Secure Software Design with UML. Secure UML: Requirements System Architecture/Design Test. Acknowledgments. References are provided per page. Most diagrams are original, but ideas are adapted from references. Author: Susan J Lincke, PhD Univ. of Wisconsin-Parkside
References are provided per page. Most diagrams are original, but ideas are adapted from references.
Author: Susan J Lincke, PhD
Univ. of Wisconsin-Parkside
Tim Knautz, Janine Spears PhD, David Green PhD, Megan Reid
Funded by National Science Foundation (NSF) Course, Curriculum and Laboratory Improvement (CCLI) grant 0837574: Information Security: Audit, Case Study, and Service Learning.
Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and/or source(s) and do not necessarily reflect the views of the National Science Foundation.
The student shall be able to:
Define the 5 OCTAVE security requirements process
Draw a misuse case diagram with and without security use cases.
Confidentiality: Limits access of authorized users and prevents access to unauthorized users
Integrity: The reliability of information resources and data have not been changed inappropriately
Availability: When something needs to be accessed by the user, it is available
Vulnerability: Open door or windows
Threat agent: Burglar
Owner: Those accountable or who value the asset
Risk: Danger to assets
Register: Clients register to obtain documentation by providing name, email, job function
Provider: Send periodic updates to Clients to indicate changes in materials
Risk: Threat and vulnerability(s) -> negative impact
Identify critical assets
Define security goals
Define security requirements
* Low Priority
** Medium Priority
*** High Priority
Which misuse cases relate to:
DOS = Denial of Service
Overflow DB: Fill disk with records
Send Continual Requests: (Distributed Denial of Service) No processor remains
State Diagrams can ensure software:
<<Security Package>> Sanitize Input
<<Risk Factor>> 9
<<Security Descriptor>> Injection Attack Defense
<<Risk Factor>> 9
<<Security Descriptor>> DOS Defense
<<Security Descriptor>> 3rd Party S/W
Software Testing = Software works as it should
Penetration Testing = Probes security risks addressing threats to policy
Buffer Overflow: Can long input affect service?
Script Injection: Can input with scripts execute?
Numeric Overflow: Can a large number become a negative or small number?
Race Condition: Can multiple threads cause errors?
Configuration Issues: Can software be installed improperly, causing abuse?
Programmer Backdoors: Have programmers left hooks providing entry or information?
Jamie Ramon MD
Chris Ramon RD
Software ConsultantHealth First Case Study
All of this information is protected by HIPAA
HIPAA=Health Insurance Portability and Accountability Act
Confidentiality: In transmission, on disk, or any other form.
Integrity: All transactions are logged as to who did them and why. Hashing (sophisticated checksums) are also required.
Use Case Diagram
Use Cases: Ovals representing the functions that users will need to perform
Medical Admin use cases include:
OCTAVE Security Requirements Process