Direct SA1 Links
Etics Portal - Etics Web - EticsAgendas - ETICS 2 SA1 Savannah - SA1Actions (in Savannah) , SA1 Internal


ETICS Risk Assessment

Short Description of the Task

This task consists in the identification of threats, impacts and risks of the ETICS software, services, infrastructure and organization.

Useful Links

Links to document, attach material needed, external resources, example, etc.

Threats

Software / Services

CLI Client
  • Certificate Agent: Other processes could use the certificate through the agent without password
  • T2

BS Webservice

  • Certificates: Cross Site Request Forging (XSRF) via HTTPS URLS
  • Authentication: some methods do not check privileges.
  • Denial of Service: Single server used
  • Replace configuration data with malicious code to produce packages

Repository Webservice

  • Certificates: Cross Site Request Forging (XSRF) via HTTPS URLS
  • Denial of Service: Single server used
  • Replace packages in AFS with malicious ones and get imported in Repo WS

Portal

  • GWT XSS: setInnerHTML content parsing
  • GWT XSS: JSNI Usage
  • GWT XSS: JSON API String parsing
  • GWT XSS: Not GWT Javascript on the same server

Welcome Portlet

  • GWT XSS: setInnerHTML content parsing
  • GWT XSS: JSNI Usage
  • GWT XSS: JSON API String parsing
  • GWT XSS: Not GWT Javascript on the same server

Submissions Portlet

  • GWT XSS: setInnerHTML content parsing
  • GWT XSS: JSNI Usage
  • GWT XSS: JSON API String parsing
  • GWT XSS: Not GWT Javascript on the same server

Configuration Web Application

  • JavaScript: Cross Site Scripting (XSS)
  • JavaScript: Cross Site Request Forging (XSRF)
  • Certificates: Cross Site Request Forging (XSRF) via HTTPS URLS
  • Replace configuration data with malicious code to produce packages

Repository Portlet

  • GWT XSS: setInnerHTML content parsing
  • GWT XSS: JSNI Usage
  • GWT XSS: JSON API String parsing
  • GWT XSS: Not GWT Javascript on the same server

Administration Web Application

  • Certificates: Cross Site Request Forging (XSRF) via HTTPS URLS
  • Granting permission to non authorized users
  • Register a fake user through registration page

Requests Portlet

  • GWT XSS: setInnerHTML content parsing
  • GWT XSS: JSNI Usage
  • GWT XSS: JSON API String parsing
  • GWT XSS: Not GWT Javascript on the same server
  • Get a malicious package registered in the repository giving a malicious binaries URL

NMI Scripts

  • Replaced at file system level to add malicious code

Plugins

  • If replaced with malicious ones in AFS, they could change the code during the build

Disseminator

  • Used to do a denial of service to the repository (heavy queries)
  • T2

Submitters

  • Malicious submitter gets in the pool
  • T2

Infrastructure

Server Security

  • Software updates have not been applied
  • Access to physical hardware in the computer center. Access control
  • Network problem
  • Hardware breakdown

WN Security

  • A job in a WN could affect another one injecting malicious code
  • T2

Databases

  • Software updates have not been applied
  • Database read/write through file system access in the server
  • Database Password available in configuration files in the same server
  • Backups with DB info/schema available publicly

Web Servers

  • Software updates have not been applied

Network

  • DNS replace at CERN to point to different resources

Condor / Metronome

  • Software updates have not been applied
  • Malicious joining of a WN in the pool

Test/Dev Environment

  • CVS code injections of malicious code
  • T2

Certificates

  • Stolen credentials
  • Proxy certificates with a new DN matching a user ??

Organization / Social

Developer PCs
  • Stolen certificates/password
  • Using the browser to have sysadmin access to the system

Passwords

  • weak passwords
  • passwords in AFS or publicly available
  • Old members of the project still have root accesses/sysadmin permissions

Human / Physical

  • Alberto sosia smile

Plans, Dates and Status

To Do

  • Each responsible identifies possible threats

Meeting 14.7.2009

Risk Assessment Theory

Threat Impact Likelihood Risk Mitigation Remaining Risk
T1 1 4 4 / /
T2 4 3 12 Actions /
T3 4 1 4 Actions Risk
T4 2 1 2 / Risk

  • Threat: description of the threat
  • Impact: (1 to 4) Importance of the threat according to it is potential damage
  • Likelihood: (1 to 4) Probability of the threat to happen
  • Risk = Impact * Likelihood
  • Mitigation: brief description of the actions to do to solve/mitigate the threat
  • Remaining Risk: brief description of the risk after the threat has been mitigated

-- LorenzoDini - 14 Jul 2009

Edit | Attach | Watch | Print version | History: r4 < r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r4 - 2009-07-27 - LorenzoDini
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    ETICS All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback