Difference between revisions of "Threat Model"
Mattsenate (talk | contribs) |
Mattsenate (talk | contribs) (fixes quotes and adds model samples, link to honeypot) |
||
Line 18: | Line 18: | ||
<blockquote> | <blockquote> | ||
'As defined in Newman's book Design Guidelines for Creating Defensible Space, defensible space is "a residential environment whose physical characteristics—building layout and site plan—function to allow inhabitants themselves to become key agents in ensuring their security." He goes on to explain that a housing development is only defensible if residents intend to adopt this role, which is defined by good design: "Defensible space therefore is a sociophysical phenomenon," says Newman. Both society and physical elements are parts of a successful defensible space.' | |||
</blockquote> | </blockquote> | ||
Line 31: | Line 31: | ||
===Tools, Concepts=== | ===Tools, Concepts=== | ||
* Honeypot | * [https://en.wikipedia.org/wiki/Honeypot_(computing) Honeypot] | ||
==Models== | ==Models== | ||
===General building access=== | |||
A threat model for the Omni Collective building usage, generally, as an asset. (Use an asset-focused model?) | |||
===Sleepers=== | |||
A threat model for people who need a place to sleep and will try to (Use both attacker-focused and system-focused models?) |
Revision as of 20:46, 28 April 2014
In order to benefit from creative thinking inspired by the security community and hacker culture, it can be useful to apply knowledge gained from the study of security for both physical and information systems to the Omni Collective's assets, services, member-groups, and their larger social/physical contexts.
Namely, a Threat Model:
"... is based on the notion that any system or organization has assets of value worth protecting, these assets have certain vulnerabilities, internal or external threats exploit these vulnerabilities in order to cause damage to the assets, and appropriate security countermeasures exist that mitigate the threats."
One may want to use "compromise" assets instead of "damage" to be more clear, but ultimately the compromise depends entirely on what exactly the assets are anyhow. This implies that the idea of a threat model in the abstract is not too useful, but that assessing security methodologically with concrete/real facts and situations to create thread models is a good way to be aware of vulnerabilities and implement countermeasures where appropriate.
For the Omni Collective, note that rather than emphasizing physical security, instead, we can accept the affordances and limitations of design generally by approaching security through the wider field of Environmental Design, namely:
"the applied arts and sciences dealing with creating the human-designed environment ... [including] architecture, geography, urban planning, landscape architecture, and interior design."
Consider, for instance, Oscar Newman's theory of Defensible space:
'As defined in Newman's book Design Guidelines for Creating Defensible Space, defensible space is "a residential environment whose physical characteristics—building layout and site plan—function to allow inhabitants themselves to become key agents in ensuring their security." He goes on to explain that a housing development is only defensible if residents intend to adopt this role, which is defined by good design: "Defensible space therefore is a sociophysical phenomenon," says Newman. Both society and physical elements are parts of a successful defensible space.'
Resources
Guides, Documents, References
- Open Source Security Testing Methodology Manual (OSSTMM) http://www.isecom.org/mirror/OSSTMM.3.pdf
- https://www.owasp.org/index.php/OWASP_Security_Principles_Project
- https://www.owasp.org/index.php/Category:Principle
- https://www.owasp.org/index.php/Cheat_Sheets
- https://www.owasp.org/index.php/Threat_Modeling_Cheat_Sheet
Tools, Concepts
Models
General building access
A threat model for the Omni Collective building usage, generally, as an asset. (Use an asset-focused model?)
Sleepers
A threat model for people who need a place to sleep and will try to (Use both attacker-focused and system-focused models?)