SlideShare a Scribd company logo

Lecture 3 - Misuse Cases Final.ppt

Download as PPT, PDF
D
DrBasemMohamedElomda

This document discusses security requirements and misuse cases. It begins by defining misuse cases as a way to specify unwanted system behaviors and security threats. It then provides an overview of how misuse cases relate to and differ from typical use cases. The document explains how misuse cases can help identify security risks and requirements. It provides examples of misuse cases and discusses strengths such as improving communication about security requirements.

Education
1 of 29
Download to read offline
1
2
3
4
5
Most read
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Most read
25
26
27
Most read
28
29
Security Requirements: Misuse Cases
Misuse Case • Misuse case is a business process modeling tool used in the software development industry. • The term Misuse Case or mis-use case is derived from and is the inverse of use case.
Overview • Use cases specify required behavior of software and other products under development, and are essentially structured stories or scenarios detailing the normal behavior and usage of the software. • A Misuse Case on the other hand highlights something that should not happen (i.e. a Negative Scenario) and the threats hence identified, help in defining new requirements, which are expressed as new Use Cases.
From use to misuse case • In an industry it is important to describe a system's behavior when it responds to a request that originates from outside : • The use cases have become popular for requirements between the engineers thanks to its features like the visual modeling technique, • They describe a system from an actor's viewpoint and its format explicitly conveys each actor's goals and the flows the system must implement to accomplish them. • The level of abstraction of a use case model makes it an appropriate starting point for design activities, thanks to the use of UML use case diagrams and the end user's or domain expert's language. • But for software security analyses, the developers should pay attention to negative scenarios and understand them. That is why, in the 1990s, the concept of "inverse of an use case" was born in Norway.
From use to misuse case Use Cases Misuse Cases Goal: to represent what the system should do Goal: to represent a function that the system should not allow Scenario: a "positive" scenario is a sequence of actions leading to a Goal desired by a person or organization Scenario: a "negative" one is a scenario whose goal is desired not to occur by the organization in question or desired by a hostile agent (not necessarily human). Use case as a completed sequence of actions which gives increased value to the user. Misuse case as a completed sequence of actions which results in loss for the organization or some specific stakeholder. Area of use: any business domain application Misuse case are most commonly used in the field of security. With the ever-growing importance of IT system, it has become vital for every company to develop capability to protect its data.
Area of Use • Misuse cases are not about human error (handled in alternate flows) or system errors (handled in exception flows). • Hence, for example a misuse case might be used to define what a hacker would want to do with the system and define his or her requirements. • A developer or designer can then define the requirements of the user and the hacker in the same UML diagram which in turn helps identify the security risks of the system.
Why build misuse cases? • You draw your teams attention to forms of attack. • You get the team thinking about security issues early in the project • You make it more likely to prevent attacks • Security becomes part of the functional requirements
Diagram Basic Concepts • A misuse case diagram is created together with a corresponding use case diagram. The model introduces 2 new important entities (in addition to those from the traditional use case model, use case and actor: • Misuse case : A sequence of actions that can be performed by any person or entity in order to harm the system. • Misuser : The actor that initiates the misuse case. This can either be done intentionally or inadvertently.
Diagram Basic Concepts • The misuse case model makes use of those relation types found in the use case model; include, extend, generalize and association. • In addition, it introduces two new relations to be used in the diagram: • Mitigates: A use case can mitigate the chance that a misuse case will complete successfully. • Threatens: A misuse case can threaten a use case, e.g. by exploiting it or hinder it from achieving its goals.
Diagram Basic Concepts
Usage Scenario
Misuse case Description There are two different ways of describing a misuse case textual; • One is embedded in a use case description template - where you add an extra description field called Threats. This is the field where you fill in your misuse case steps (and alternate steps). This is referred to as the lightweight mode of describing a misuse case. • The other way of describing a misuse case, is by using a separate template for this purpose only. It is suggested to inherit some of the field from use case description (Name, Summary, Author and Date). In addition to there, it is proposed to use several other fields too:
Misuse case Description • Misuse case name • Summary • Author • Date • Mitigation points • Extension points • Triggers • Preconditions • Assumptions • Mitigation guarantee • Related business rules • Potential misuser profile • Stakeholders and threats • Terminology and explanations • Scope
