270 likes | 424 Views
Software Product Attribute Metrics - Security. Presented By: Gary Smith SWE 6763 Southern Polytechnic State University April 28, 2011. What Are Security Metrics?. Security metrics are measurements taken of a system or program to determine how ‘secure’ it is.
E N D
Software Product Attribute Metrics - Security Presented By: Gary Smith SWE 6763 Southern Polytechnic State University April 28, 2011
What Are Security Metrics? Security metrics are measurements taken of a system or program to determine how ‘secure’ it is. Is the system vulnerable to outside attacks? Is the system protected from accidental disclosure of confidential information? Can too many objects ‘see’ or ‘get to’ confidential information?
So Why Do We Care? Little attention has been paid to security metrics. So what? My system is secure. Security metrics are most commonly done after implementation Isn’t that the best place to do it? Ok, well some are also done at the coding stage. That is even better, find them while coding, of course!
So Why Do We Care? We do because The NIST (National Institute of Standards and Technology) states that eliminating security vulnerabilities at the design stage can cost 30 times less than at later stages. $
It Saves Money, so why haven’t I heard of it? Security Metrics have received little attention. More focus has been placed on maintainability, performance, reusability, reliability and functionality. [Alshammari et al] Security metrics will gain more attention as confidentiality breaches hit the media. Less expensive to fix risk areas than pay fines later.
Security Metrics – Overview Security Metrics based on the quality properties for object-oriented programs specified by Bansiya and Davis. Composition Coupling Extensibility Inheritance Design size
Security Metrics – Composition Definition The Composite-Part Critical Classes (CPCC) metric is “the ratio of the number of critical composed-part classes to the number of critical classes in a design”. [Alshammari et al] CPCC(D) = 1 – (|CP| / |CC|) D = Design Class CP = Composed Part Classes CC = Total Critical Classes
Security Metrics – Composition Example Assume a design has 100 critical classes of which only 10 are composed part classes. CPCC(D) = 1 – (|CP| / |CC|) CPCC(D) = 1 – (10 / 100) CPCC(D) = 1 – 0.1 = 0.9 This design would be regarded as not secure with regard to the CPCC metric.
Security Metrics – Coupling Definition The Critical Classes Coupling (CCC) metric aims to find the degree of coupling between classes and classified attributes in a given design. The ratio of the number of all classes’ links with classified attributes to the total number of possible links with classified attributes in a given design” ca CCC(D) = ∑ α (CAj) / (|C|−1) × |CA| j=1 D = Design class C = Number of classes in the design CA = Number of critical attributes α (CAj) = Number of classes that interact with the classified attribute.
Security Metrics – Coupling Example Assume we have a design that has 10 classes and 5 critical attributes and 5 classes that interact with the classified attributes. Assume α = 1. ca CCC(D) = ∑ α (CAj) / (|C|−1) × |CA| j=1 CCC(D) = (5) + (5) + (5) + (5) + (5) / (10 – 1) x (5) CCC(D) = 25 / 45 = 0.55
Security Metrics – Extensibility Definition The metric Critical Classes Extensibility (CCE) is defined as “The ratio of the number of the non-finalized critical classes in a design to the total number of critical classes in that design” CCE(D) = |ECC| / |CC| D = Design ECC = Extensible Critical Classes CC = Total Critical Classes
Security Metrics – Extensibility Definition The metric Critical Methods Extensibility (CME) is defined as “The ratio of the number of the non-finalized classified methods in a design to the total number of classified methods in that design” CME(D) = |ECM| / |CM| D = Design ECM = Extensible Classified Methods CM = Total Classified Methods
Security Metrics – Extensibility Example Assume we have a design that has 50 critical classes (methods) of which 10 of them are extensible. CCE(D) = |ECC| / |CC| CCE(D) = 10 / 50 = 0.20 CME(D) = |ECM| / |CM| CME(D) = 10 / 50 = 0.20
Security Metrics – Inheritance Type 1 Definition Critical Super classes Proportion (CSP). This metric is defined as “The ratio of the number of critical super classes to the total number of critical classes in an inheritance hierarchy” CSP(H) = |CSC| / |CC| H = hierarchy CSC = Critical super classes CC = Total Critical Classes
Security Metrics – Inheritance – Type 1 Example Assume we have 100 critical classes in a design and 42 of those are critical super classes. CSP(H) = |CSC| / |CC| CSP(H) = 42 / 100 = 0.42
Security Metrics – Inheritance Type 2 Definition Critical Superclasses Inheritance (CSI). This metric is defined as “The ratio of the sum of classes which may inherit from each critical superclass to the number of possible inheritances from all critical classes in a class hierarchy”. csc CSI(H) = ∑β (CSCk) / (|C|−1)×|CC| k=1 H = hierarchy CSC = Critical Super Classes C = Total number of classes CC = Total number of critical classes
Security Metrics – Inheritance – Type 2 Example Assume we have a design that has 10 classes and 2 critical super classes and 1 critical class classes that interact with the classified attributes. Assume β = 1. csc CSI(H) = ∑β (CSCk) / (|C|−1)×|CC| k=1 CSI(H) = (1) + (1) / (10 – 1) X 1 CSI(H) = 2 / 9 = 0.28
Security Metrics – Inheritance Type 3 Definition Classified Methods Inheritance (CMI) is “The ratio of the number of classified methods which can be inherited in a hierarchy to the total number of classified methods in that hierarchy” CMI(H) = |MI| / |CM| H = hierarchy MI = Classified methods that could be inherited CM = Total classified methods in the hierarchy
Security Metrics – Inheritance – Type 3 Example Assume we have a design that has 100 critical methods of which 27 of them could be inherited. CMI(H) = |MI| / |CM| CMI(H) = 27 / 100 = 0.27
Security Metrics – Inheritance Type 4 Definition Classified Attributes Inheritance (CAI) is “The ratio of the number of classified attributes which can be inherited in a hierarchy to the total number of classified attributes in that hierarchy” CAI(H) = |AI| / |CA| H = hierarchy AI = Classified attributes that could be inherited CA = Total classified attributes in the hierarchy
Security Metrics – Inheritance – Type 4 Example Assume we have a design that has 100 critical attributes of which 57 of them could be inherited. CAI(H) = |AI| / |CA| CAI(H) = 57 / 100 = 0.57
Security Metrics – Design Size Definition Design size simply takes into account the size, the number of classes, in a given program. This metric is not currently in practice. This metric requires a full program implementation. CDP(D) = |CC| / |C| D = Design CC = Critical Classes C = Total Classes
Security Metrics – Design Size Example Assume a design has 1000 classes of which 250 of them are deemed to be critical classes. CDP(D) = |CC| / |C| CDP(D) = 250 / 1000 = 0.25
Security Metrics – Case Study Example Review of article case study for determining security metrics in a simple design. Refer to handout given prior to presentation.
Security Metrics – Summary Security metrics are still in their infancy and not widely used during the design phase. Can save $ (up to 30 times the cost of finding security risks at a later step). “Spend time now to save legal costs later”.
Article Reviewed for this Presentation Alshammari, B., Fidge, C. and Corney, D. (2010). Security Metrics for Object-Oriented Designs. Software Engineering Conference (ASWEC), 2010 21st Australian. (pp. 55-64), IEEE.