IntroductionAt the present time, researches pay serious attention to the security analysis of incompatible computer systems. This is mainly due to the systems owners need an effective instrument to assess the security level of information protection. Usually, to solve this task the set of attack actions, which can be realized by malefactor, includes just software technical attacks that use known hardware and software vulnerabilities. This restriction is unjustified due to the fact that successful realization of social-engineering attacks makes possible software-technical attacks and usually leads to the greater damage in comparison with software-technical attacks. The approach to computer systems security analysis, suggested in this paper, extends the approach to network security analysis offered. Main extensions consist in the introduction of conceptions, models and frameworks related to social-engineering attacks.
Particularly, analyzed computer system models were supplemented with specification of legitimate users, control areas, etc. The models of attack actions and malefactors were expanded with social-engineering attacks and attacks that require physical access to control areas. This approach can be used for comprehensive computer system security analysis taking into account various social-engineering and software-technical attacks. It may be implemented on various stages of computer system life cycle including design and exploitation stages. This approach allows not only knowing about vulnerabilities of computer system components, but also to understand their interdependence in the scale of computer system as a whole and influence on the integrated level of security.
Security Analysis ModelsA. Computer System Model Expansion
The principles for representation of network configuration (topology, used software and hardware), which base elements are network devices (workstations, servers, firewalls, etc), are suggested. The main weakness of these works is the absence (in the network configuration) of legitimate users who use the network equipment and may become the targets of social-engineering attacks. In this paper, we suggest expanding the network models presented above by the addition of the following object classes: control area; legitimate user; group of the legitimate users; information object.
Control area is a space (territory, building, part of the building) where uncontrolled stay of organization employees, visitors and network equipment is prohibited. Control areas can be inserted one into another. Legitimate users are employees who have authorized access to specified control areas, computing platforms and information objects. They are identified for access control purposes by unique identifiers and authenticated by passwords or certificates. Information needs of legitimate users are to get access to a required information object, i.e. to a computing platform located inside a defined control area. Main attributes of legitimate users are as follows:
General attributes - name, description.
User rights on physical access into control areas (they are set for every control area): no access (by default) or access exists;
User rights on access to computing platforms (they are determined for every computing platform): no access (by default), remote user, local user or administrator (root);
Criticality level (high, medium, low).
Whether the user is a malefactor or his accomplice (may be changed in the process of security analysis).
Set of characteristics used to compute a user vulnerability level to social-engineering attacks. For example, it may be an access to the network resources ...