Misuse case Description
Misuse case Description • As one might understand, the list above is too comprehensive to be completely filled out every time. • Not all the fields are required to be filled in at the beginning, and it should thus be viewed as a living document. • There has also been some debating whether to start with diagrams or to start with descriptions. • The recommendation given by Sindre and Opdahl on that matter is that it should be done as with use cases. • Do it the way you feel most familiar with, since both variants each have their strengths and their weaknesses.
Example 1
What is a Trojan? • A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. • Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. • Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. • Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. These actions can include: • Deleting data • Blocking data • Modifying data • Copying data • Disrupting the performance of computers or computer networks
New Android Trojan malware discovered in Google Play (Nov 2017) • New piece of mobile malware has been discovered in Google Play masquerading as multiple apps: an alarm clock app, a QR scanner app, a compass app, a photo editor app, an Internet speed test app, and a file explorer app. • It starts innocently enough with an icon created on the mobile device after install. Click on the icon, and it opens a functioning QR scanner, as promised. • However, this QR scanner is short lived. You only get one chance to use the app, because after clicking out of it, the icon disappears! • Out of frustration, you may immediately go to your apps list to uninstall this bizarre-behaving QR scanner, but good luck finding it. Instead, this deceiving app is called Download Manager in the app list. • The first step performed by the malicious app in the background is checking the location of the mobile device. This is done by using the website ip-api.com which provides Geolocation using IP. • If the location is in an area that satisfies rules within the code, then it proceeds to the next step.
Checksum • A checksum is a small-sized datum derived from a block of digital data for the purpose of detecting errors that may have been introduced during its transmission or storage. • It is usually applied to an installation file after it is received from the download server. • Let's say you download a big update, like a service pack, to a program you use every day, like a graphics editor. This is probably a really big file, taking several minutes or more to download. • Once downloaded, how do you know that the file downloaded properly? What if a few bits were dropped during the download and the file you have on your computer right now isn't exactly what was intended? Applying an update to a program that isn't exactly the way the developer created it is likely to cause you big problems. • This is where comparing checksums can put your mind at ease.
Illustrating Checksums
Example 2
Example 2
Cryptography
Example 3
Man-in-the-middle attack • In cryptography and computer security, a man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. • Suppose Alice wishes to communicate with Bob. Meanwhile, Mallory wishes to intercept the conversation to eavesdrop and optionally to deliver a false message to Bob. • First, Alice asks Bob for his public key. If Bob sends his public key to Alice, but Mallory is able to intercept it, a man-in-the-middle attack can begin. • Mallory sends a forged message to Alice that purports to come from Bob, but instead includes Mallory's public key. • Alice, believing this public key to be Bob's, encrypts her message with Mallory's key and sends the enciphered message back to Bob. • Mallory again intercepts, deciphers the message using her private key, possibly alters it if she wants, and re-enciphers it using the public key Bob originally sent to Alice. • When Bob receives the newly enciphered message, he believes it came from Alice.
Example 4
Using misuse cases to identify security requirements • Sindre and Opdahl proposes the following 5 steps for using misuse cases to identify security requirements: • Identify critical assets in the system • Define security goals for each assets • Identify threats to each of these security goals, by identifying the stakeholders that may want to cause harm to the system • Identify and analyze risks for the threats, using techniques like Risk Assessment • Define security requirements for the risks. • It is suggested to use a repository of reusable misuse cases as a support in this 5-step process.
Strengths This modeling tool has several strengths: • It allows you to provide equal weightage to functional and non-functional requirements, which may not be possible with other tools. • It makes you focus on security from the beginning of the design process and it allows you to avoid premature design decisions. • It is a very good tool for improving communication between developers and stakeholders and is valuable in ensuring that both agree on critical system solutions and Trade-off analysis. • Creating misuse cases often trigger a chain reaction which eases the identification of functional and non-functional requirements. The discovery of a misuse case will often leads to the creation of a new use case which acts as a counter measure. This in turn might be the subject of a new misuse case. • As compared to other tools, It relates better to use cases and UML and eases the seamless employment of the model.
Thank You.

