Ami-sec risk Assessment & System Requirements


Flawed Implementation Threats



Yüklə 1,35 Mb.
səhifə11/30
tarix28.10.2017
ölçüsü1,35 Mb.
#17655
1   ...   7   8   9   10   11   12   13   14   ...   30

Flawed Implementation Threats


Flawed implementation threats are those threats that arise due to an incorrect or insecure implementation of AMI. Specific threats are listed below in Table 10.

Table 10. Flawed Implementation Threats






Threat Name

Severity

Likelihood

Description

T.Flawed_Imp.Backdoor.1

High

Unusual

An entity gains improper access to assets via a backdoor mechanism.

T.Flawed_Imp.Developer.1

Medium

Likely

An entity exploits flaws in the AMI component [software, hardware] resource assets to gain improper access to assets.

T.Flawed_Imp.Developer.2

Medium

Likely

An entity exploits flaws in the AMI component [software, hardware] resource assets to perform a denial of service attack.

T.Flawed_Imp.Developer.3

Medium

Likely

An entity exploits flaws in the AMI component [software, hardware] resource assets to exfiltrate an information asset.



      1. Identification & Authentication Threats


I&A threats are those threats that involve the user identification and authentication process. The specific threats are listed below in Table 11.

Table 11. I&A Threats






Threat Name

Severity

Likelihood

Description

T.Ident_Auth.1

High

Likely

An entity discovers user authentication information from a AMI component resource asset.

T.Ident_Auth.2

High

Likely

An entity discovers user authentication information by external methods (i.e. human intelligence).

T.Ident_Auth.3

Low

Likely

An AMI entity forgets its passphrase.

T.Ident_Auth.4

High

Likely

An AMI entity attempts to crack I&A mechanisms through brute force methods (e.g., a password cracker).

T.Ident_Auth.5

High

Likely

An entity is able to guess a passphrase because the passphrase was too simple (e.g., too short, it is “password”, etc.)

T.Ident_Auth.6

High

Unlikely

An entity spoofs the I&A process to gain access to the user authentication information assets.

T.Ident_Auth.7

High

Unlikely

An entity has access to a user’s AMI Token, and attempts to login to a AMI Workstation.

T.Ident_Auth.8

High

Unlikely

An entity steals or borrows a valid user’s AMI Token, and duplicates it with the intent of using it for access by a different individual, or returning it modified to the original user.
      1. Information System Threats


Information system threats are those threats that involve other information systems, whether those systems are other AMI System security domains or non-AMI systems. The specific threats are listed below in Table 12.

Table 12. Information System Threats






Threat Name

Severity

Likelihood

Description

T.InfoSys.1

High

Likely

An entity installs a secret trapdoor into another information system so as to gain access to AMI.

T.InfoSys.2

Medium

Likely

An entity changes the dissemination of an object to which he had access after it has been moved to another information system.

T.InfoSys.Filter.1

Medium

Likely

A AMI entity with access makes use of an ineffective filter (e.g., dirty word filter) at the information system interface.

T.InfoSys.Printer.1

Medium

Likely

An entity waits for a AMI entity with access to an information asset to print that information asset to a printer the entity has access to, and gains access to the information asset via the printout.




      1. Yüklə 1,35 Mb.

        Dostları ilə paylaş:
1   ...   7   8   9   10   11   12   13   14   ...   30




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©muhaz.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin