Question

Task 1. Consider the following scenarios

1. An order processing application for a pet supplies store. The customers should be able to place orders online and for every order they must receive an order confirmation vie e-mail and upon shipping they must receive a shipping notice via e-mail.
2. A publicly traded retailer with retail outlets and online shopping and shipping options
3. A small, private law firm having a small website with forms for potential clients to complete; including name, address, contact number, and reason for scheduling an appointment
4. A real estate Appraisal Company that provides online appraisals for a publicly traded financial institution’s residential-loan applicants which sends all applicant information to the appraisal company electronically
5. A Web hosting company that provides leased servers for Web sites of client’s ranging from small firms to large online retailers
6. A city government that allows people with parking tickets to pay the fines online using a credit card or online check

Last week we discussed in the class, the threats posed by each of the above scenarios and explain what its effect may be if a web application is compromised. One of the software strategies to cover the emergent security threat to an application is to build abuse cases. The result I expect is a report which integrates the software development lifecycle with security in every step of it for the abuse case described for any one of the scenarios mentioned above. You can also attempt the exercise for any scenario which interests you . (5 points)

Answer 1

The effects on the above scenario when the web application is compromised.

When a web application is compromised there is an unwanted activity taken by the intruder which poses severe security threats on the information that the website possess.

There are many consequences that you will have to endure if your website is indeed ever compromised.

These include, but are not limited to:

IDENTITY THEFT

If your website is hacked, you or any of your customers can become the victims of identity theft if your personal and financial information is stolen.

SITE’S SPEED SLOWS DOWN

Another reason a cybercriminal may attempt to hack into your website is to store thousands of files, such as illegal information or pirated music and movies, and then run those files on your server.

WEB HOSTS COULD SUSPEND YOUR ACCOUNT

One of the reasons hackers will attack website is to use your IP address to launch attacks on other targeted websites or to blast out spam emails.

SITE COULD CRASH COMPLETELY

If you ever click the link to a page on your site and you see a blanket white screen with a "PAGE NOT FOUND - 404 ERROR" message, it’s a clear sign that your website has been hacked, and you’ll want to take action right away to solve the problem.

In the scenario of order processing system when a website is compromised the details of the customer can lost the orders won't be processed leading to a dip in customer trust.

In the second scenario shopping cannot be done. Resulting in unavailability of service.

In the case of the law firm all the confidential information of customer can lost. The real estate appraisal company and the web hosting company can lost all the data. making them unable to operate furthermore.

Abuse case mentioned for any of the scenario in s report which integrate the SDLC with security.

Use abuse cases to determine security requirements, strengthen controls, and improve the security of an application’s business features.

Misuse and abuse cases describe how users can misuse or exploit weak controls in software features to attack an application.

A direct attack against business functionalities, which may bring in revenue or provide a positive user experience, can have a tangible business impact. Abuse cases can be an effective way to drive security requirements to properly protect these critical business use cases.

The scenario of public trader with retail shops online shopping and shipment option is taken for this report.

The shopping cart use case

An online retailer plans to support an anonymous checkout and payment system whereby an anonymous user can enter a shipping address and payment details, place the order, and expect delivery without needing to create an account.

In the design, when a customer adds an item to their shopping cart, stock is reserved for that item.

If there were 500 pairs of pants available, and someone adds a pair to their cart, there are now 499 pairs of pants available for other customers.

Abuse case number 1

A user misuses the shopping cart by adding a large quantity of products without the intent to purchase

Reserving stock when a user adds an item to their shopping cart is convenient for the user but reduces buying opportunities for other users.

To control this:

Reserve stock when a user starts the checkout process, rather than when they add items to their cart

Limit the number of items allowed in the shopping cart

Implement timers on items added to the cart, or to the entire cart

Support oversubscription through a feature to compensate users whose orders couldn’t be fulfilled

Monitor and release. If the stock inventory level is within a predefined threshold, raise an alert

Abuse case number 2

Denial-of-service attack with anonymous accounts

Attackers can take advantage of the anonymity of the shopping cart to attack the system by repeatedly opening a browser, creating a new cart, and reserving a large quantity of items.

Solved by

Implement tiered trust. Assign additional privileges to registered accounts, and fewer to anonymous accounts.

Use “likelihood to action” to prioritize inventory holding.

Abuse case cnumber 3

Automated denial of service attacks using botnet or testing tools

Attackers may use botnets or testing tools to create shopping carts and reserve products periodically. This can exhaust your inventory with constant holdings

Mitigate the risk by

Using captchas in website

Subscribe to IP blacklist feeds and use IP “threat intelligence” to screen out automated botnet attacks.

Limit browser sessions with “suspicious” item reservation requests

Misuse and abuse cases can be an effective tool to drive security requirements that protect business features or processes.

By designing countermeasures against misuse or abuse cases, you can identify proper security controls.