More Related Content

PDF
Chapter 9 software maintenance
despicable me
 
PPTX
Requirement engineering evaluation
Ishraq Al Fataftah
 
ODP
IEEE 12207
Joe Christensen
 
PPT
Legacy system.
gourav kottawar
 
PPTX
Ch2-Software Engineering 9
Ian Sommerville
 
PDF
Legacy Systems
Joe Christensen
 
PPTX
Ch18 service oriented software engineering
software-engineering-book
 
PPTX
Software reliability growth model
Himanshu
 
Chapter 9 software maintenance
despicable me
 
Requirement engineering evaluation
Ishraq Al Fataftah
 
IEEE 12207
Joe Christensen
 
Legacy system.
gourav kottawar
 
Ch2-Software Engineering 9
Ian Sommerville
 
Legacy Systems
Joe Christensen
 
Ch18 service oriented software engineering
software-engineering-book
 
Software reliability growth model
Himanshu
 

What's hot (20)

PDF
Cause effect graphing.ppt
sqpyxfcihpbarzldil
 
PPTX
Incremental process model
Madushan Sandaruwan
 
PDF
Boehm Software Quality Model
Professional QA
 
PDF
[slides] Software Engineering Third Edition - Aggarwal, Singh.pdf
NhatTuanTran1
 
PPTX
Software Engineering Diversity
SayedMokarrom
 
PPT
Ch 6
Mohammed Romi
 
DOCX
Student database management system PROJECT
Rai Saheb Bhanwar Singh College Nasrullaganj
 
PPTX
Software Crisis
KritikaRana10
 
PPT
Software Architecture
Prabhat gangwar
 
PPTX
Software re engineering
deshpandeamrut
 
PPTX
Ch1 introduction
software-engineering-book
 
PDF
Object oriented analysis and design unit- v
Shri Shankaracharya College, Bhilai,Junwani
 
PDF
مخططات حالات الاستخدام Use case diagram uml
Sally Jarkas
 
PDF
Software Architecture Recovery: The 5 Questions You Always Asked Yourself Abo...
mircea.lungu
 
PPTX
Use case modeling & analysis v 1
JIGAR MAKHIJA
 
PPTX
Ch5- Software Engineering 9
Ian Sommerville
 
PPT
Chapter 01 software engineering pressman
RohitGoyal183
 
PPTX
Eucalyptus, Nimbus & OpenNebula
Amar Myana
 
PDF
Software engineering
nimmik4u
 
PPTX
Overview of UML Diagrams
Manish Kumar
 
Cause effect graphing.ppt
sqpyxfcihpbarzldil
 
Incremental process model
Madushan Sandaruwan
 
Boehm Software Quality Model
Professional QA
 
[slides] Software Engineering Third Edition - Aggarwal, Singh.pdf
NhatTuanTran1
 
Software Engineering Diversity
SayedMokarrom
 
Ch 6
Mohammed Romi
 
Student database management system PROJECT
Rai Saheb Bhanwar Singh College Nasrullaganj
 
Software Crisis
KritikaRana10
 
Software Architecture
Prabhat gangwar
 
Software re engineering
deshpandeamrut
 
Ch1 introduction
software-engineering-book
 
Object oriented analysis and design unit- v
Shri Shankaracharya College, Bhilai,Junwani
 
مخططات حالات الاستخدام Use case diagram uml
Sally Jarkas
 
Software Architecture Recovery: The 5 Questions You Always Asked Yourself Abo...
mircea.lungu
 
