views • 7 slides
Advertising Per-node Administrative Tags in OSPF draft-hegde-ospf-node-admin-tag-01 Shraddha

Advertising Per-node Administrative Tags in OSPF draft-hegde-ospf-node-admin-tag-01 Shraddha

Advertising Per-node Administrative Tags in OSPF draft-hegde-ospf-node-admin-tag-01 Shraddha Hegde shraddha@juniper.net Harish Raghuveer hraghuveer@juniper.net Hannes Gredler hannes@juniper.net Rob Shakir rob.shakir@bt.com Anton Smirnov

888 views • 4 slides
g Green Mining and the Perils of Mining Energy Profjles Abram Hindle (hindle1@ualberta.ca)

g Green Mining and the Perils of Mining Energy Profjles Abram Hindle (hindle1@ualberta.ca)

g Green Mining and the Perils of Mining Energy Profjles Abram Hindle (hindle1@ualberta.ca) Department of Computing Science University of Alberta http://softwareprocess.es/ with Karan Aggarawal*, Candy Pang*, Chenlei Zhang*, Kent Rasmussen*,

750 views • 51 slides
The Future of Crypto Crime and the Threat it Poses to Organizational Security CHARLES STOCKWELL

The Future of Crypto Crime and the Threat it Poses to Organizational Security CHARLES STOCKWELL

The Future of Crypto Crime and the Threat it Poses to Organizational Security CHARLES STOCKWELL | THE SECURITY STRONGHOLD CRYPTO CRIME IS STARING US IN THE FACE...and its just a child CRYPTO CRIME EXPEDITION FUTURE PAST PRESENT (my

611 views • 49 slides
Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie

CyLab Privacy notice and Privacy notice and choice choice Engineering & Public Policy Lorrie Faith Cranor October 1, 2013 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 /

1.1k views • 53 slides
Revising IDIS Vouchers for the ESG Program July 11, 2016 Presenters Marlisa Grogan, HUD

Revising IDIS Vouchers for the ESG Program July 11, 2016 Presenters Marlisa Grogan, HUD

Revising IDIS Vouchers for the ESG Program July 11, 2016 Presenters Marlisa Grogan, HUD Marlisa.M.Grogran@hud.gov Chris Pitcher, ICF International Chris.Pitcher@icfi.com Heidi Schilpp, The Cloudburst Group

437 views • 19 slides
Inferring the Purposes of Network Tra ffi c in Mobile Apps Who (which app) sends the data? Where

Inferring the Purposes of Network Tra ffi c in Mobile Apps Who (which app) sends the data? Where

Inferring the Purposes of Network Tra ffi c in Mobile Apps Who (which app) sends the data? Where the data is being sent to? What data is being collected? Why the data is being collected? Haojian Jin , Minyi Liu, Yuanchun Li, Gaurav Srivastava,

848 views • 63 slides
Jeffrey D. Ullman Stanford University/Infolab Slides mostly developed by Anand Rajaraman

Jeffrey D. Ullman Stanford University/Infolab Slides mostly developed by Anand Rajaraman

Jeffrey D. Ullman Stanford University/Infolab Slides mostly developed by Anand Rajaraman Classic model of ( offline ) algorithms: You get to see the entire input, then compute some function of it. Online algorithm : You get to

515 views • 38 slides

More recommend