STRIDE – Part 3/3

Let’s take an example, where it is possible to implement STRIDE techniques to mitigate the threats. Note: Threats should be displayed as the highest priority. The figure below is an example of a server that is connected to many clients via the insecure network.

Screen Shot 2017-03-06 at 2.51.19 pm

 

Implementing STRIDE technique will help to find and fix the vulnerabilities of the system before they can be exploited by the attacker. Below are some of the vulnerabilities, that might be exploited by the attacker, which might cause threats to the system.

Attack the server STRIDE 1

  • Attacker intercepts the data, where the attacker can Tampering with data and Information disclosure or he/she can Spoofing identity.
    • Chance of occurring: (1 = very high).
    • The damage it causes: (10 = massive).
    • Risk: 10/1 = (10).

 

 

Attack the server STRIDE 2

  • Attacker floods server with bad data (Denial of service).
    • Chance of occurring: (1 = very high).
    • The damage it causes: (7 = high).
    • Risk: 7/1 = (7).

 

 

Attack the server STRIDE 3

  • Attacker accesses the configuration data, where the he/she can Tamper with data, Information disclosure and implement a Denial of service.
    • Chance of occurring: (5 = medium).
    • The damage it causes: (10 = massive).
    • Risk: 10/5 = (2).

 

 

Attack the server STRIDE 4

  • Attacker access persistent data or the audit log, where the he/she can Tamper with data, Information disclosure and implement a Denial of service.
    • Chance of occurring: (4 = medium).
    • The damage it causes: (8 = high).
    • Risk: 8/4 = (2).

 

There are several techniques that can be implemented to the STRIDE to mitigate these above threats such as;

  1. S – Strong authentication; and never store secrets.
  2. T – hashes, digital signatures; and tamer resistant protocols.
  3. R – Digital signature, time stamps; and secure logging.
  4. I – Strong access control mechanisms (ACLs), encryption; and never store secrets.
  5. D – Filtering, throttling; and QoS.
  6. E – Run with least privilege.

Screen Shot 2017-03-06 at 9.10.31 pm

Secure Sockets Layer (SSL)

SSL is another important mechanism for securing information. SSL is an abbreviation for Secure Sockets Layer. SSL is a protocol that was developed by Netscape in 1990. Rapidly SSL became a standard mechanism for exchanging data securely over insecure channels (e.g. Internet). SSL, in fact, is supported by all modern browsers and emails. SSL operates in the Transport layer (OSI Model).

ssl

Basically, it is a handshake between the client and the server. The following scenario shows how the handshake works, where the client is Alice and the server is Bob, for example:

  • When the Alice, client, connects to any location that requires SSL connection, the Bob, Server, will present Alice with a digital certificate that allows her to identify the server.
  • Alice will ensure that that the domain name matches the name on the certificate; and the certificate has been generated by a trusted authority.

Once this handshake is finished, Alice will automatically encrypt all the data that is sent to Bob. Once the data arrives to the server side, Bob will decrypt it using the private-key. Note: Bob can send any message back to Alice, which will be encrypted during the transferring process.

 

Remember: Encrypting the data will make it unreadable to unauthorised people.

Secure Transmission via Encryption – Part 1/2

The figure below shows the OSI model for the transmission data from one side to another. Previously, I have explained the data flow between the two parties, where it starts from the application layer all the way down to the physical layer; while it works upside down on the receiver side (See the PowerPoint file for more information about the transmission-data).

osi-layer

This blog discusses the possible ways to provide security in these protocols. The Network layer protocol used on the Internet, in fact, is known as the Internet Protocol (IP); while, the two Transport layer protocols used are Transport Control Protocol (TCP) and User Datagram Protocol (UDP). These protocols provide no security guarantees, since the packets are transmitted in plaintext (clear text). Transmission Control Protocol/Internet Protocol (TCP/IP) has some vulnerabilities because it is difficult to verify the following:

  1. Confidentiality – Data has not been viewed by a third party while in transit.
  2. Integrity – Data has not been modified in transit.
  3. Authentication – The claimed client or server is the true client or server.

 

The solution is to provide security in various layers such as, IPSec at the Network layer, SSL/TLS at the Transport layer and S/MIME at the Application layer (for emails).

screen-shot-2017-03-01-at-9-40-59-am