présentation iwsm-mensura 2016

Evaluating Security in Web Application DesignUsing Functional and Structural Size Measurements

May 1, 20231 © 2016 “Multimedia, InfoRmation Systems and Advanced Computing Laboratory” - MIRACL

Hela Hakim, Asma Sellami, Hanêne Ben-AbdallahHela Hakim, Asma Sellami, Hanêne Ben-Abdallah

FSEG, University of Sfax, TunisiaFSEG, University of Sfax, TunisiaISIMS, University of Sfax, TunisiaISIMS, University of Sfax, TunisiaKing Abdulaziz University, KSAKing Abdulaziz University, KSA

OutlineOutline

May 1, 2023© 2016 “Multimedia, InfoRmation Systems and Advanced Computing Laboratory” - MIRACL 2

Introduction Background Proposed Approach Illustrative Example: “GeoNetwork” Conclusion & Perspective

IntroductionIntroduction


Due to the wide spread interconnection of information system within the web, attacks can be waged anonymously and from a safe distance

Many security incidents have been reported, with potentially quite severe consequences

Security becomes an important issue of every software application, and specially security of Web applications

MotivationMotivation


It is challenging to Early evaluate security (by measuring authenticity sub-characteristics ) at the design phase for developing web application

help software designers/quality engineers to detect risks of authenticity violations

help application owners (end users) to identify the degree of trust in their web applications (in case of an unauthorized access)

classify the risk of the authentication violation at the access control of authenticated users in web application

PProblematicroblematic


How to evaluate the Security of Web application at early phase of the SDLC ?

How to detect the risk ofviolation of authenticity in web application at the design phase?

it is secure

this web application site?

ObjectivesObjectives


Evaluating security characteristic in Web application design

Functional Size Measurement of the authenticity (as a sub-characteristic of Security) in terms of CFP units using COSMIC method

Structural Size Measurement of the authenticity sequence diagram using the structural size method

Measurement of the authenticity by combining the Functional and Structural Size measurement

Identifying/Classifying the risk of violation of authenticity in web application

OutlineOutline



COSMIC - ISO 19761COSMIC - ISO 19761


COSMIC ISO 19761 Functional Measurement size method –V 4.0.1

Allow the quantification of any type of software (business, real-time, embedded,…) from user’s point of view

Independent of any quality or technical criteria Free on the web: http://cosmic-sizing.org/

COSMIC - ISO 19761COSMIC - ISO 19761


Data moveme

nt = 1CFP

Functional User Requirements

(FUR)

Data movements of a data group between the functional user of the software and a COSMIC functional process allow data exchange with a functional user across a software boundary.

Each data movement is equivalent to 1 CFP. The software

functional size is computed by adding all data movements

identified for every functional process.

Data movements of a data group between the COSMIC functional process and persistent storage allow data exchange with the persistent storage hardware.

Structural Size MethodStructural Size Method

May 1, 202310

The structural size measurement (SSM) is applied on the sequence diagram particularly in combined fragment alt, opt and loop to measure its structural size


May 1, 202311

Each combined fragments (alt, opt and loop )has its correspondent control flow graph

The SSM of a sequence diagram is equal to the size of these control flow graph (alt, opt and loop combined fragments)


May 1, 2023© Multimedia, InfoRmation Systems and Advanced Computing Laboratory - MIRACL 12

The use of SSM requires the identification of two types of data manipulation depending on the structure type in which it is defined Data manipulation represented in the flow graph of conditional

control structure (alt, opt combined fragments) Data manipulation represented in the flow graph of the

iterative control structure (loop combined fragment)

Each data manipulation is equivalent to 1 CSM (Control Structure Manipulation)

The sequence structural size is computed by adding all data manipulations identified for every control flow graph


May 1, 202313

Alt combined fragments (flow graph )Conditional Control Structure

Data manipulation= 1CSM

SS= 2CSM


May 1, 202314

opt combined fragments (flow graph )Conditional Control Structure


SS= 1CSM


May 1, 202315

(flow graph )Iterative Control StructureLoop combined fragment


SS= N CSM

ISO 25010 Quality ModelISO 25010 Quality Model


Characteristics

SubCharacteristics

12345

Security in ISO 25010Security in ISO 25010


the identity of a subject or resource can be proved to be

the one claimed


Establishment ofauthentication

rules

Number of provided

authentication protocols

Number of requiredauthentication

protocols inthe specification

Number ofauthentication rules

implemented for secure data

Number of authentication

rules required for secure data

Authentication protocols

OutlineOutline



Proposed ApproachProposed Approach

Proposed Approach Proposed Approach Measuring quality attribute based on the functional size and Measuring quality attribute based on the functional size and structural size of authentication in UML sequence diagram (1)structural size of authentication in UML sequence diagram (1)

