| Name | Web-Based Retail Provider
|
| ID | retail-www
|
| Maturity | under-development
|
| Domain | ecomm
|
| Desc | Internet-facing, E-commerce provider of retail goods or services. Data-centric -
Database containing PII, credit card numbers, and inventory.
|
| Archetypes | Database, Web browser, Web server, General-purpose OS |
| Business Value Context (BVC) | Confidentiality essential from a financial PII perspective, identity PII usually
less important. PCI compliance a factor.
Security incidents might have organizational impacts including financial loss,
legal liability, compliance/regulatory concerns, and reputation/brand damage.
|
| Notes |
|
| References | No references recorded.
|
| Impact | Layer | Subscore | Notes
| | Modify data | System | 9 | Deface web pages; install malware through web pages; modify system
configuration. Cause DoS (crash) or corrupt data; in some cases, execute
arbitrary code.
|
| Modify data | Application | 9 | Modify or delete customer order status and pricing, contact information,
inventory tracking, customer credit card numbers, cryptographic keys and
passwords (plaintext and encrypted).
|
| Modify data | Network | |
|
| Modify data | Enterprise | |
|
| Read data | System | 7 | Read system/application configuration.
|
| Read data | Application | 7 | Read customer credit card numbers, customer credit card numbers, order
status, cryptographic keys and passwords (plaintext and unencrypted).
|
| Read data | Network | |
|
| Read data | Enterprise | |
|
| DoS: unreliable execution | System | |
|
| DoS: unreliable execution | Application | 4 | Customers cannot reach site or experience delays in reaching site; delays
in order placement and resulting financial loss.
|
| DoS: unreliable execution | Network | |
|
| DoS: unreliable execution | Enterprise | |
|
| DoS: resource consumption | System | |
|
| DoS: resource consumption | Application | |
|
| DoS: resource consumption | Network | |
|
| DoS: resource consumption | Enterprise | |
|
| Execute unauthorized code or commands | System | 10 | Read or modify customer credit card numbers, contact information, order
status and pricing, inventory tracking, cryptographic keys and passwords
(plaintext and encrypted). Cause denial of service. Modify web site to
deface or install malware to deliver to customers; uninstall critical
software.
|
| Execute unauthorized code or commands | Application | 10 | Read or modify customer credit card numbers, contact information, order
status and pricing, inventory tracking, cryptographic keys and passwords
(plaintext and encrypted). Cause denial of service. Modify web site to
deface or install malware to deliver to customers; uninstall critical
software.
|
| Execute unauthorized code or commands | Network | |
|
| Execute unauthorized code or commands | Enterprise | |
|
| Gain privileges / assume identity | System | 9 | Attacker can perform administrative functions as the system admin or other
system user that the attacker does not have direct access to.
|
| Gain privileges / assume identity | Application | 9 | Attacker can perform administrative functions as the application admin, or
gain privileges as other users.
|
| Gain privileges / assume identity | Network | |
|
| Gain privileges / assume identity | Enterprise | |
|
| Bypass protection mechanism | Application | 7 | Avoid detection of attacks; possibly steal data; pose as others.
|
| Bypass protection mechanism | System | 7 | Avoid detection of attacks; possibly steal data; pose as others.
|
| Bypass protection mechanism | Network | 7 | Bypass firewalls that may be protecting private systems from direct
Internet access. Monitor private network traffic.
|
| Bypass protection mechanism | Enterprise | 7 | Compromise security/networking devices to perform MitM attacks, monitor
network traffic.
|
| Hide activities | System | 3 | Inability to identify source of attack; cannot obtain sufficient evidence
for criminal prosecution.
|
| Hide activities | Application | 3 | Inability to identify source of attack; cannot obtain sufficient evidence
for criminal prosecution.
|
| Hide activities | Network | 3 | Inability to identify source of attack; cannot obtain sufficient evidence
for criminal prosecution.
|
| Hide activities | Enterprise | 3 | Inability to identify source of attack; cannot obtain sufficient evidence
for criminal prosecution.
|
