[PDF] securitytrails
[PDF] sed and awk pdf
[PDF] sedentary lifestyles australia
[PDF] see 444 angel meaning
[PDF] seeing 1 and 4 combinations
[PDF] seeing 111 angel number meaning
[PDF] seeing 111 meaning twin flame
[PDF] seeing 111 spiritual meaning
[PDF] seeing 1111 meaning bible
[PDF] seeing 1111 meaning love
[PDF] seeing 1111 meaning twin flame
[PDF] seeing 444 meaning love
[PDF] seeing 444 meaning twin flame
[PDF] seeing double numbers angels
[PDF] segment addition postulate
RoyalHollowaySeries2010
H OME
INTRODUCTION
OPENSOURCE-
FRIENDORFOE?
THREAT
M
ODELLING
CONCLUSION
REFERENCES
1 O p e n S o u r c eSecurityAssessment M o r f b a s edaroundthreatmodelling.
1INTRODUCTION
o bodylikesre-inventingthewheel. W henyouarefacedwithaproblem, morelikelythannot,somebodyelse hasstumbleduponasimilarone beforeyou,andtheymayhave comeupwithasolutionalready. M anyproblemscanbesolved w ithasimpleonlinesearch:Googleit!The s ameapproachisusedveryfrequentlyinan arenotassimpleasreadingahow-toorwatch- ingaYouTubevideohelpingyoutieaWindsor k not,buttherearesolutionstomanydifferent businessandtechnologyrequirements. C u s tomerRelationshipManagement(CRM), H e l pdesksystems,virtualisationplatforms,web frameworks,middleware-thesearealltools that(atleastclaimto)helpsolvingbusiness needs.Streamliningcustomerexperience, p rovidingabetterreturnoninvestment(ROI), costofownership(TCO)arejustafewofthe r a relonggone.Inyourorganisation(unlessyou h appentobeworkingforDr.Evil)youwillnotsee s c i entistsinlabcoatspunchingcardsandcrunch- i n gnumbersinabigwarehousefilledwithrefrig- e r d i a ndhardware,operatingsystems,complexnet- w o rkinginfrastructureandinterconnections. C o m paniesusein-houseprocessing,third-party p artnersandproviders,andexchangedatawith c u
Thisdiversityhasmanybenefits.Theenter-
p risecanpickandchoosethebesttoolsforthe j o bwithlittlecompromise.Veryfewcompanies a r elocked-inwithasinglevendororaone-size- f i t s-allplatform. O p e n-sourcesoftwareisincreasinginpopular- i t yandprevalence.Notonlyisitbecomingmain- streamforhomeusers,manycommercialand businessenvironmentsarealsobecoming i n c reasinglyreliantonopen-sourcesoftware,at p a R o H OME
INTRODUCTION
OPENSOURCE-
FRIENDORFOE?
THREAT
M
ODELLING
CONCLUSION
REFERENCES
2 N softwareandhardwaremayincludeopen-source components.Choosingopen-sourcemightmake businesssensetoo.Someopen-sourceproducts areonparwithcompetingcommercialproducts, s omemayevenoutperformandprovidebetter valueformoney.Somecompaniesactivelycon- t o p en-sourcetoolstofittheirparticularneeds. D e s pitealltheperceivedbenefitsandattrac- s oftwaremayposeseveralsecuritychallenges t oorganisations. W h atimpactdoesopensourcehaveonthe s ecuritypostureoftheorganisation? W h ataretherisksthattheuseofopen-source s oftwarecanintroduceandhowcanorganisa- tionsaddressthespecificissuesthatitsuse p resents?Howcanopen-sourceprojectsgive betterassurancetotheircustomers? I nthisarticle,wepresentaframeworkfor s ecurityevaluationandassessmentofopen- s ourcesoftwarebasedaroundthreatmodelling. S o meofthebenefitsandlimitationsofthe frameworkarediscussedinthecontextofopen- s ourcesoftwareanditsuniquesecuritychal- lengesandadvantages.Itishopedthatsuch m e n tteamsandsecurityspecialistswishingto a n a l y seopen-sourcesoftware.
2OPENSOURCE-FRIENDORFOE?
