In order to protect information, a solid, comprehensive application security framework is needed for analysis and improvement. This application security framework should be able to list and cover all aspects of security at a basic level. It should incorporate the following six parts:
- Security elements that need to be preserved: availability, utility, integrity, authenticity, confidentiality, nonrepudiation
- Sources of loss of these elements: abuse, misuse, accidental occurrence, natural forces
- Acts that cause loss: use of false data, disclosure, interference with use, copying, misuse or failure to use
- Safeguard functionality used to protect from these acts: audit, avoidance, detection, prevention, recovery, mitigation, investigation
- Methods of safeguard functionality selection: diligence, comply with regulations and standards, meet needs
- Objectives to be achieved by the application security framework: avoid negligence, protect privacy, minimize impact on performance
The six essential security elements
In the proposed framework, six security elements are considered essential for the security of information. If one of these six elements is omitted, information security is deficient and protection of information will be at risk.
Looking at the definition, availability (considering computer systems), is referring to the ability to access information or resources in a specified location and in the correct format. When a system is regularly not functioning, information and data availability is compromised and it will affect the users. Besides functionality, another factor that effects availability is time. If a computer system cannot deliver information efficiently, then availability is compromised again. Data availability can be ensured by storage, which can be local or offsite.
Considering the definition, utility refers to something that is useful or designed for use. Normally, utility is not considered a pillar in information security, but consider the following scenario: you encrypt the only copy of valuable information and then accidentally delete the encryption key. The information in this scenario is available, but in a form that is not useful. To preserve utility of information, you should require mandatory backup copies of all critical information and should control the use of protective mechanisms such as cryptography. Test managers should require security walk-through tests during application development to limit unusable forms of information.
In the context of computer systems, integrity refers to methods of ensuring that the data is real, accurate and guarded from unauthorized user modification. Data integrity is a major information security component because users must be able to trust information. Untrusted data compromises integrity. Stored data must remain unchanged within a computer system, as well as during transport. It is important to implement data integrity verification mechanisms such as checksums and data comparison.
Regarding computer systems, authenticity or authentication refers to a process that ensures and confirms the user’s identity. The process begins when the user tries to access data or information. The user must prove access rights and identity. Commonly, usernames and passwords are used for this process. However, this type of authentication can be circumvented by hackers. A better form of authentication is biometrics, because it depends on the user’s presence and biological features (retina or fingerprints). The PKI (Public Key Infrastructure) authentication method uses digital certificates to prove a user’s identity. Other authentication tools can be key cards or USB tokens. The greatest authentication threat occurs with unsecured emails that seem legitimate.
Defining confidentiality in terms of computer systems means allowing authorized users to access sensitive and protected information. Sensitive information and data should be disclosed to authorized users only. Confidentiality can be enforced by using a classification system. The user must obtain certain clearance level to access specific data or information. Confidentiality can be ensured by using role-based security methods to ensure user or viewer authorization (data access levels may be assigned to a specific department) or access controls that ensure user actions remain within their roles (for example, define user to read but not write data).
Nonrepudiation refers to a method of guaranteeing message transmission between parties using digital signature and/or encryption. Proof of authentic data and data origination can be obtained by using a data hash. While the method is not 100 percent effective (phishing and Man-in-the-Middle attacks can compromise data integrity), nonrepudiation can be achieved by using digital signatures to prove the delivery and receipt of messages.
Each of the six elements can be violated independently of the others. The elements are unique and independent and often require different security controls. Maintaining availability of information does not necessarily maintain its utility: information may be available, but useless for its intended purpose. In order to identify threats, we can pair the six elements into three pairs, which can be used to identify threats and select proper controls:
availability and utility → usability and usefulness
integrity and authenticity → completeness and validity
confidentiality and nonrepudiation → secrecy and control
Availability and utility are necessary for integrity and authenticity to have value, and these four are necessary for confidentiality and nonrepudiation to have meaning.