STRIDE – Part 3/3

Let’s take an example, where it is possible to implement STRIDE techniques to mitigate the threats. Note: Threats should be displayed as the highest priority. The figure below is an example of a server that is connected to many clients via the insecure network.

Screen Shot 2017-03-06 at 2.51.19 pm

 

Implementing STRIDE technique will help to find and fix the vulnerabilities of the system before they can be exploited by the attacker. Below are some of the vulnerabilities, that might be exploited by the attacker, which might cause threats to the system.

Attack the server STRIDE 1

  • Attacker intercepts the data, where the attacker can Tampering with data and Information disclosure or he/she can Spoofing identity.
    • Chance of occurring: (1 = very high).
    • The damage it causes: (10 = massive).
    • Risk: 10/1 = (10).

 

 

Attack the server STRIDE 2

  • Attacker floods server with bad data (Denial of service).
    • Chance of occurring: (1 = very high).
    • The damage it causes: (7 = high).
    • Risk: 7/1 = (7).

 

 

Attack the server STRIDE 3

  • Attacker accesses the configuration data, where the he/she can Tamper with data, Information disclosure and implement a Denial of service.
    • Chance of occurring: (5 = medium).
    • The damage it causes: (10 = massive).
    • Risk: 10/5 = (2).

 

 

Attack the server STRIDE 4

  • Attacker access persistent data or the audit log, where the he/she can Tamper with data, Information disclosure and implement a Denial of service.
    • Chance of occurring: (4 = medium).
    • The damage it causes: (8 = high).
    • Risk: 8/4 = (2).

 

There are several techniques that can be implemented to the STRIDE to mitigate these above threats such as;

  1. S – Strong authentication; and never store secrets.
  2. T – hashes, digital signatures; and tamer resistant protocols.
  3. R – Digital signature, time stamps; and secure logging.
  4. I – Strong access control mechanisms (ACLs), encryption; and never store secrets.
  5. D – Filtering, throttling; and QoS.
  6. E – Run with least privilege.

Screen Shot 2017-03-06 at 9.10.31 pm

Advertisements

Digital Signatures

I have defined previously some of the computer security terms and definitions. So far, the encryption and decryption operations provide confidentiality, where the information is kept secret from all but authorized parties (protect the information from being readable to unauthorised people). Whereas, many people do care about the other security properties such as, Integrity, Authentication, Non-repudiation and more (Remember the following terms).

  • Data Integrity: ensures that a message has not been modified in transit.
  • Message Authentication: ensures that the sender of a message is authentic.
  • Non-repudiation: ensures that the sender of a message cannot deny the creation of the message.
  • Identification: establishing and verifying the identity of an entity.
  • Access control: restricting access to the resources to privileged entities.
  • Availability: the electronic system is reliably available.
  • Auditing: provides evidence about security-relevant activities such as, keeping logs about certain events.
  • Physical security: providing protection against physical tampering and/or responses to physical tampering attempts.
  • Anonymity: providing protection against discovery and misuse of identity.

 

Symmetric Key is not enough to provide full-security, since it does not provide all the previous properties. Therefore, it is important to implement/introduce Digital Signatures. In fact, Digital Signatures provide Data Integrity, Message Authentication and Non-repudiation. The following steps explain how Digital Signatures work:

  1. Any party can start this communication, either Alice or Bob, by generating two keys (public-key and private-key). In our scenario, Bob has generated the two keys.
  2. Bob sends his public-key to Alice, while keeping his private-key
  3. The message (x) that Bob wants to send will be signed via the Bob’s (private-key).
  4. The message (x); along with Bob’s signature will be sent to Alice.
  5. Alice will verify the received message (x) via Bob’s public-key. This ensures that Bob has sent the message (message integrity, authentication and non-repudiation).

 

This PowerPoint file explains the digital-signatures process step-by-step.

For more information about Digital Signature.