This assignment requires you to conduct a security analysis of a proposed system and devise a security solution that mitigates the most serious risks to that system. The aim of this assignment is not to achieve an exhaustive list of threats, risks or security mechanisms, but to identify the most serious risks and address them in a reasoned and cost-effective manner. The most important aspects of your answer are the reasoning applied to the problem and the justification for your design.
Because of this, a short but clear argument is preferable to a long-winded one. Your answer should not exceed twenty-five pages. As a guideline, approximately 5Ã¢â‚¬â€œ7 pages on the security analysis and 12Ã¢â‚¬â€œ15 on the security design (including figures and tables) should be enough for a good answer. Be sure, however, to answer thoroughly and (where appropriate) realistically.
Stubbs and Toe is a small law firm that has been operating for over 20 years providing representation and litigation services for individuals who have suffered serious accidents in the workplace. The two senior partners set up the firm together after qualifying from law school, and it has since grown to employ two more full-time lawyers and a total of four legal secretaries.
The business is running well but the senior partners are keen to expand. After much deliberation, they have decided to set up an online presence by launching NJury Lawyers 4 U: a website-based personal injury portal allowing potential clients to initiate, track, and manage small injury claims online.
Stubbs and Toe currently pays a hosting company to run a website advertising their services, as well as basic email facilities, and the office they work from is equipped with eight workstations (one for each employee) which are networked together and connected to the internet via a small business broadband connection. In order to keep their existing client base happy and to continue building on their existing reputation, the partners are keen to keep the current website going. Their hope is that the new initiative will serve as a more youthful brand to their legal services, attracting clients whose injuries are typically less severe than those they traditionally deal with, and for whom the prospect of settlement with insurance companies is more likely.
They are also keen to make use of this opportunity to modernise how they manage their documents Ã¢â‚¬â€œ at the moment client case work is done on individual workstations and document sharing is ad hoc. There is a feeling that a more rigorous approach to document management is needed, and that this is the time to initiate the change.
The partners are keen to ensure that the confidentiality of their clientsÃ¢â‚¬â„¢ information should be maintained, and they are also very concerned about ensuring they do not put themselves in a conflict of interest (for example by accepting a client making a claim against another of their clients). Before they invest too much time and money in this venture, they have hired you to provide a high level design for their new business venture and modernization plans.
The following is a simple use case diagram that the senior partners have drawn, illustrating what they think the new system should do.
- The website should allow prospective clients to view the legal services on offer and to upload the initial details of a claim, in order to allow the firm to review and indicate whether they will take on the case;
- The website needs to provide an individual homepage for each client, allowing them to:
- update their personal and financial details,
- upload supporting evidence for their claim,
- view the current state of their claim (e.g. whether a settlement has been reached, the case is being prosecuted in the courts, the claim has been rejected, etc.)
- The new backend system also needs to provide the employees of the law firm with a coherent and centralised document management system, allowing the lawyers and legal secretaries to access the detailed evidence, notes, and any other document relevant to their different clients.
Since this is a very preliminary proposal, you have been given the job of designing the high-level architecture of the system. Before you can design a solution, you need to conduct a high-level security analysis of the proposed system. You should feel free to make assumptions about the system; however these should be explicitly stated in your answer.
- Start by scoping your analysis, outline a technical architecture that satisfies these functional requirements, and analyse the proposed system to identify the most significant assets and security needs.
- Without conducting a detailed risk analysis, summarise what you think are the most important risks to this system.
- Your answer should include views from different stakeholders in the system, and if any of these are in conflict, a discussion about which of them should prevail.
- The results of your analysis should clearly identify the areas of the system that are most in need of security.
Based on your analysis of the security requirements of the proposed system, devise a realistic and cost-effective defensive strategy. This should include the high-level security architecture of the system and general policy specification for the operation of that system.
Finally, justify your decisions, arguing for the cost-effectiveness of your design.
The assessment is intended to judge the extent to which you can:
- apply a security design process,
- identify security requirements,
- specify a cost-effective solution to security requirements, and
- reason critically about security design.