8,979 research outputs found
A framework for security requirements engineering
This paper presents a framework for security requirements
elicitation and analysis, based upon the construction of a context for the system and satisfaction arguments for the security of the system. One starts with enumeration of security goals based on assets in the system. These goals are used to derive security requirements in the form of constraints. The system context is described using a problem-centered notation, then this context is
validated against the security requirements through construction of a satisfaction argument. The satisfaction argument is in two parts: a formal argument that the system can meet its security requirements, and a structured informal argument supporting the assumptions expressed in the formal argument. The construction
of the satisfaction argument may fail, revealing either that the security requirement cannot be satisfied in the context, or that the context does not contain sufficient information to develop the argument. In this case, designers and architects are asked to provide additional design information to resolve the problems
Finding Differences in Privilege Protection and their Origin in Role-Based Access Control Implementations
Les applications Web sont trĂšs courantes, et ont des besoins de sĂ©curitĂ©. Lâun dâeux est le contrĂŽle dâaccĂšs. Le contrĂŽle dâaccĂšs sâassure que la politique de sĂ©curitĂ© est respectĂ©e. Cette politique dĂ©finit lâaccĂšs lĂ©gitime aux donnĂ©es et aux opĂ©rations de lâapplication. Les applications Web utilisent rĂ©guliĂšrement le contrĂŽle dâaccĂšs Ă base de rĂŽles (en anglais, « Role-Based Access Control » ou RBAC). Les politiques de sĂ©curitĂ© RBAC permettent aux dĂ©veloppeurs
de dĂ©finir des rĂŽles et dâassigner des utilisateurs Ă ces rĂŽles. De plus, lâassignation des privilĂšges dâaccĂšs se fait au niveau des rĂŽles. Les applications Web Ă©voluent durant leur maintenance et des changements du code source peuvent affecter leur sĂ©curitĂ© de maniĂšre inattendue. Pour Ă©viter que ces changements engendrent des rĂ©gressions et des vulnĂ©rabilitĂ©s, les dĂ©veloppeurs doivent revalider lâimplĂ©mentation RBAC de leur application. Ces revalidations peuvent exiger des ressources considĂ©rables. De plus, la tĂąche est compliquĂ©e par lâĂ©loignement possible entre le changement et son impact sur la sĂ©curitĂ© (e.g. dans des procĂ©dures ou fichiers diffĂ©rents). Pour sâattaquer Ă cette problĂ©matique, nous proposons des analyses statiques de programmes autour de la protection garantie des privilĂšges. Nous gĂ©nĂ©rons automatiquement des modĂšles de protection des privilĂšges. Pour ce faire, nous utilisons lâanalyse de flux par traversement de patron (en anglais, « Pattern Traversal Flow Analysis » ou PTFA) Ă partir du code source de lâapplication. En comparant les modĂšles PTFA de diffĂ©rentes versions, nous dĂ©terminons les impacts des changements de code sur la protection des privilĂšges. Nous appelons ces
impacts de sécurité des différences de protection garantie (en anglais, « Definite Protection Difference » ou DPD). En plus de trouver les DPD entre deux versions, nous établissons une classification des différences reposant sur la théorie des ensembles.----------ABSTRACT : Web applications are commonplace, and have security needs. One of these is access control. Access control enforces a security policy that allows and restricts access to information and operations. Web applications often use Role-Based Access Control (RBAC) to restrict operations
and protect security-sensitive information and resources. RBAC allows developers to assign users to various roles, and assign privileges to the roles. Web applications undergo maintenance and evolution. Their security may be affected by
source code changes between releases. Because these changes may impact security in unexpected ways, developers need to revalidate their RBAC implementation to prevent regressions
and vulnerabilities. This may be resource-intensive. This task is complicated by the fact that the code change and its security impact may be distant (e.g. in different functions or files). To address this issue, we propose static program analyses of definite privilege protection. We automatically generate privilege protection models from the source code using Pattern Traversal Flow Analysis (PTFA). Using differences between versions and PTFA models, we determine privilege-level security impacts of code changes using definite protection differences (DPDs) and apply a set-theoretic classification to them. We also compute explanatory counter-examples for DPDs in PTFA models. In addition, we shorten them using graph transformations in order to facilitate their understanding. We define protection-impacting changes (PICs), changed code during evolution that impact privilege protection. We do so
using graph reachability and differencing of two versionsâ PTFA models. We also identify a superset of source code changes that contain root causes of DPDs by reverting these changes. We survey the distribution of DPDs and their classification over 147 release pairs of Word-Press, spanning from 2.0 to 4.5.1. We found that code changes caused no DPDs in 82 (56%) release pairs. The remaining 65 (44%) release pairs are security-affected. For these release
