Adversary Modelling

Abstract

NORSK: I beslutningsprosesser som omhandler informasjonssikkerhet gjøres det alltid antagelser med tanke på fienden eller fiendene et system er utsatt for, altså fiendemodellen systemet må operere under. Ofte er informasjon angående fiendemodeller vanskelig å finne. Denne oppgaven tar for seg å utvikle et rammeverk for lettere å kunne samle slik informasjon. Rammeverket som foreslås vil være verdifullt i situasjoner hvor man ønsker på en rask og enkel måte å få oversikt over de antagelser som er gjort med tanke på fienden, for eksempel når man vurderer innkjøp av bedriftskritiske systemer. Man kan også lettere identifisere åpenbare mangler i fiendemodellen til systemet under vurdering. Videre vil det presenterte rammeverket være til hjelp i systemutviklingsprosjekter som et hjelpemiddel for å tidlig fastslå hva slags fiender et system vil være utsatt for. Man kan da gjøre disse antagelsene på et tidlig tidspunkt, og være bevisst når det gjelder å dokumentere disse.

ENGELSK: Security measures are countermeasures against some sort of adversary, or adversaries, and as such are based on sets of assumptions made with regards to the adversary or adversaries by a system's designers. However, often the assumptions designers of said countermeasures have introduced are hard to ascertain. Often, such information is scattered around in white papers and implementation notes, or even only implicitly stated or not at all. This thesis introduces a novel framework for use in such situations where one requires. in a quick and efficient manner.to get an overview over which assumptions the designers of a system have made with regards to its adversaries. This may be invaluable to customers who wish to ascertain whether or not the adversaries protected against are sufficient in the actual operating scenario of the system. The framework can also be used to help in the early design process of systems as a tool alongside such methodologies as threat modelling, as it easily highlights possible attack vectors. The framework can be used to simplify the work of documenting and clarifying assumptions prior to and during security effectiveness analysis, and it is shown to work well on several different cases. The framework can also be used to help in the early design process of systems as a tool alongside such methodologies as threat modelling, as it easily highlights possible attack vectors. The framework can be used to simplify the work of documenting and clarifying assumptions prior to and during security effectiveness analysis, and it is shown to work well on several different cases.