Use case modeling & analysis v 1
JIGAR MAKHIJA
 
Ch5- Software Engineering 9
Ian Sommerville
 
Chapter 01 software engineering pressman
RohitGoyal183
 
Eucalyptus, Nimbus & OpenNebula
Amar Myana
 
Software engineering
nimmik4u
 
Overview of UML Diagrams
Manish Kumar
 
Ad

Similar to Lecture 3 - Misuse Cases Final.ppt (20)

PPTX
MisuseCases
Greg Sternberg, MSc, CISSP
 
PDF
Declaration of malWARe
Scott Sutherland
 
PDF
Modeling and Testing Security and Privacy Requirements: A Use Case-Driven App...
Lionel Briand
 
PPTX
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Damir Delija
 
PPT
Computer Securityyyyyyyy - Chapter 2.ppt
SolomonSB
 
PPT
Use Cases A Comprehensive Look
telab
 
PPT
Ns
Deepenti123
 
PPT
Venture name Basics
Sathishkumar Vasudevan
 
PPT
Thur Venture
Sathishkumar Vasudevan
 
PPT
Sangeetha Venture
Sathishkumar Vasudevan
 
PPT
Regression
Sathishkumar Vasudevan
 
PPT
Venture name Basics
Sathishkumar Vasudevan
 
PPTX
325838924-Splunk-Use-Case-Framework-Introduction-Session
Ryan Faircloth
 
PPTX
A Framework for Developing and Operationalizing Security Use Cases
Ryan Faircloth
 
PPTX
23 network security threats pkg
Umang Gupta
 
PPTX
The Demand For Security: information security program
BounjourAli
 
PPTX
Week 6 Secure SW Requirements -Abuse case.pptx
azida3
 
ODP
CISSP Week 14
jemtallon
 
PPTX
Application and Website Security -- Designer Edition: Using Formal Specificat...
Daniel Owens
 
PPT
Use Cases
Juan Dominguez
 
MisuseCases
Greg Sternberg, MSc, CISSP
 
Declaration of malWARe
Scott Sutherland
 
Modeling and Testing Security and Privacy Requirements: A Use Case-Driven App...
Lionel Briand
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Damir Delija
 
Computer Securityyyyyyyy - Chapter 2.ppt
SolomonSB
 
Use Cases A Comprehensive Look
telab
 
Ns
Deepenti123
 
Venture name Basics
Sathishkumar Vasudevan
 
Thur Venture
Sathishkumar Vasudevan
 
Sangeetha Venture
Sathishkumar Vasudevan
 
Regression
Sathishkumar Vasudevan
 
Venture name Basics
Sathishkumar Vasudevan
 
325838924-Splunk-Use-Case-Framework-Introduction-Session
Ryan Faircloth
 
A Framework for Developing and Operationalizing Security Use Cases
Ryan Faircloth
 
23 network security threats pkg
Umang Gupta
 
The Demand For Security: information security program
BounjourAli
 
Week 6 Secure SW Requirements -Abuse case.pptx
azida3
 
CISSP Week 14
jemtallon
 
Application and Website Security -- Designer Edition: Using Formal Specificat...
Daniel Owens
 
Use Cases
Juan Dominguez
 
Ad

Recently uploaded (20)

PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PPTX
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PPTX
Lesson notes of climatology university.
sgladness67
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PDF
RMMM.pdf make it easy to upload and study
sajedul2
 
PDF
Pre independence Education in Inndia.pdf
goofy5603
 
PDF
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PDF
Basic Mud Logging Guide for educational purpose
wdandworks
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
BÀI TẬP BỔ TRỢ 4 KỸ NĂNG TIẾNG ANH 9 GLOBAL SUCCESS - CẢ NĂM - BÁM SÁT FORM Đ...
Nguyen Thanh Tu Collection
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
01-Introduction-to-Information-Management.pdf
PrinceIbarra
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
Lesson notes of climatology university.
sgladness67
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
RMMM.pdf make it easy to upload and study
sajedul2
 
Pre independence Education in Inndia.pdf
goofy5603
 
Sports Quiz easy sports quiz sports quiz
nikunj2757
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Basic Mud Logging Guide for educational purpose
wdandworks
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 

Lecture 3 - Misuse Cases Final.ppt

  • 2. Misuse Case • Misuse case is a business process modeling tool used in the software development industry. • The term Misuse Case or mis-use case is derived from and is the inverse of use case.
  • 3. Overview • Use cases specify required behavior of software and other products under development, and are essentially structured stories or scenarios detailing the normal behavior and usage of the software. • A Misuse Case on the other hand highlights something that should not happen (i.e. a Negative Scenario) and the threats hence identified, help in defining new requirements, which are expressed as new Use Cases.
  • 4. From use to misuse case • In an industry it is important to describe a system's behavior when it responds to a request that originates from outside : • The use cases have become popular for requirements between the engineers thanks to its features like the visual modeling technique, • They describe a system from an actor's viewpoint and its format explicitly conveys each actor's goals and the flows the system must implement to accomplish them. • The level of abstraction of a use case model makes it an appropriate starting point for design activities, thanks to the use of UML use case diagrams and the end user's or domain expert's language. • But for software security analyses, the developers should pay attention to negative scenarios and understand them. That is why, in the 1990s, the concept of "inverse of an use case" was born in Norway.
  • 5. From use to misuse case Use Cases Misuse Cases Goal: to represent what the system should do Goal: to represent a function that the system should not allow Scenario: a "positive" scenario is a sequence of actions leading to a Goal desired by a person or organization Scenario: a "negative" one is a scenario whose goal is desired not to occur by the organization in question or desired by a hostile agent (not necessarily human). Use case as a completed sequence of actions which gives increased value to the user. Misuse case as a completed sequence of actions which results in loss for the organization or some specific stakeholder. Area of use: any business domain application Misuse case are most commonly used in the field of security. With the ever-growing importance of IT system, it has become vital for every company to develop capability to protect its data.
  • 6. Area of Use • Misuse cases are not about human error (handled in alternate flows) or system errors (handled in exception flows). • Hence, for example a misuse case might be used to define what a hacker would want to do with the system and define his or her requirements. • A developer or designer can then define the requirements of the user and the hacker in the same UML diagram which in turn helps identify the security risks of the system.
  • 7. Why build misuse cases? • You draw your teams attention to forms of attack. • You get the team thinking about security issues early in the project • You make it more likely to prevent attacks • Security becomes part of the functional requirements
  • 8. Diagram Basic Concepts • A misuse case diagram is created together with a corresponding use case diagram. The model introduces 2 new important entities (in addition to those from the traditional use case model, use case and actor: • Misuse case : A sequence of actions that can be performed by any person or entity in order to harm the system. • Misuser : The actor that initiates the misuse case. This can either be done intentionally or inadvertently.
  • 9. Diagram Basic Concepts • The misuse case model makes use of those relation types found in the use case model; include, extend, generalize and association. • In addition, it introduces two new relations to be used in the diagram: • Mitigates: A use case can mitigate the chance that a misuse case will complete successfully. • Threatens: A misuse case can threaten a use case, e.g. by exploiting it or hinder it from achieving its goals.
  • 12. Misuse case Description There are two different ways of describing a misuse case textual; • One is embedded in a use case description template - where you add an extra description field called Threats. This is the field where you fill in your misuse case steps (and alternate steps). This is referred to as the lightweight mode of describing a misuse case. • The other way of describing a misuse case, is by using a separate template for this purpose only. It is suggested to inherit some of the field from use case description (Name, Summary, Author and Date). In addition to there, it is proposed to use several other fields too:
  • 13. Misuse case Description • Misuse case name • Summary • Author • Date • Mitigation points • Extension points • Triggers • Preconditions • Assumptions • Mitigation guarantee • Related business rules • Potential misuser profile • Stakeholders and threats • Terminology and explanations • Scope
  • 15. Misuse case Description • As one might understand, the list above is too comprehensive to be completely filled out every time. • Not all the fields are required to be filled in at the beginning, and it should thus be viewed as a living document. • There has also been some debating whether to start with diagrams or to start with descriptions. • The recommendation given by Sindre and Opdahl on that matter is that it should be done as with use cases. • Do it the way you feel most familiar with, since both variants each have their strengths and their weaknesses.
  • 17. What is a Trojan? • A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. • Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. • Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. • Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. These actions can include: • Deleting data • Blocking data • Modifying data • Copying data • Disrupting the performance of computers or computer networks
  • 18. New Android Trojan malware discovered in Google Play (Nov 2017) • New piece of mobile malware has been discovered in Google Play masquerading as multiple apps: an alarm clock app, a QR scanner app, a compass app, a photo editor app, an Internet speed test app, and a file explorer app. • It starts innocently enough with an icon created on the mobile device after install. Click on the icon, and it opens a functioning QR scanner, as promised. • However, this QR scanner is short lived. You only get one chance to use the app, because after clicking out of it, the icon disappears! • Out of frustration, you may immediately go to your apps list to uninstall this bizarre-behaving QR scanner, but good luck finding it. Instead, this deceiving app is called Download Manager in the app list. • The first step performed by the malicious app in the background is checking the location of the mobile device. This is done by using the website ip-api.com which provides Geolocation using IP. • If the location is in an area that satisfies rules within the code, then it proceeds to the next step.
  • 19. Checksum • A checksum is a small-sized datum derived from a block of digital data for the purpose of detecting errors that may have been introduced during its transmission or storage. • It is usually applied to an installation file after it is received from the download server. • Let's say you download a big update, like a service pack, to a program you use every day, like a graphics editor. This is probably a really big file, taking several minutes or more to download. • Once downloaded, how do you know that the file downloaded properly? What if a few bits were dropped during the download and the file you have on your computer right now isn't exactly what was intended? Applying an update to a program that isn't exactly the way the developer created it is likely to cause you big problems. • This is where comparing checksums can put your mind at ease.
  • 25. Man-in-the-middle attack • In cryptography and computer security, a man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. • Suppose Alice wishes to communicate with Bob. Meanwhile, Mallory wishes to intercept the conversation to eavesdrop and optionally to deliver a false message to Bob. • First, Alice asks Bob for his public key. If Bob sends his public key to Alice, but Mallory is able to intercept it, a man-in-the-middle attack can begin. • Mallory sends a forged message to Alice that purports to come from Bob, but instead includes Mallory's public key. • Alice, believing this public key to be Bob's, encrypts her message with Mallory's key and sends the enciphered message back to Bob. • Mallory again intercepts, deciphers the message using her private key, possibly alters it if she wants, and re-enciphers it using the public key Bob originally sent to Alice. • When Bob receives the newly enciphered message, he believes it came from Alice.
  • 27. Using misuse cases to identify security requirements • Sindre and Opdahl proposes the following 5 steps for using misuse cases to identify security requirements: • Identify critical assets in the system • Define security goals for each assets • Identify threats to each of these security goals, by identifying the stakeholders that may want to cause harm to the system • Identify and analyze risks for the threats, using techniques like Risk Assessment • Define security requirements for the risks. • It is suggested to use a repository of reusable misuse cases as a support in this 5-step process.
  • 28. Strengths This modeling tool has several strengths: • It allows you to provide equal weightage to functional and non-functional requirements, which may not be possible with other tools. • It makes you focus on security from the beginning of the design process and it allows you to avoid premature design decisions. • It is a very good tool for improving communication between developers and stakeholders and is valuable in ensuring that both agree on critical system solutions and Trade-off analysis. • Creating misuse cases often trigger a chain reaction which eases the identification of functional and non-functional requirements. The discovery of a misuse case will often leads to the creation of a new use case which acts as a counter measure. This in turn might be the subject of a new misuse case. • As compared to other tools, It relates better to use cases and UML and eases the seamless employment of the model.