Page 386 -
P. 386

14.1   Security risk management  369




                               Insider attacks and social engineering

                        Insider attacks are attacks on a system carried out by a trusted individual (an insider) who abuses that trust. For
                        example, a nurse, working in a hospital may access confidential medical records of patients that he or she is not
                        caring for. Insider attacks are difficult to counter because the extra security techniques that may be used would
                        disrupt trustworthy system users.
                        Social engineering is a way of fooling accredited users into disclosing their credentials. An attacker can therefore
                        behave as an insider when accessing the system.
                                     http://www.SoftwareEngineering-9.com/Web/SecurityEng/insiders.html





                                       3.  Attack monitoring, detection and recovery includes activities which monitor the
                                          system for unauthorized access, detect, and put in place strategies for resisting
                                          attacks, and backup activities so that normal operation can be resumed after an
                                          external attack.


                                         Security management is vitally important, but it is not usually considered to be
                                       part of application security engineering. Rather, application security engineering is
                                       concerned with designing a system so that it is as secure as possible, given budget
                                       and usability constraints. Part of this process is ‘design for management’, where you
                                       design systems to minimize the chance of security management errors leading to
                                       successful attacks on the system.
                                         For critical control systems and embedded systems, it is normal practice to
                                       select an appropriate infrastructure to support the application system. For exam-
                                       ple, embedded system developers usually choose a real-time operating system
                                       that provides the embedded application with the facilities that it needs. Known
                                       vulnerabilities and security requirements can be taken into account. This means
                                       that an holistic approach can be taken to security engineering. Application secu-
                                       rity requirements may be implemented through the infrastructure or the applica-
                                       tion itself.
                                         However, application systems in an organization are usually implemented using
                                       the existing infrastructure (operating system, database, etc.). Therefore, the risks of
                                       using that infrastructure and its security features must be taken into account as part
                                       of the system design process.




                                14.1 Security risk management



                                       Security risk assessment and management is essential for effective security engi-
                                       neering. Risk management is concerned with assessing the possible losses that might
                                       ensue from attacks on assets in the system, and balancing these losses against the
   381   382   383   384   385   386   387   388   389   390   391