May 1, 202321

Authentication protocols


May 1, 202322


May 1, 202323

Quality subCharacteristic measures

Authenticity measuresQualifiers and QMEs related to the measure in ISO 25023

Qualifiers and QMEs relatedto the proposed measure based on SS and FS

AuthenticationProtocols

QM 1

Ap= Number of provided authentication protocols

Bp=Number of required authentication protocols in the specification

SSa = Structural size of the authentication sequence diagram containing alt combined diagram

Bp= Functional size of sequence diagram describing the authentication functional process

Establishment of

Authentication Rules QM2

Ar = Number of authentication rules implemented for secure data

Br= Number of authentication rules required for secure data

SSl= Structural size of the authentication sequence diagram containing loop combined diagram

Br= Functional size of sequence diagram describing the authentication functional process



Proposed ApproachProposed ApproachEvaluating Security Characteristic of Web Application (2)Evaluating Security Characteristic of Web Application (2)


Proposed ApproachProposed ApproachInterpretation of the Security Characteristic Measured Values (3)Interpretation of the Security Characteristic Measured Values (3)


Measurement Results are generally between the range of values [0,1] because the SSa or SSl are always equals or lower than Bp, Br respectivelyLet:

Fp = SSa / BpFr = SSl / Br

The ratio between structural size and functional size measurements (Fp or Fr) represents the level of strength of authentication

Proposed Proposed ApproachApproach Interpretation of the Security Characteristic Measured Values (3)Interpretation of the Security Characteristic Measured Values (3)


The more data movement identified in the application, the more the control structure is likely to be

Consequently, the ratio (Fp or Fr) is proportional

Proposed ApproachProposed Approach Interpretation of the Security Characteristic Measured Values (3)Interpretation of the Security Characteristic Measured Values (3)


Bp is considered bigger than SSa and Br is considered bigger than SSl

If the measured value Ms is nearer or equal to the min value (the zero)

a weak authenticationis nearer or equal to the max value (the one)

a strong authenticationis in the medium (between 0 and 1; +/- 0.5)

an acceptable authentication

Proposed ApproachProposed ApproachClassification of the Violation of the Authentication (4)Classification of the Violation of the Authentication (4)


“How the measured value can be explored?” Classify the risk into different categories

OutlineOutline



Includes three partitions: Commuter, Ticket

vending machine, and Bank Allows a Commuter to buy a ticket for a trip

Sequence Diagram: Sequence Diagram: “GeoNetwork” “GeoNetwork”


1

Applying the COSMIC methodBp ? And Br

2Applying the Stuctural size

methodSSa and SSl

Sequence Diagram: “GeoNetwork” Sequence Diagram: “GeoNetwork”


Measurement Results ( agregations)

Measurements Functions (Fp ,Fr, F)

Measurements Results

Fp = SSa / Bp Fp = 2 CSM / 13 CFP = 0.15 CSM /CFP

Fr= SSl / Br Fr = 3 CSM / 13 CFP = 0.23 CSM/CFP

F=Fp+Fr/2 0.15+0.23=0.38 CSM/CFP

OutlineOutline


Introduction Background FC impact in UML-AD Illustrative Example : “GeoNetwork” Conclusion & Perspective

ConclusionConclusion


Evaluating security in terms of Authenticity sub characteristic

FS SS Combination of FS and SS

Identifying and classifying the risk violation (“Secure”, “Moderate”, “Very high” )

Secure : the measured values is nearer or equal to the max value

Moderate : the measured values is in the medium Very high risk : the measured values is nearer or equal to

the min value

PerspectivePerspective


Further works

Validating the proposed measure Providing an automatic tool to help

designers/quality assurance in making appropriate decisions related to the security of their web application

Thank you!Thank you!


Hela Hakim

Asma Sellami&

Hanêne Ben-Abdallah

e-mail:[email protected]

[email protected]@kau.edu.sa

présentation iwsm-mensura 2016

Software