How to identify and assess architectural risks?


Warning: count(): Parameter must be an array or an object that implements Countable in /home/styllloz/public_html/qa-theme/donut-theme/qa-donut-layer.php on line 274
0 like 0 dislike
19 views
There is one simple task: to exchange information.

To solve this problem in three ways:
  1. through the website on which this data is to place;
  2. through the website on which these markers to place and subscribe to these data, which they mine;
  3. through the blockchain, where we automatically subscribe the my.

Each of the decision without a choice of means of protection without understanding what kind of application software used, has risks, which are generally not as dependent on what OS you have on the user's computer or server, which the DBMS is installed - that is, those risks that are not tied to method implementation of this architecture, and those risks which are dictated by the architecture of the solution.

We will call these risks for the sake of simplicity architectural. So, for each method, for each architecture decision can be assessed these risks and, in consequence, to estimate the total risk using generally podobnogo decision as a whole: its architecture.

Lead is an example of a similar problem, but more simple: I want to compare the risks of using the two types of bikes, three-wheeled and two-wheeled. Architecture, bikes are different, but solve one task - to carry me from point a to point B. Accordingly, there are risks that are not generally dependent what is the rubber I have on the bike, and depend for example from the fact that in the first architecture you have three wheels, and the second two.
Then immediately it is possible to allocate the risk common to these two solutions: the risk of falling from the bike.
In the case of the first architecture, where the 3 wheels, the risk will be less, such as 0.1.
In the case of the second architecture where 2 wheels will risk more, for example 0,9.


Accordingly, it is possible to identify common architectural risks for these solutions and compare them within these risks. If you go back from bikes, to data sharing, I don't want to see the details of the system:
  1. what I have DBMS is on the server, what are her vulnerabilities;
  2. what I do is have OS have polzovatelya what her vulnerability;
  3. the fact that the BIOS firmware can be tampered with by the Chinese and then the database trouble;
  4. and other stuff.

But consider the risks of the architecture:
  • the first architectural decision is the risk that we will not prove that the data belong to you, and in the second and third decisions, the risk is small - it architecture solved through the blockchain, or the attraction of the digital signature;
  • the first and the second solution has the risk that data will be tampered by the attacker, their architecture allows you to do this, but the blockchain does not allow;
  • etc.


How to allocate and assess such architectural risks? There is some technique examples?
by | 19 views

1 Answer

0 like 0 dislike
There is a common technique in IB , it's called Risk Management. What you want to do can be calculated using the techniques of this technique. Say this is Risk management at the stage proektirovaniya TK to some info. system.

Look at :
Risk Management Framework NIST SP800-37
Risk assessment method Quantitative vs Qualitative
Development Threat Analysis ie on the basis of known threats, for example if data transmission over an open channel, then the maximum threat is the interception and traffic analysis for the twentieth time.
Asset Classification - the Architect of course was not aware of the importance\\of the cost data which the IP will operate. but he knows, for example, if the encryption Key (it asset) - it is the # 1 resource you want to protect. so you need to spend more time developing TOR for its protection bits, storage and transmission.

MTD metric for example you can take - how much is your IP Spalona to function upon loss of communication channel \\ server \\ DB failure? In case of compromise of the Encryption Key - how much time you have before they can get ?
ARO - it can be the average of the last cases of Hacking / Intrusion, which show the frequency of production of certain types of vulnerabilities. For example, if you are going to use the OpenSSL library - for its history, it has found many different types the severity of the vulnerability
\rhttps://www.openssl.org/news/vulnerabilities.html
it's about 2 a year (heavy average). You can safely lay in its formula in TK this option :)
ALE = SLE X ARO
This damage will cause your IP is a legitimate vulnerabilities in OpenSSL = SLE * 0.5
Further, SLE is what you should do to close the gap ? (one-time cost of exit from the specific situation of vulnerable IS when your will IS in operation) - Update OpenSSL . And the Installed copy of your IP is ready to survive a major upgrade of OpenSSL ?? As an architect rate from 0 to 10 this willingness on the possible issues\\costs\\dependencies in your encryption protocols.

Accordingly, if your "architectural" SLE is closer to 10 then ALE will be great and you can already at the stage of design engineering to predict the costs of operating your system with OpenSSL, you need to upgrade twice a year.

And so Dale..
And Yes you are right myslish that the Risk should be calculated in the form of numbers.
by
110,608 questions
257,187 answers
0 comments
40,796 users