This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Architecture and design principles"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
The following is a merge of ENISA, OWASP and Veracode top 10. Note that there is a mixture of threats and vulnerabilities here - we should decide whether to use risks (threats with impact on assets which occur with probability) and vulnerabilities (system flaws which increase the probability of a threat occurring). I have cut those risks/vulnerabilities which cannot be addressed in any way by developers.  We should decide whether to include recommendations in the style of "code of practice"- e.g. activity monitoring should only be used in circumstances xyz...
 
The following is a merge of ENISA, OWASP and Veracode top 10. Note that there is a mixture of threats and vulnerabilities here - we should decide whether to use risks (threats with impact on assets which occur with probability) and vulnerabilities (system flaws which increase the probability of a threat occurring). I have cut those risks/vulnerabilities which cannot be addressed in any way by developers.  We should decide whether to include recommendations in the style of "code of practice"- e.g. activity monitoring should only be used in circumstances xyz...
  
==ENISA top 10==
+
==Top Risks/Vulnerabilities==
# Data leakage resulting from device loss or theft: The smartphone is stolen or lost and its memory or removable media are unprotected, allowing an attacker access to the data stored on it.
+
 
 +
# Unsafe sensitive data storage
 
# Unintentional disclosure of data: The smartphone user unintentionally discloses data on the smartphone.
 
# Unintentional disclosure of data: The smartphone user unintentionally discloses data on the smartphone.
 
# Attacks on decommissioned smartphones: The smartphone is decommissioned improperly allowing an attacker access to the data on the device.
 
# Attacks on decommissioned smartphones: The smartphone is decommissioned improperly allowing an attacker access to the data on the device.
Line 12: Line 13:
 
# Financial malware attacks The smartphone is infected with malware specifically designed for stealing credit card numbers, online banking credentials or subverting online banking or ecommerce transactions.
 
# Financial malware attacks The smartphone is infected with malware specifically designed for stealing credit card numbers, online banking credentials or subverting online banking or ecommerce transactions.
 
# Network congestion Network resource overload due to smartphone usage leading to network unavailability for the end-user.
 
# Network congestion Network resource overload due to smartphone usage leading to network unavailability for the end-user.
 
==Veracode top 10==
 
# Activity monitoring and data retrieval
 
# Unauthorized dialing, SMS, and payments
 
 
# Unauthorized network connectivity (exfiltration or command & control)
 
# Unauthorized network connectivity (exfiltration or command & control)
 
# UI Impersonation
 
# UI Impersonation
 
# System modification (rootkit, APN proxy config)
 
# System modification (rootkit, APN proxy config)
# Logic or Time bomb
+
# Logic or Time bomb (including runtime interpreter)
 
 
The category of Vulnerabilities are errors in design or implementation that expose the mobile device data to interception and retrieval by attackers. Vulnerabilities can also expose the mobile device or the cloud applications used from the device to unauthorized access.
 
 
 
B. Vulnerabilities
 
 
 
# Sensitive data leakage (inadvertent or side channel)
 
# Unsafe sensitive data storage
 
 
# Unsafe sensitive data transmission
 
# Unsafe sensitive data transmission
 
# Hardcoded password/keys
 
# Hardcoded password/keys
 
 
== OWASP Top 10 Mobile Risks ==
 
 
# Insecure or unnecessary client-side data storage
 
 
# Lack of data protection in transit
 
# Lack of data protection in transit
# Personal data leakage
 
 
# Client-side injection
 
# Client-side injection
 
# Client-side DOS
 
# Client-side DOS
 
# Malicious third-party code
 
# Malicious third-party code
 
# Client-side buffer overflow
 
# Client-side buffer overflow
 
=== Additional Considerations ===
 
 
 
# Failure to properly handle inbound SMS messages
 
# Failure to properly handle inbound SMS messages
 
# Failure to properly handle outbound SMS messages
 
# Failure to properly handle outbound SMS messages
# Malicious / Fake applications from appstore
 
# Ability of one application to view data or communicate with other applications
 
# Switching networks during a transaction
 
# Failure to Protect Sensitive Data at rest
 
 
# Failure to disable insecure platform features in application (caching of keystrokes, screen data)
 
# Failure to disable insecure platform features in application (caching of keystrokes, screen data)

Revision as of 12:15, 10 May 2011

The following is a merge of ENISA, OWASP and Veracode top 10. Note that there is a mixture of threats and vulnerabilities here - we should decide whether to use risks (threats with impact on assets which occur with probability) and vulnerabilities (system flaws which increase the probability of a threat occurring). I have cut those risks/vulnerabilities which cannot be addressed in any way by developers. We should decide whether to include recommendations in the style of "code of practice"- e.g. activity monitoring should only be used in circumstances xyz...

Top Risks/Vulnerabilities

  1. Unsafe sensitive data storage
  2. Unintentional disclosure of data: The smartphone user unintentionally discloses data on the smartphone.
  3. Attacks on decommissioned smartphones: The smartphone is decommissioned improperly allowing an attacker access to the data on the device.
  4. Phishing attacks: An attacker collects user credentials (such as passwords and credit card numbers) by means of fake apps or (SMS, email) messages that seem genuine.
  5. Spyware: Spyware covers untargeted collection of personal information as opposed to targeted surveillance.
  6. Network Spoofing Attacks: An attacker deploys a rogue network access point (WiFi or GSM) and users connect to it. The attacker subsequently intercepts (or tampers with) the user communication to carry out further attacks such as phishing.
  7. Surveillance attacks: An attacker keeps a specific user under surveillance through the target user’s smartphone.
  8. Diallerware attacks: An attacker steals money from the user by means of malware that makes hidden use of premium SMS services or numbers.
  9. Financial malware attacks The smartphone is infected with malware specifically designed for stealing credit card numbers, online banking credentials or subverting online banking or ecommerce transactions.
  10. Network congestion Network resource overload due to smartphone usage leading to network unavailability for the end-user.
  11. Unauthorized network connectivity (exfiltration or command & control)
  12. UI Impersonation
  13. System modification (rootkit, APN proxy config)
  14. Logic or Time bomb (including runtime interpreter)
  15. Unsafe sensitive data transmission
  16. Hardcoded password/keys
  17. Lack of data protection in transit
  18. Client-side injection
  19. Client-side DOS
  20. Malicious third-party code
  21. Client-side buffer overflow
  22. Failure to properly handle inbound SMS messages
  23. Failure to properly handle outbound SMS messages
  24. Failure to disable insecure platform features in application (caching of keystrokes, screen data)
Retrieved from "https://wiki.owasp.org/index.php?title=Architecture_and_design_principles&oldid=110161"