Site Security Planning |
First the administrator listed the assets needing protection, the network environments from which users would gain access, and the threats to those assets. Linking assets to access (see Table B.1) leads to an important security issue: the need to protect assets outside the corporate firewall. An asset only available from the company’s intranet is protected from outside intruders by the Exploration Airlines firewall. However, assets sent over the Internet are vulnerable to interception while being routed across a public network. Making this distinction helps identify security requirements and cost issues that can be resolved in later steps. Notice that for item 1 (in Table B.1), access is from the intranet and the Internet. This is assuming that Exploration Air employees are allowed to access their accounts from home using dial-up access and to logon via HTTP forms. Thus there is potential danger, due to employees who access the intranet from the Internet.
Next, the administrator considered how each asset might be compromised, and categorized the potential loss as either a loss of data or denial of service. Based on the high value the company attributes to its customers and to its own good name, the administrator placed a high damage score on losses of customer data, especially when customers’ money might be involved. For clarity and simplicity, the administrator did not include information considered public, needing little if any protection.
Table B.1 Threats and Potential Damage
Web Site Threat Assessment for Site:_______________ as of (Date):_______
Asset/Access from |
Threat Loss |
Expected Maximum Damage | |
1 | Employee user IDs | Acquired by malicious user | 10 |
Intranet, the Internet | Data loss, denial of service | “10” for net administrator IDs | |
2 | Back-end SQL Server | Corrupted by malicious user | 10 |
Intranet | Data loss | “10” for corrupt current and backup data | |
3 | Flyers Club IDs and passwords | Acquired by potential thief | 9 |
Intranet, the Internet | Data loss | Customers lose money if thief uses frequent flyer miles | |
4 | Other backend customer data | Acquired by malicious user | 9 |
Intranet, the Internet | Data loss | ||
5 | Web services | Brought down by malicious user | 6 |
Intranet | Denial of service | ||
7 | Network operating system | Brought down by malicious user | 6 |
Intranet | Denial of service | ||
8 | ASP page source | Acquired by malicious user | 5 |
Intranet, the Internet | Data loss |