check the attached files and in that attached files check assignment question pdf

User Generated

zraqhnenivaqxhzne

Computer Science

isol 536 security architecture and design

University of the Cumberlands

Description

it just a small discussion and it should be in a apa format and it should it contain two references

i am attaching the two class notes pdf files also for your reference

Unformatted Attachment Preview

Threat Modeling Session 2a Assignment This week’s assignment • Read chapter 2 – Review Chapter 1: Figure 1-3, page 7 • Download the “Elevation of Privilege” game • Pick your card • Discuss – Describe your card and how it applies to the class system Read chapters 1 and 2 • This week’s assignment refers to figure 1-3, on page 7 – This can represent many types of applications – Let’s assume this is an online shopping application Web browser 1 Web server 2 3 Corporate data center 4 Business logic 5 6 Database 7 Web storage (offsite) Elevation of Privilege (EoP) game • Pages 7-9, Appendix D • Download from – http://Microsoft.com/security/sdl/adopt/eop.aspx • Learn the game basics • Review the cards – Either print the cards you downloaded or refer to Appendix D Discussion steps • Step 1 – Pick your EoP card – Select any “card” from any “suit” from the EoP card deck • Step 2 – Online discussion – create a posting that describes your card, why you chose it, and how the threat affects our application. • Step 3 – Comment on AT LEAST 2 other student posts – Substantive comments • In summary – You will post AT LEAST 3 times (1 original and 2 comments) ISOL 536 Security Architecture and Design Threat Modeling Session 1 Agenda • About this course • About threat modeling About this course About threat modeling ABOUT THIS COURSE Threat Modeling in Depth • 16 weeks – 16 weeks of deep material – 16 Lectures – 7 Assignments • 3 Discussions • 2 Article/paper reviews • 2 Case study assignments – 3 Quizzes – 1 Research paper/presentation (residency week) – 1 Final Exam • Text: Threat Modeling: Designing for Security (Wiley, 2014) Schedule & Grading • See the syllabus for more details • Due date/time: Sunday 11:59 PM – NOT THE FINAL EXAM • 100 points total – Assignments (21 pts) – Quizzes (14 pts) – Residency weekend paper/presentation (40 pts) – Final exam (25 pts) Administrative Notes • • • • Read the course syllabus Check your email and course announcements Be proactive Check course announcements – (did I already say that?) • Read the text (don’t just fake it) • Apply the material to what you already know About this course About threat modeling ABOUT THREAT MODELING Wouldn’t it be better to find security issues before you write or deploy a line of code? So how can you do that? How Do You Find Security Issues? Ways to Find Security Issues • • • • Static analysis of code Fuzzing or other dynamic testing Pen test/red team Wait for bug reports after release Ways to Find Security Issues (2) • Threat modeling! – Think about security issues early – Understand your requirements better – Don’t write bugs into the code – And the subject of this lesson So…how do you threat model? Definitions • What is a threat? • How is it different from a – vulnerability, – risk, – or just a problem? • What is a model? So…how do you threat model? What are the problems associated with the “Think like an Attacker” mentality? Think Like an Attacker? • Like thinking like a professional chef! – Even if you cook well, are you the chef at a popular restaurant? • Thinking like an attacker – or focusing on them is risky – What do they know? What will they do? – If you get these wrong, your threat modeling will go astray • So don’t start from attackers! What are the problems associated with starting from assets as an approach to threat modeling? What do you learn by making an asset list? Focus on Assets? • Assets: valuable things – the business cares! • But what’s an asset? – Something an attacker wants? – Something you want to protect? – A stepping stone? Engineering Real Technology • Need an engineering approach – Predictable – Reliable – Scalable to a large product • Can’t be dependent on one brilliant person Focus on What You’re Building! • Ideally, you understand it • Concrete and testable? Why is it important for you to develop both technique and repertoire as a part of threat modeling? How to Threat Model (Summary) • • • • • What are you building? What can go wrong? What are you going to do about it? Check your work on 1-3 The course will teach you practical skills for each of these Recap • Threat modeling is about structured ways to find problems early in development • Many of the obvious ways (attackers, assets) aren’t repeatable and scalable • Focus in on 4 key questions – Tools to help you with each ISOL 536 Security Architecture and Design Threat Modeling Session 2a “Strategies for Threat Modeling” Agenda • What are you building • What can go wrong? • Reading: Chapter 2 What Are You Building? • Create a model of the software/system/technology • A model abstracts away the details so you can look at the whole – Diagraming is a key approach – Mathematical models of software are rare in commercial environments What Are You Building? • Whiteboard diagrams are a great way to start • Software models for threat modeling usually focus on data flows and boundaries • DFDs, “swim lanes”, state machines can all help (next slides) What Are Some Modeling Methods? • Whiteboard diagrams • Brainstorming • Structured (“formal”) diagrams – Data flow diagrams – Swim lanes – State machines • Mathematical representations of code Trust Boundaries • Sometimes left implicit in development – Effective threat modeling requires making boundaries explicit • A trust boundary is everywhere two (or more) principals interact – Principals are UIDs (unix)/SIDs (Windows) etc. – Apps on mobile platforms – (Two or more) • Need to be enforced in some way – Best to rely on the OS – Sometimes not possible (e.g., building a database) Trust Boundaries • All interesting boundaries are semi-permeable – Air gaps – Firewalls – Require policy mechanisms (which are hard) • Formal methods help build boundaries – Isolation – Type safety – Policy languages – Reference monitors/kernels DFD (Data Flow Diagram) • Developed in the early 70s, and still useful – Simple: easy to learn, sketch – Threats often follow data • Abstracts programs into: – Processes: your code – Data stores: files, databases, shared memory – Data flows: connect processes to other elements – External entities: everything but your code & data Includes people & cloud software – Trust boundaries (now made explicit) Data Flow Diagram (Example) Swim Lane Diagrams • Show two or more entities communicating, each “in a lane” • Useful for network communication • Lanes have implicit boundaries between them State Machines • Helpful for considering what changes security state – For example, unauthenticated to authenticated – User to root/admin • Rarely shows boundaries How to Threat Model (Summary) • • • • What are you building? What can go wrong? What are you going to do about it? Check your work on 1-3
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hi, attached is ...


Anonymous
I was having a hard time with this subject, and this was a great help.

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Similar Content

Related Tags