Requirements Engineering for SaaS Application Security in Cloud Using SQUARE Methodology



Similar documents
Is it Time to Trust the Cloud? Unpacking the Notorious Nine

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

A PRACTICAL APPROACH TO INCLUDE SECURITY IN SOFTWARE DEVELOPMENT

A Secure System Development Framework for SaaS Applications in Cloud Computing

Cloud Security and Managing Use Risks

Security Issues in Cloud Computing

Cloud Security Introduction and Overview

SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING

VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium

Cloud Computing Governance & Security. Security Risks in the Cloud

Chapter 1: Introduction

Security Model for VM in Cloud

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)

Cybersecurity. Cloud. and the. 4TH Annual NICE Workshop Navigating the National Cybersecurity Education InterState Highway September 2013

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

A Survey on Security Issues and Security Schemes for Cloud and Multi-Cloud Computing

Risks and Challenges

A Security Approach in System Development Life Cycle

Data Storage Security in Cloud Computing

External Supplier Control Requirements

STORAGE SECURITY TUTORIAL With a focus on Cloud Storage. Gordon Arnold, IBM

Entire contents 2011 Praetorian. All rights reserved. Information Security Provider and Research Center

IT Security Risk Management Model for Cloud Computing: A Need for a New Escalation Approach.

Cloud Infrastructure Security

Cloud Computing Security Considerations

Security Quality Requirements Engineering (SQUARE) Methodology

Cloud Security. DLT Solutions LLC June #DLTCloud

A Review: Data Security Approach in Cloud computing by using RSA Algorithm

A Review : Security Framework Information Technology for University Based on Cloud Computing. E.S. Negara, R. Andryani

Auditing Cloud Computing. A Security and Privacy Guide. Wiley Corporate F&A

Assessing, Evaluating and Managing Cloud Computing Security

Cloud Security Specialist Certification Self-Study Kit Bundle

Threat Modeling. Frank Piessens ) KATHOLIEKE UNIVERSITEIT LEUVEN

Risk Management Guide for Information Technology Systems. NIST SP Overview

FACING SECURITY CHALLENGES

Ensuring Cloud Security Using Cloud Control Matrix

How to ensure control and security when moving to SaaS/cloud applications

Cloud Computing Service Models, Types of Clouds and their Architectures, Challenges.

Guideline on Implementing Cloud Identity and Access Management

While cloud computing may have many benefits, it comes with a financial and a business cost in terms of:

A Parametric Approach for Security Testing of Internet Applications

Information Auditing and Governance of Cloud Computing IT Capstone Spring 2013 Sona Aryal Laura Webb Cameron University.

Cloud Essentials for Architects using OpenStack

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) Introduction to Cloud Security. Taniya

Secure Cloud Computing through IT Auditing

A Survey on Cloud Security Issues and Techniques

Security Software Engineering: Do it the right way

A HYPE-FREE STROLL THROUGH CLOUD STORAGE SECURITY

How To Protect Your Cloud Computing Resources From Attack

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

Keyword: Cloud computing, service model, deployment model, network layer security.

N TH THIRD PARTY AUDITING FOR DATA INTEGRITY IN CLOUD. R.K.Ramesh 1, P.Vinoth Kumar 2 and R.Jegadeesan 3 ABSTRACT

Cloud security architecture

Compliance and Cloud Computing

future data and infrastructure

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Security Issues in Cloud Computing

IDENTITY & ACCESS MANAGEMENT IN THE CLOUD

Where every interaction matters.

The Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations

How To Design A Cloud Data Storage Service For A Cloud Computer System

Microsoft s Compliance Framework for Online Services

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

System Quality Requirements Engineering (SQUARE): Case Study on Asset Management System, Phase II

Capturing the New Frontier:

Big Data, Big Risk, Big Rewards. Hussein Syed

East African Information Conference th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

SECURITY THREATS TO CLOUD COMPUTING

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

Cloud Computing and Records Management

CLOUD TECHNOLOGY IMPLEMENTATION/SECURITY

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

NIST Cloud Computing Reference Architecture & Taxonomy Working Group

Development Processes (Lecture outline)

SECURITY RISK MANAGEMENT

Secure By Design: Security in the Software Development Lifecycle

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

The Evolving Threat Landscape and New Best Practices for SSL

Cloud Computing A NIST Perspective & Beyond. Robert Bohn, PhD Advanced Network Technologies Division

NIST Cloud Computing Reference Architecture

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

HOSTING. Managed Security Solutions. Managed Security. ECSC Solutions

The silver lining: Getting value and mitigating risk in cloud computing

Anatomy of a Cloud Computing Data Breach

John Essner, CISO Office of Information Technology State of New Jersey

How to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

PCI Compliance for Cloud Applications

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1

Transcription:

