Posted by Synopsys Editorial Team on December 7, 2015
Misuse and abuse cases describe how users misuse or exploit the weaknesses of controls in software features to attack an application. This can lead to tangible business impact when a direct attack against business functionalities, which may bring in revenue or provide positive user experience, are attacked. Abuse cases can also be an effective way to drive security requirements that lead to proper protection of these critical business use cases.
When exploring the use of misuse and abuse cases, the seven touchpoints for software security are a great place to start understanding the foundation for the instances which we’ll discuss in this post. Below, we’ll delve into three cases of how to use abuse cases effectively to improve the security of an application’s business features.
An online retailer plans to support an anonymous checkout and payment system whereby an anonymous user can enter a shipping address and payment details, place the order, and expect delivery without the customer needing to register an account.
In the design, when an item is added to the shopping cart, stock is reserved for that item. So if there were a total of 500 pairs of pants available, and someone adds a pair to their cart, there are now 499 pairs of pants available for other customers.
Reserving stock when a user adds items to their cart provides convenience to the user, at the risk of forfeiting buying opportunities for other users. The following security controls can be considered to mitigate the risk:
Attackers can take advantage of the anonymity of the shopping cart to perform an attack on the system by repeatedly starting the browser, creating a new cart, and reserving a large quantity of items. The monitor and release control explained above can help. Heuristic controls can also be considered:
Attackers may use botnets or testing tools to create shopping carts and reserve products periodically. This can exhaust the inventory with constant holdings. This risk can be mitigated with the following controls:
Misuse or abuse cases can be an effective tool to drive security requirements that protect business features or processes. By designing countermeasures against misuse or abuse cases, proper security controls can be identified. Since these controls are usually interwoven with business features, they need to be carefully assessed for their business impact. Common security principles and best practices, such as defense-in-depth, monitoring, detection, and prevention can be applicable and help define the proper security requirements and design the appropriate security controls.