PROG8281_24W_Projecct 1

.docx

School

Conestoga College *

*We aren’t endorsed by this school

Course

8281

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

5

Uploaded by CountMaskBee36

Report
Lab Book Enterprise application security PRO8281 Description: Our main aim with this threat model is to find and understand possible security issues that might harm the safety, secrecy, and reliability of Payment.ca, our online store. We want to carefully look at all the parts of our system and how they work together to prevent problems like data leaks, fraudulent payments, and attacks that could make our website unavailable. The idea is to catch these issues early and stop them before they can cause any harm.
We will use Microsoft threat modelling tool to demonstrate our network process and identify weaknesses in our system. We will also be drawing a flow chart on draw.io to demonstrate the process it goes through. Observations: Diagram: Diagram 1 We have been able to successfully create our process diagram through threat modelling option and below are some major threats we identified that can affect our system. 1. An adversary can leverage the weak scalability of Identity Server's token cache and cause DoS Category: Denial of Service Description: The default cache that Identity Server uses is an in-memory cache that relies on a static store, available process-wide. While this works for native applications, it does not scale for mid-tier and backend applications. This can cause availability issues and result in denial of service either by the influence of an adversary or by the large scale
of application's users. Justification: <no mitigation provided> Possible Mitigation(s): Override the default Identity Server token cache with a scalable alternative. Refer: <a href="https://aka.ms/tmtauthn#override-token">https://aka.ms/tmtauthn#override- token</a> SDL Phase: Design 2. An adversary may sniff the data sent from Identity Server Category: Information Disclosure Description: An adversary may sniff the data sent from Identity Server. This can lead to a compromise of the tokens issued by the Identity Server Justification: <no mitigation provided> Possible Mitigation(s): Ensure that all traffic to Identity Server is over HTTPS connection. Refer: <a href="https://aka.ms/tmtcommsec#identity-https">https://aka.ms/tmtcommsec#id entity-https</a> SDL Phase: Design 3. An adversary can bypass authentication due to non-standard Identity Server authentication schemes Category: Spoofing Description: An adversary can bypass authentication due to non-standard Identity Server authentication schemes Justification: <no mitigation provided> Possible Mitigation(s): Use standard authentication scenarios supported by Identity Server. Refer: <a href="https://aka.ms/tmtauthn#standard-authn-id">https://aka.ms/tmtauthn#stan dard-authn-id</a> SDL Phase: Design 4. An adversary can get access to a user's session due to improper logout from Identity Server Category: Spoofing Description: An adversary can get access to a user's session due to improper logout from Identity Server Justification: <no mitigation provided>w Possible Mitigation(s): Implement proper logout when using Identity Server. Refer: <a href="https://aka.ms/tmtsmgmt#proper-logout">https://aka.ms/tmtsmgmt#proper -logout</a> SDL Phase: Implementation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help