Requirements Engineering for SaaS Application Security in Cloud Using SQUARE Methodology E. Pragnavi J. Sandeep Kumar Assistant Professor, Product Technical Lead, Dept. of CSE, UCE, Infosys, Hyderabad Osmania University Abstract--The advent of the digital business and the digital workplace is increasing the speed at which mobility and security are disconnecting. Cloud computing is becoming an increasingly established as cost efficient and needs oriented information system at the same time the use of cloud computing systems also involves a number of security risks. As a result the use of cloud computing systems is still restricted. Security is the top criteria along with availability and cost which must be satisfied. This paper applies a detailed assessment of the potential security threats in one of the service model identified by NIST[2] i.e., Software-as-a service (SaaS) applications compiled within all phases of the software development life cycle using SQUARE methodology[1]. Index Terms-- Cloud Computing, Software-as-a-Service, SQUARE methodology. I. INTRODUCTION Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and release with a minimal management effort or service provider interaction. Cloud computing generally, and SaaS in particular is a rapidly growing method in delivering technology, which is also visible to cloud's end users and services are deployed by end users. The SaaS applications are mainly accessed on various clients devices through a thin client interface such as web browsers. SaaS in turn is built upon the underlying IaaS and PaaS stacks and provides a self-contained operating environment that is used to deliver the entire user experience, including the content, its presentations, and applications and management capabilities. Figure 1 : Visibility of SaaS SaaS provides the most integrated functionality built directly into the offering, with least consumer extensibility, and relatively a high level of integrated security. The increase interest in the advancement of SaaS is due to the SaaS service provider installs runs and maintains all the essential software and its associated hardware. The consumers of SaaS can be organizations that provide their members with access to software applications, end users who directly use software applications, or software application administrators who configure applications for end users. SaaS consumers access and use applications on demand, and can be billed on the number of consumers or the amount of consumed services. Cloud services in various application categories which are available today under Software as a Service are as follows: Scalable Websites Data Management and Distribution Software Development and Testing Interactive, Mobile applications 3751

Scientific Computing. Figure 2 : Software-as-a-Service SaaS are becoming the gatekeeper for sensitive information, whether it is in the form of personal data or corporate data. Security breaches can therefore be potentially devastating for both users and SaaS providers. A SaaS provider will need to check if the development team has implemented secure engineering practices in the design and code to make sure the SaaS application is secure. Security must be enhanced and integrated into all phases of software development life cycle and should be overlooked frequently for the underlying requirements catering what software should do and what not. Without requirements security architecture cannot be built. Organizations should ensure that the best practices of application security, identity management, data management, privacy are integral throughout the life cycle of the application. Requirements definition is conducted at the start of the start of the life cycle to establish what the software shall and shall not to do. Adding security to software after the project is delivered drives up maintenance cost and effects internal or external customers data and corporate reputation. Establishing patterns for security requirements will enable software development teams to utilize best practices in security requirements. The Secure Quality Requirements Engineering (SQUARE) methodology defines a process for a software development team to effectively elicit security requirements from different stakeholders and prioritize security requirements based on the security goals of the system. In step 1 (Agree on Definitions), the various stake holders and development team agree on definitions that will be used throughout the elicitation process. In step 2 (Identify security goals), the stakeholders and the requirements engineer team identify assets and security goals for the system. In step 3 ( Develop Artifacts), the requirements engineer team uses the security goals to develop artifacts for the security requirements definition. In Step 4 (Perform Risk Assessment), the requirements engineer, risk expert, and stakeholders use the artifacts developed in Step 3 to conduct a structured risk assessment to define security risks. In Step 5 (Elicitation Technique), the requirements engineer selects requirements elicitation technique(s). In Step 6(Elicit Security Requirements), the stakeholders and requirements engineer elicit security requirements using the risk assessment and artifacts and produce an initial requirements list. In Step 7(Categorize Requirements), the requirements engineer categorizes the security requirements. In Step 8(Prioritize Requirements), stakeholders and the requirements engineer prioritize the requirements using the risk assessment and the proposed requirements list. In Step 9(Requirements Inspection), the inspection team inspects and validates the proposed security requirements [1]. II. SQUARE METHODOLOGY SQUARE can be decomposed into nine discrete steps. Each step identifies the necessary inputs, participants, suggested techniques, and final output. The following are the nine steps of SQUARE methodology. A. Agree on Definitions Especially in highly technical domains of knowledge, agreeing on definitions is critical for effective communication. Software development requirements represent a contract of complex terms between the clients and the software development organizations, so using agreed upon definitions that are common to both parties is vital. The security controls and their scope are negotiated into the contracts for service; service levels, privacy and compliance are all issues to be dealt legally in contracts. This may include the following: 3752