I n t roducinganynewpieceofsoftwareorasolu- t i o o i nthenewsoftwareisexploited,theserverand n e i ghbouringcomputingresources,internalor e xternal,maybeaffectedaswell.Conversely, i n t r oducingasecuritytoolmayreducetherisk totheorganisation.Whenfacedwithadecision b e t h i r d-partybasedtoolsandopen-sourcesolu- t i o n s,otherthanthefunctionalandbusiness r e quirements,whatarethesecurityconsidera- t i o n sthatshouldbetaken?Andforopen-source p r o j ects,howcandevelopersprovidemoreconfi- d e n c ethattheirsoftwareissecure? c a i tisnottrueofthemall..Withthesourcecode r e adilyavailableandwiththefreedomtoimprove a n i m provementsandrobustsecurity,butsuch R o H OME
INTRODUCTION
OPENSOURCE-
FRIENDORFOE?
THREAT
M
ODELLING
CONCLUSION
REFERENCES
3 [8] shouldnotrelyonsecrecyofthealgorithm,but ratheronthekey.Similararguments 4 ,10,14] are madeonthemeritsofopen-sourcesoftwareand i t sourcesoftwarealsoprovidesopportunityfor v u addinsecurecode,andmoreeasilydistribute taintedversionsofthesoftware. M o stinformationsecurityexpertsagreethat h idingthesourcecodeofanapplicationdoes n supportedthispositionandstatedthat"A "Ifyoudependonasecretforyoursecurity, w hatdoyoudowhenthesecretisdiscovered? I fitiseasytochange,likeacryptographickey, youdoso.Ifit"shardtochange,likeacrypto- g r aphicsystemoranoperatingsystem,you"re s t u ck.Youwillbevulnerableuntilyouinvestthe t i m eandmoneytodesignanothersystem." [2] s e c urityimprovementarisingfromuseofopen- s o u rceapplicationsdoesnotnecessarilytrans- l ateorleadtobettersecurityinpractice. W i ththatinmind,itseemsclearthatrelying o t f l a wsmaynotalwaysbethebeststrategy. O p e n-sourceapplicationsshouldbeevaluated f r o masecurityperspectivetoascertainthelevel o fsecurityrobustnessorpotentialexposureto threats.Withacommercialproductorabespoke third-partydevelopment,someofthisassess- m e n tcanbe"delegated",atleastcontractually. A saclient,youcanrequireacertainlevelof c e tionastothelevelofsecurityandcompliance theproductcanoffer. W h e nitcomestoopen-sourcesolutions,there i srarelyanequivalentlevelofassurance(One R o H OME
INTRODUCTION
OPENSOURCE-
FRIENDORFOE?
THREAT
M
ODELLING
CONCLUSION
REFERENCES
4 D espitealltheperceived b e nefitsandattractive f e atures,theincreasinguse o fopen-sourcesoftware m a yposeseveralsecurity c h a l l engestoorganisations. notableexampletothecontraryisOpenSSL, w T h emotivationfortheproposaloftheframe- workcontainedinthisarticleistogivebetter t o olsforsecurity-focusedevaluation,andto flawsandbugs. O neofthebenefitsofopen-sourcehowever, levelofconfidence.Whenbuyingaclosed- s ourceproductorservice,veryfewcompanies w illopentheircodeforinspectionorindepend- theabilitytoinspectandevaluatethecodeis alwaysavailable.Furthermore,givenawide- enoughaudienceanduserbase,someofthe evaluationmaybeperformedbyothersand s haredwithinthecommunity. O therthanrelyingonopen-sourcedevelopers t t oopen-sourceprojectsandorganisationswho w anttouseopen-sourcetools?Whatisthe levelofsecurityofagivenproduct?Doesit i t i es?Shouldtheapplicationrunthroughauto- m a t edormanualpenetrationtesting?Should staticcodeanalysistoolsbeused?Section3 i n v e stigatesandattemptstoanswersomeof thesequestions,andpresentsonepotential a p p roachbasedonThreatModelling.
3THREATMODELLINGMETHODOLOGY
3
1WhyThreatModel?
i tisimportanttoconsiderthereasonsforusing sourceapplications.Withtheaimofreducing a b ility,theremightbeotheralternative a p p roachestosolvingthesame'problem",i.e. i d a p p lication,andfindingthebestwaystoreduce thosetoanacceptablelevel. W h e nanadversarychoosestoattackanappli- cation,theymightopttouseoneormoreof theseapproaches,anditseemssensibletoatquotesdbs_dbs17.pdfusesText_23