Chapter 11. Analyze Mitigations and Protections

Previous page
Table of content
Next page

Chapter 11. Analyze Mitigations and Protections

Victory goes to the player who makes the next-to-last mistake.

Chessmaster Savielly Grigorievitch Tartakower (1887 1956)

Now that you have established a knowledge base, it is time to continue the I-ADD process. In review, you divide the system into its functional blocks. You then examine each of these blocks to determine the potential targets of interest to an attacker. These blocks are then broken down to their functional subcomponents, and the process is repeated until the lowest functional blocks are identified and analyzed.

Next, you examine the targets and identify the roles that have influence over the targets. You identify known attacks against similar systems and determine your system's vulnerabilities, based on examining the targets and roles. As discussed in Chapter 2, "Security Principles," the goal of this analysis phase is to develop an understanding of which items deserve additional resources to protect, which items are "nice to have," and which can be placed on an "acknowledged with no action necessary" list.

You begin the process of generating mitigations and protections by examining each vulnerability and determining the appropriate solution for protecting or mitigating the risk this vulnerability imposes on the system. The key here is the word appropriate; there can be many ways of mitigating the risk introduced by a vulnerability. This is where a security expert can save a lot of time and resources in helping to identify what is an appropriate solution and what is not. Should you decide to perform this analysis on your own, you must be cautious that solutions identified to mitigate one risk do not generate other vulnerabilities. Repeating the I-ADD process on the system with the mitigations in place is one way to accomplish this.

We shall now examine each vulnerability previously identified and discuss possible ways of mitigating or protecting it from attack. Because this is a hypothetical system and we have identified quite a few vulnerabilities, we will cover aspects with wider applicability in more detail. Other vulnerabilities will be covered only briefly. Again, the purpose is to give you guidance on how to go about analyzing or performing this type of analysis on your own particular system or component. Keep in mind that having multilevel protection adds significantly to a system's overall security. Further, you are not necessarily making implementation or functional trade-offs at this time. However, it does little good to list solutions that are impractical, such as "Assign two heavily armed guards to protect the device from theft." In general, attackers look for areas where their efforts will have the greatest payoff, areas with only a single protection mechanism to bypass or with known vulnerabilities.

 


Previous page
Table of content
Next page
Wireless Security and Privacy(c) Best Practices and Design Techniques
Wireless Security and Privacy: Best Practices and Design Techniques
ISBN: 0201760347
EAN: 2147483647
Year: 2002
Pages: 73
Authors: Tara M. Swaminatha, Charles R. Elden
BUY ON AMAZON
Certified Ethical Hacker Exam Prep
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
An Introduction to Design Patterns in C++ with Qt 4
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy