Understanding Your Security Needs

  

There are many different reasons why you need security in your solution. The reasons typically include objective and subjective motivations to the selection or definition of the secure solution. Here are a few motivating questions:

  • How do you manage authorization?

  • Only those users with the correct credentials can acccess the system resources (data, network, and the like). What levels of user privacy are required?

  • How do you manage availability? How do you keep the system resources reachable ?

  • How do you enforce accountability? You need to identify who did what and when.

  • How do you control access consistent with roles, reponsibilities, and policies? Can you deny access based on user identity, clearance level, membership in a role and/or user integrity level?

  • How do you protect messages and data integrity during transmission? How are you going to protect data integrity in the overall system? Do all resources have the same importance? Is there a priority of services based on the protection level of resources?

  • How do you protect and react to attacks? Is it prudent to have separated security domains? What is to be done when an attack is discovered ?

  • How do you ensure the correct and reliable function of components and services?

  • How do you deploy your solution securely?

  • How do you manage recovery? Define what is meant by minimal recovery; define the different types of failures. You need to understand if there is an acceptable loss of data and information.

  • What level of auditing is required? What type of logs and data are necessary? What type of audit functions are necessary? What type of response is necessary in the case of a violation? What is the basic threshold for potential violations of the system?

  • Is non-repudiation necessary? Do you need non- repudiation of origin and/or receipt? What services are required?

  • How do you protect user data and to what extent? Are you allowing revocation of security attributes? Are they going to expire? Are you going to establish a user session? For how long? Are you going to limit the number of concurrent user sessions?

Once you have addressed these questions (and all the others that are specific to your needs), you are ready to understand your security risks, specify your security objectives, and finally, state your security requirements. After your security requirements are clearly specified, you can start the selection of the technologies that best address your needs. This process is summarized in Figure 15-1.


Figure 15-1: Understanding your security needs

Asserting your security risks

Once you understand how your system is required to address the security needs of the solution, you are ready to assert the possible security risks by analyzing your security requirements (derived from answering your basic questions) and the security environment in which the solution will exist.

You need to define the risks to your solution and define the measures necessary to manage these risks to an acceptable level. To aid you in this definition you can analyze the possible threats and determine which ones apply to your solution. For instance, do you need to protect against loss of confidentiality? How about protecting against loss of integrity - damage through unauthorized access?

Once you define the risks to your solution, you may want to understand the likelihood that the attack may be successful and the consequence the attack will have on your system. After this assertion, you are ready to clearly state the security objectives of your application.

Stating your security objectives

Your organization probably has security policies and assumptions - if it does not, it should! You must be consistent with these policies when stating your solution's security objectives. The security objectives address the security concerns and requirements of the overall system.

The security objectives are generated based on the following:

  • Experience. Have you seen a need or risk before?

  • Engineering judgment. Does it make sense?

  • Security policies. Is it required, for example, to have three levels of logins?

  • Risks acceptance decisions. Is it acceptable to have certain data compromised?

  • Economics. Is it affordable?

The objectives can be satisfied by the solution itself or by the environment in which the solution will reside. After you have clearly stated the security objectives, they are refined into security requirements. The system meets the security objectives if it correctly and effectively implements all the security requirements.

  


Java Security Solutions
Java Security Solutions
ISBN: 0764549286
EAN: 2147483647
Year: 2001
Pages: 222

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net