Application Security Architecture Consideration must be given to the reality that most applications have dependencies on various other systems. With Cloud Computing, application dependencies can be highly dynamic, even to the point where each dependency represents a discrete third party service provider. Cloudcharacteristics make configuration management and ongoing provisioning significantly more complex than with traditional application deployment. The environment drives the need for architectural modifications to assure application security. Software Development Life Cycle (SDLC) Cloud computing affects all aspects of SDLC, spanning application architecture, design, development, quality assurance, documentation, deployment, management, maintenance, and decommissioning. Compliance Compliance clearly affects data, but it also influences applications (for example, regulating how a program implements a particular cryptographic function), platforms (perhaps by prescribing operating system controls and settings) and processes (such as reporting requirements for security incidents). Tools and Services Cloud computing introduces a number of new challenges around the tools and services required to build and maintain running applications. These include development and test tools, application management utilities, the coupling to external services, and dependencies on libraries and operating system services, which may originate from cloud providers. Understanding the ramifications of who provides, owns, operates, and assumes responsibility for each of these is fundamental. Vulnerabilities These include not only the welldocumented and continuously evolving vulnerabilities associated with web applications. B. Identify Security goals As this papers discusses about SaaS application security, some of the most significant threats faced now-a-days are attackers defacing websites, stealing credit cards numbers and bombarding websites with denial of service attacks and also the malware present in the websites. Other problems faced by the compromised service provider, internal employees and other end users who mistakenly stumbles across sensitive data and pose significant risk. The solution is ongoing process involving the stake holders and practices. To examine the security threats to an application, the application security goals must be understood in various categories as Business goals- To provide an application that supports services for an organization. Individual goals- to provide an application that supports services for end users (public cloud) The SQUARE process places security goals near the beginning of the process. The security goals are of the following: Authentication: It addresses the question, Who are You? It uniquely identifies the end users of an application and services. Authorization: It addresses the question, What can you do? It is the process that governs the resources and operations to the authenticated clients and permitted to access. Auditing: Effective auditing and logging leads to non-repudiation. It guarantees that user cannot deny performing an operation or initiating a transaction. Confidentiality: Also referred as privacy, is the process of making sure that data remains private and confidential. Integrity: it is a guarantee that data is protected from modifications, particularly data passed across networks. Availability: The application is available for legitimate users. C. Develop Artifacts: Architectural diagrams, use cases, misuse cases, security use cases, attack trees and services and also essential assets will be documented in this step. The various stakeholder with requirements engineering team can generate a comprehensive set of security requirements, the team must collect a complete set of artifacts of the system. In order to develop artifacts this paper proposes a modeling technique with the combination of misuse case and security use case[8]. While Misuse case are used to explore and document security threats, the security use cases are used to specify and analyze security requirements. 3753

4) The system shall have recorded the access control failure. Figure 3 : MisUse case & SecurityUsecase For instance an attack scenario using security use case example on Authentication is documented in the following way: Use Case Path: Attempted spoofing using valid user identity. Security Threat: The system authenticates and authorizes the misuser as if the misuser were a valid user. Preconditions: 1) The misuser has a valid means of user identification. 2) The misuser has an invalid means of user authentication. Interactions: 1) System Interaction: the system shall request the misuser's means of identification and authentication. 2) Misuser's Interaction: provides a valid use of user identity but an invalid means of user authentication. 3) System Action: 1) The system shall misidentify the misuser as a valid user. 2)System shall fail to authenticate the misuser's. 4) Misuser's Interaction: The system shall reject the misuser by canceling the transaction. Postconditions: 1)The system shall not have allowed the misuser to steal the user s means of authentication 2) The system shall not have authenticated the misuser as a valid user. 3) The system shall not have authorized the misuser to perform any transaction that requires authentication. D. Perform Risk Assessment: In SaaS model the control over the data is delegated to SaaS provider and the interactions happen on the web. To measure the security of a SaaS application first step is to identify or assess the application vulnerability categories which represent the areas where security mistakes are most frequently made and are used as a framework when evaluating the security of a SaaS application. The SaaS application vulnerabilities categories as given by CSA[4] are as follows: Data Breach Data Loss Account hijacking Insecure application interfaces Denial of Service Malicious Insiders abuse and nefarious use Insufficient due diligence shared technology issues The purpose of this step in the SQUARE process is to identify the vulnerabilities and threats that face the system, the likelihood that the threats will materialize as real attacks, and any potential consequences of an attack. The risk assessment also serves to prioritize the security requirements at a later stage in the process. The best way to avoid such disasters is to establish an ongoing security risk management process that begins with quantifying the value of SaaS applications, as well as the data they manage, through a complete security risk assessment. There are several risk assessment techniques to get rid of different types of risks. For example, the various risk management techniques that were field tested were selected after a review was completed. This review examined the usefulness and applicability of various risk assessment techniques: 1) The Government Accountability Office s (GAO) model 3754

