IJRET: International Journal of Research in Engineering and Technology
eISSN: 2319-1163 | pISSN: 2321-7308
SOFTWARE SECURITY RISK MITIGATION USING OBJECT ORIENTED DESIGN PATTERNS Rehman S1, Mustafa. K2 Department of Information Technology, Salman bin Abdul Aziz University, KSA, shabana.infosec@gmail.com Department of Computer Science,Jamia Millia Islamia, India, kmustafa@jmi.ac.in Abstract It is now well known that requirement and the design phase of software development lifecycle are the phases where security incorporation yields maximum benefits.In this paper, we have tried to tie security requirements, security features and security design patterns together in a single string. It is complete process that will help a designer to choose the most appropriate security design pattern depending on the security requirements. The process includes risk analysis methodology at the design phase of the software that is based on the common criteria requirement as it is a wellknown security standard that is generally used in the development of security requirements. Risk mitigation mechanisms are proposed in the form of security design patterns. Exhaustive list of most reliable and well proven security design patterns is prepared and their categorization is done on the basis of attributes like data sensitivity, sector, number of users etc. Identified patterns are divided into three levels of security. After the selection of security requirement, the software designer can calculate the percentage of security features contribution and on the basis of this percentage; design pattern level can be selected and applied. -------------------------------------------------------------------------***------------------------------------------------------------------------------------
1. INTRODUCTION Mainly software systems are developed without security requirements in mind, which happen because developers usually tend to concentrate their efforts in first understanding systems functional requirements, non-function ones, like security, on a second plan [Ferraz et al., 2009]. Number of approaches of security incorporation in software development life cycle had been proposed, some of the well-known approaches includes UMLsec [Jurjens,2004]; CORAS [Braber, 2003]; CLASP [Chandra, 2006]; SecureTropos[Mouratidis, 2007] ;Goal-Risk [Ansar et al., 2007] etc. But there is no standard method that is reliable, well defined and based on security features and design patterns. Still there is significant need to develop a risk estimation method in the design phase of the software that can estimate the need of security feature and guide the designer to choose appropriate security design pattern accordingly. In this paper CC (Common Criteria) security requirements [Common Criteria, 2008] is taken as a reference model and its all 64 classes (software specific) are accumulated in six basic security feature classes which include 1).Authentication; 2).Authorization; 3). Audit and Logging; 4).Secured Storage; 5). Secure Information Flow and 6). Secure Session Management. The percentage of contribution of each security feature is calculated on the basis of common keywords in the CC security requirement class and the security feature class definition. Further the weightage of each requirement is calculated on the basis of availability of security feature under
each class of security requirement. The risk factor of each security feature is calculated on the basis of their occurrence in the requirements and the severity of the feature and finally mitigation level is proposed according to the risk factor of each security feature. Each risk mitigation level consist of various design patterns that are classified on the basis of attributes like data sensitivity, number of users involved etc. Rest of the paper is organized as follows, in section 2, Common Criteria requirements are discussed. In section 3, security feature class is explained followed by section 4, in which relationship of common criteria security requirements and security features is covered. Risk analysis of security features is presented in section 5.Section 6 covers the risk mitigation through design patterns and case study is carried out in section 7 followed by conclusion and future work in section 8.
2.0 CC STANDARD AND SECURITY FEATURE CLASS The Common Criteria (CC) is an internationally recognized approach to security evaluation of IT products. It provides a set of criteria, which can be used to set security requirements of IT products. These requirements serve as a guide for the development, procurement and evaluation of IT security features and products [NATO, 2008]. The CC permits comparability between the results of independent security evaluations. The CC does so by providing a common set of requirements for the security functionality of IT products and for assurance measures applied to these IT products during a
__________________________________________________________________________________________ Volume: 02 Issue: 07 | Jul-2013, Available @ http://www.ijret.org
71