pairs, only 0.30% of code is affected by DPDs on average. We also found that the most common change categories are complete gains (ïżœ 41%), complete losses (ïżœ 18%) and substitution (ïżœ 20%)
A Review Study On Some Cyber Security Related Topics
It is the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide. The field has become of significance due to the expanded reliance on computer systems, the Internet and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of smart devices, including smartphones, televisions, and the various devices that constitute the Internet of things (IoT). Cybersecurity is also one of the significant challenges in the contemporary world, due to the complexity of information systems, both in terms of political usage and technology. Its primary goal is to ensure the system's dependability, integrity, and data privacyIt is the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide. The field has become of significance due to the expanded reliance on computer systems, the Internet and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of smart devices, including smartphones, televisions, and the various devices that constitute the Internet of things (IoT). Cybersecurity is also one of the significant challenges in the contemporary world, due to the complexity of information systems, both in terms of political usage and technology. Its primary goal is to ensure the system's dependability, integrity, and data privac
Electronic security - risk mitigation in financial transactions : public policy issues
This paper builds on a previous series of papers (see Claessens, Glaessner, and Klingebiel, 2001, 2002) that identified electronic security as a key component to the delivery of electronic finance benefits. This paper and its technical annexes (available separately at http://www1.worldbank.org/finance/) identify and discuss seven key pillars necessary to fostering a secure electronic environment. Hence, it is intended for those formulating broad policies in the area of electronic security and those working with financial services providers (for example, executives and management). The detailed annexes of this paper are especially relevant for chief information and security officers responsible for establishing layered security. First, this paper provides definitions of electronic finance and electronic security and explains why these issues deserve attention. Next, it presents a picture of the burgeoning global electronic security industry. Then it develops a risk-management framework for understanding the risks and tradeoffs inherent in the electronic security infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovation, privacy, quality of service, and security in designing an electronic security policy framework. Finally, it outlines issues in seven interrelated areas that often need attention in building an adequate electronic security infrastructure. These are: 1) The legal framework and enforcement. 2) Electronic security of payment systems. 3) Supervision and prevention challenges. 4) The role of private insurance as an essential monitoring mechanism. 5) Certification, standards, and the role of the public and private sectors. 6) Improving the accuracy of information on electronic security incidents and creating better arrangements for sharing this information. 7) Improving overall education on these issues as a key to enhancing prevention.Knowledge Economy,Labor Policies,International Terrorism&Counterterrorism,Payment Systems&Infrastructure,Banks&Banking Reform,Education for the Knowledge Economy,Knowledge Economy,Banks&Banking Reform,International Terrorism&Counterterrorism,Governance Indicators
Extending the Exposure Score of Web Browsers by Incorporating CVSS
When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the senderâs device, browser, and operating system. Yet its content differs from one browser to another. Despite the privacy and security risks of User-Agent strings, very few works have tackled this problem. Our previous work proposed giving Internet browsers exposure relative scores to aid users to choose less intrusive ones. Thus, the objective of this work is to extend our previous work through: first, conducting a user study to identify its limitations. Second, extending the exposure score via incorporating data from the NVD. Third, providing a full implementation, instead of a limited prototype. The proposed system: assigns scores to usersâ browsers upon visiting our website. It also suggests alternative safe browsers, and finally it allows updating the back-end database with a click of a button. We applied our method to a data set of more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available here [4].</p
Just-in-Time Detection of Protection-Impacting Changes on Wordpress and Mediawiki