2) National Institute of Standards and Technology (NIST) model 3) NSA s INFOSEC Assessment Methodology 4) Butler s Security Attribute Evaluation Method (SAEM) 5) CMU s V-RATE method 6) Yacov Haimes s RFRM model 7) CMU s Survivable Systems Analysis method 8) Martin Feather s DDP model E. Elicitation Technique The requirements engineering team must select an elicitation technique that is suitable for the system. The various techniques are as follows [1]: 1) IBIS (Issue Based Information Systems) 2) JAD (Joint application development) 3) ARM (Accelerated Requirements Methodology). F. Elicit Security Requirements This step is the heart of the SQUARE process: the elicitation of security requirements. The process of discovering the requirements for a system by communication with customers, system users and others who have a stake in the system development. In this technique, a correct focus question is presented to an expert who identifies security requirements, and the requirements are collected, categorized and refined. G. Categorize Requirements Categorization is the process which allows the requirements engineer and stakeholders to classify the requirements as High, Medium or Low. Here in this paper another type of dimension is added i.e., counter measure which is an action, process, device or system that can prevent or mitigate the effects of threats to a SaaS application. Different types of counter measures for authentication, authorization, session management, input validation, logging, cryptography, error handling will be taken into consideration. H. Prioritize Requirements Thus, the purpose of this step in the SQUARE process is to prioritize the security requirements so that the stakeholders can choose which security requirements to implement and in what order. Security requirements are often implemented in stages, and prioritization can help to determine which ones should be implemented first. A number of prioritization methods have been found to be useful in traditional requirements engineering and could potentially be used for security requirements. Some of the techniques are AHP (Analytical hierarchy process), Triage, Theory-W, Binary Search Tree. I. Requirements Inspection The last step of the SQUARE process, requirements inspection, is one of the most important elements in creating a set of accurate and verifiable security requirements. Based on the security recommendations from regulatory bodies like CSA, NIST, ENISA, Common Criteria. The Framework can be conceptualized for SaaS security evaluation. A consolidate report should be published to the SaaS provider and security recommendations should be provided. III. CONCLUSION Most of the Cloud services are rendered through its SaaS model and is accompanied by a permanent revolution in the services launched on the market by vendors. In this context particular attention is driven by the security functions which are offered by cloud SaaS applications. The cloud security taxonomy provides a clearly structured framework of the security areas that should be considered when using cloud services. Security technologies are not yet adequate to achieve the protection goals in Cloud SaaS applications. By using Security Quality Requirements Engineering (SQUARE) process the quality and appropriateness of the security requirements should rise and the system should be more likely to be designed from the beginning to properly support security requirements in addition to the functional and non functional requirements and security requirements must take into account at each phase of development cycle. There are continuous 3755

work to improve the methodology in support of SaaS applications in steps used for eliciting and prioritizing the security requirements in cloud. REFERENCES [1] N. R. Mead, E. Hough, and T. Stehney, Security Quality Requirements Engineering (SQUARE) Methodology, Software Engineering Institute, Carnegie Mellon Univ., Pittsburgh, PA, Tech. Rep. CMU/SEI-2005-TR-009,2005. http://www.sei.cmu.edu/publications/documents/05.reports/05tr00 9.html [2] NIST Cloud Computing Standards Roadmap Version 1.0 - Michael Hogan, Fang Liu, Annie Sokol, Jin Tong [3] OWASP open web application security project http://www.owasp.org/index.php title=special:search&search=security+ requirements&go=go. [4] Cloud Security Alliance document, Security Guidance for Critical Areas of Focus in Cloud Computing, [5] Mead, N. R.; Chen, P.; Dean, M.; Ojoko-Adams, D.; Osman, H.; Lopez, L.; & Xie, N. System Quality Requirements Engineering (SQUARE) Methodology: Case Study on Asset Management System (CMU/SEI-2004-SR-015, ADA431068). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2004. http://www.sei.cmu.edu/publications/documents/04.reports /04sr015.html. [6] Cloud,Grid, High performance Computing: Emerging Applications - Emmanuel Udoh [7] OPROF Open Process Framework [8] Misuse/Use cases and Security use Cases in Eliciting Security Requirements - Qian Gao E.PRAGNAVI, received B. Tech in Electronics &Computer science Engineering from JNTU, Hyderabad, India, holds M.Tech in Computer Science from JNTU, Hyderabad, India, She has 5 years of academic experience in Computer Science and Engineering. J.SANDEEP KUMAR,, received B. Tech in Computer Science & Engineering from JNTU, Hyderabad, India, hold M.S in Software Engineering from BITS Pilani University, Rajasthan, India. He has 10 years of experience in IT. 3756

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information