With the advent of Web technologies, we have extended the reach of our applications to thousand of users. This has been tremendus achievement, but similarly there have been various incidents where site is hacked or application usage and data had been compromised. What are these threats, how to classify them, how to identify the risk and mitigate the risk. Let's have an overview of the Threat.
- Threat #1 A malicious user views or tampers with personal profile data en route from the Web server to the client or from the client to the Web server. Tampering with data/Information being sent from one page to another.
- Threat #2 A malicious user views or tampers with personal profile data en route from the Web server to the COM component or from the component to the Web server.
- Threat #3 A malicious user accesses or tampers with the profile data directly in the database.
- Threat #4 A malicious user views the Lightweight Directory Access Protocol (LDAP) authentication packets and learns how to reply to them so that he can act “on behalf of” the user. (Spoofing identity)
- Threat #5 A malicious user defaces the Web server by changing one or more Web pages. (Tampering with data)
- Threat #6 an attacker denies access to the profile database server computer by flooding it with TCP/IP packets. (dos)
- Threat #7 an attacker deletes or modifies the audit logs. (Tampering with data/Repudiation)
- Threat #8 an attacker places his own Web server on the network after killing the real Web server with a distributed DoS attack. (Spoofing identity; in addition, a particularly malicious user could instigate all threat categories by stealing passwords or other authentication data, deleting data, and so on.)
Type of Threats
There can be various type of threat, we can classify most of them using acronym STRIDE. Here is detailed explaination
- Spoofing identity. An example of identity spoofing is illegally accessing and then using another user's authentication information, such as username and password.
- Tampering with data. Data tampering involves the malicious modification of data. Examples include unauthorized changes made to persistent data, such as that held in a database, and the alteration of data as it flows between two computers over an open network, such as the Internet.
- Repudiation. Repudiation threats are associated with users who deny performing an action without other parties having any way to prove otherwise—for example, a user performs an illegal operation in a system that lacks the ability to trace the prohibited operations. Nonrepudiation refers to the ability of a system to counter repudiation threats. For example, a user who purchases an item might have to sign for the item upon receipt. The vendor can then use the signed receipt as evidence that the user did receive the package.
- Information disclosure. Information disclosure threats involve the exposure of information to individuals who are not supposed to have access to it—for example, the ability of users to read a file that they were not granted access to, or the ability of an intruder to read data in transit between two computers.
- Denial of service. Denial of service (DoS) attacks deny service to valid users—for example, by making a Web server temporarily unavailable or unusable. You must protect against certain types of DoS threats simply to improve system availability and reliability.
- Elevation of privilege. In this type of threat, an unprivileged user gains privileged access and thereby has sufficient access to compromise or destroy the entire system. Elevation of privilege threats include those situations in which an attacker has effectively penetrated all system defenses and become part of the trusted system itself, a dangerous situation indeed
We shall talk about how to mitigate the risk in next posts. Continued on Next Post.…