Threats and Countermeasures to an ASP.net application
Threats to an application
STRIDE:
Threats faced by the application can be categorized based on the goals and purposes of the attacks. A working knowledge of these categories of threats can help us to organize a security strategy so that we have planned responses to threats. STRIDE is the acronym used at Microsoft to classify different threat types. STRIDE stands for:
* Spooling. Spooling is attempting to gain access to a system by using a false identity. This can be accomplished using stolen user credentials of false IP address. After the attacker successfully gains access as a legitimate user or host, elevation of privileges or abuse using authorization can begin.
* Tampering. Tampering means unauthorized modification of data, for example as it flows over a network between computers.
* Repudiation. Repudiation is the ability of users (legitimate or otherwise) to deny that they performed specific actions or transactions. Without adequate auditing, repudiation attacks are difficult to prove.
* Information disclosure. Information disclosure is the unwanted exposure of private data. For example, user views the contents of the table or file he or she is not authorized to open, or monitors data passed in plaintext over a network. Some examples of information disclosure vulnerabilities include the use of hidden form fields comments embedded in web pages that contains database connection strings and connection details, and weak exception handling that can lead to internal system level details being revealed to the client. Any of this information can be very useful to the attacker.
* Denial of Service .Denial of Service is the process of making a system or application unavailable. For example, a denial of service attack might be accomplished by bombarding a server with requests to consume all available system resources or b passing it malformed input data that can crash an application process.
* Elevation of Privilege. Elevation of Privilege occurs when a user with limited privileges assumes the identity of a privileged user to gain privileged access to the application. For example, an attacker with limited privileges might elevate his or her privilege level to compromise ad take control of a highly privileged and trusted process ort account.
Threat Countermeasures
* Spoofing user identity
. Use strong authentication.
. Do not store secrets (e.g., passwords) in plaintext.
. Do not pass credentials in plaintext over the wire.
. Protect authentication cookies with Secure Sockets Layer (SSL).
. Follow the principle of least privilege and use least privileged service accounts to run processes and access resources.
* Tampering with data
. Use Hashing and Signing.
. Use strong authorization.
. Use tamper-resistant protocols across communication links.
. Secure communication links with protocols that provide message integrity.
* Repudiation
. Create secure audit trails
. Use digital signatures.
* Information disclosure
. Use strong authorization.
. Use strong encryption.
. Secure communication links with protocols that provide message confidentiality.
. Do not store secrets (e.g., passwords) in plaintext
* Denial of Service
. Use resource and bandwidth throttling techniques.
. Validate and filter input.
* Elevation of Privilege
. Follow the principle of least privilege and use least privileged service accounts to run processes and access resources.
|
No responses found. Be the first to respond and make money from revenue sharing program.
|