Les mĂ©canismes de contrĂŽle dâaccĂšs basĂ©s sur les rĂŽles accordĂ©s et les privilĂšges prĂ©dĂ©finis limitent lâaccĂšs des utilisateurs aux ressources sensibles Ă la sĂ©curitĂ© dans un systĂšme logiciel multi-utilisateurs. Des modifications non intentionnelles des privilĂšges protĂ©gĂ©s peuvent survenir lors de lâĂ©volution dâun systĂšme, ce qui peut entraĂźner des vulnĂ©rabilitĂ©s de sĂ©curitĂ© et par la suite menacer les donnĂ©es confidentielles des utilisateurs et causer dâautres graves problĂšmes. Dans ce mĂ©moire, nous avons utilisĂ© la technique âPattern Traversal Flow Analysisâ pour identifier les diffĂ©rences de protection introduite dans les systĂšmes WordPress et MediaWiki. Nous avons analysĂ© lâĂ©volution des privilĂšges protĂ©gĂ©s dans 211 et 193 versions respectivement de WordPress et Mediawiki, et nous avons constatĂ© quâenviron 60% des commits affectent les privilĂšges protĂ©gĂ©s dans les deux projets Ă©tudiĂ©s. Nous nous rĂ©fĂ©rons au commits causant un changement protĂ©gĂ© comme commits (PIC). Pour aider les dĂ©veloppeurs Ă identifier les commits PIC en temps rĂ©el, câest Ă dire dĂšs leur soumission dans le rĂ©pertoire de code, nous extrayons une sĂ©rie de mĂ©triques Ă partir des logs de commits et du code source, ensuite, nous construisons des modĂšles statistiques. LâĂ©valuation de ces modĂšles a rĂ©vĂ©lĂ© quâils pouvaient atteindre une prĂ©cision allant jusquâĂ 73,8 % et un rappel de 98,8 % dans WordPress, et pour MediaWiki, une prĂ©cision de 77,2 % et un rappel allant jusquâĂ 97,8 %. Parmi les mĂ©triques examinĂ©s, changement de lignes de code, correction de bogues, expĂ©rience des auteurs, et complexitĂ© du code entre deux versions sont les facteurs prĂ©dictifs
les plus importants de ces modÚles. Nous avons effectué une analyse qualitative des faux positifs et des faux négatifs et avons observé que le détecteur des commits PIC doit ignorer les commits de documentation uniquement et les modifications de code non accompagnées de commentaires.
Les entreprises de dĂ©veloppement logiciel peuvent utiliser notre approche et les modĂšles proposĂ©s dans ce mĂ©moire, pour identifier les modifications non intentionnelles des privilĂšges protĂ©gĂ©s dĂšs leur apparition, afin dâempĂȘcher lâintroduction de vulnĂ©rabilitĂ©s dans leurs systĂšmes. ----------ABSTRACT: Access control mechanisms based on roles and privileges restrict the access of users to security sensitive resources in a multi-user software system. Unintentional privilege protection changes may occur during the evolution of a system, which may introduce security vulnerabilities, threatening userâs confidential data, and causing other severe problems. In this thesis, we use
the Pattern Traversal Flow Analysis technique to identify definite protection differences in WordPress and MediaWiki systems. We analyse the evolution of privilege protections across 211 and 193 releases from respectively WordPress and Mediawiki, and observe that around 60% of commits affect privileges protections in both projects. We refer to these commits as protection-impacting change (PIC) commits. To help developers identify PIC commits justin-time, i.e., as soon as they are introduced in the code base, we extract a series of metrics from commit logs and source code, and build statistical models. The evaluation of these models revealed that they can achieve a precision up to 73.8% and a recall up to 98.8% in WordPress and for MediaWiki, a precision up to 77.2% and recall up to 97.8%. Among the
metrics examined, commit churn, bug fixing, author experiences and code complexity between two releases are the most important predictors in the models. We performed a qualitative analysis of false positives and false negatives and observe that PIC commits detectors should ignore documentation-only commits and process code changes without the comments. Software organizations can use our proposed approach and models, to identify unintentional privilege protection changes as soon as they are introduced, in order to prevent the introduction of vulnerabilities in their systems
Privacy as personal resistance: exploring legal narratology and the need for a legal architecture for personal privacy rights
Different cultures produce different privacies â both architecturally and legally speaking â as well as in their different legal architectures. The âSimms principleâ can be harnessed to produce semi-constitutional privacy protection through statute; building on the work already done in âbringing rights homeâ through the Human Rights Act 1998. This article attempts to set out a notion of semi-entrenched legal rights, which will help to better portray the case for architectural, constitutional privacy, following an examination of the problems with a legal narrative for privacy rights as they currently exist. I will use parallel ideas from the works of W.B. Yeats and Costas Douzinas to explore and critique these assumptions and arguments. The ultimate object of this piece is an argument for the creation of a legal instrument, namely an Act of Parliament, in the United Kingdom; the purpose of which is to protect certain notions of personal privacy from politically-motivated erosion and intrusion
- âŠ