Beispiel #1
0
    def update_attacker_motivation(self,
                                   attacker_motivation,
                                   name,
                                   environment_name=''):
        """
        :return:
        :raise: ARMHTTPError:
        """
        assert isinstance(attacker_motivation, ValueType)

        found_motivation = self.get_attacker_motivation_by_name(
            name, environment_name)

        params = ValueTypeParameters(vtName=attacker_motivation.theName,
                                     vtDesc=attacker_motivation.theDescription,
                                     vType='motivation',
                                     envName=environment_name,
                                     vtScore=attacker_motivation.theScore,
                                     vtRat=attacker_motivation.theRationale)
        params.setId(found_motivation.theId)

        try:
            self.db_proxy.updateValueType(params)
        except ARM.DatabaseProxyException as ex:
            self.close()
            raise ARMHTTPError(ex)
        except ARM.ARMException as ex:
            self.close()
            raise ARMHTTPError(ex)
    def update_vulnerability_type(self,
                                  vulnerability_type,
                                  name,
                                  environment_name=''):
        assert isinstance(vulnerability_type, ValueType)

        found_type = self.get_vulnerability_type_by_name(
            name, environment_name)

        params = ValueTypeParameters(vtName=vulnerability_type.theName,
                                     vtDesc=vulnerability_type.theDescription,
                                     vType='vulnerability_type',
                                     envName=environment_name,
                                     vtScore=vulnerability_type.theScore,
                                     vtRat=vulnerability_type.theRationale)
        params.setId(found_type.theId)

        try:
            self.db_proxy.updateValueType(params)
        except ARM.DatabaseProxyException as ex:
            self.close()
            raise ARMHTTPError(ex)
        except ARM.ARMException as ex:
            self.close()
            raise ARMHTTPError(ex)
Beispiel #3
0
 def parameters(self):
     parameters = ValueTypeParameters(self.theName, self.theDescription,
                                      self.theValueType,
                                      self.theEnvironmentName,
                                      self.theScore, self.theRationale)
     parameters.setId(self.theValueTypeId)
     return parameters
Beispiel #4
0
    def update_attacker_capability(self,
                                   attacker_capability,
                                   name,
                                   environment_name=''):
        assert isinstance(attacker_capability, ValueType)

        found_capability = self.get_attacker_capability_by_name(
            name, environment_name)

        params = ValueTypeParameters(vtName=attacker_capability.theName,
                                     vtDesc=attacker_capability.theDescription,
                                     vType='capability',
                                     envName=environment_name,
                                     vtScore=attacker_capability.theScore,
                                     vtRat=attacker_capability.theRationale)
        params.setId(found_capability.theId)

        try:
            self.db_proxy.updateValueType(params)
        except ARM.DatabaseProxyException as ex:
            self.close()
            raise ARMHTTPError(ex)
        except ARM.ARMException as ex:
            self.close()
            raise ARMHTTPError(ex)
Beispiel #5
0
 def endElement(self, name):
     if (name == 'vulnerability_type'):
         p = ValueTypeParameters(self.theName, self.theDescription,
                                 'vulnerability_type')
         self.theVulnerabilityTypes.append(p)
         self.resetAttributes()
     if name == 'threat_type':
         p = ValueTypeParameters(self.theName, self.theDescription,
                                 'threat_type')
         self.theThreatTypes.append(p)
         self.resetAttributes()
Beispiel #6
0
 def update_goal_value(self, goal_value, name, environment_name=''):
     assert isinstance(goal_value, ValueType)
     found_value = self.get_goal_value_by_name(name, environment_name)
     params = ValueTypeParameters(vtName=goal_value.theName,
                                  vtDesc=goal_value.theDescription,
                                  vType='goal_value',
                                  envName=environment_name,
                                  vtScore=goal_value.theScore,
                                  vtRat=goal_value.theRationale)
     params.setId(found_value.theId)
     try:
         self.db_proxy.updateValueType(params)
     except ARM.DatabaseProxyException as ex:
         raise ARMHTTPError(ex)
     except ARM.ARMException as ex:
         raise ARMHTTPError(ex)
    def add_vulnerability_type(self, vulnerability_type, environment_name=''):
        assert isinstance(vulnerability_type, ValueType)
        type_exists = self.check_existing_vulnerability_type(
            vulnerability_type.theName, environment_name=environment_name)

        if type_exists:
            self.close()
            raise OverwriteNotAllowedHTTPError(
                obj_name='The vulnerability type')

        params = ValueTypeParameters(vtName=vulnerability_type.theName,
                                     vtDesc=vulnerability_type.theDescription,
                                     vType='vulnerability_type',
                                     envName=environment_name,
                                     vtScore=vulnerability_type.theScore,
                                     vtRat=vulnerability_type.theRationale)

        try:
            return self.db_proxy.addValueType(params)
        except ARM.DatabaseProxyException as ex:
            self.close()
            raise ARMHTTPError(ex)
        except ARM.ARMException as ex:
            self.close()
            raise ARMHTTPError(ex)
Beispiel #8
0
    def add_attacker_motivation(self,
                                attacker_motivation,
                                environment_name=''):
        """
        :rtype: int
        :raises
            CairisHTTPError:
            OverwriteNotAllowedHTTPError:
        """
        assert isinstance(attacker_motivation, ValueType)
        type_exists = self.check_existing_attacker_motivation(
            attacker_motivation.theName, environment_name=environment_name)

        if type_exists:
            self.close()
            raise OverwriteNotAllowedHTTPError(
                obj_name='The attacker motivation')

        params = ValueTypeParameters(vtName=attacker_motivation.theName,
                                     vtDesc=attacker_motivation.theDescription,
                                     vType='motivation',
                                     envName=environment_name,
                                     vtScore=attacker_motivation.theScore,
                                     vtRat=attacker_motivation.theRationale)

        try:
            return self.db_proxy.addValueType(params)
        except ARM.DatabaseProxyException as ex:
            self.close()
            raise ARMHTTPError(ex)
        except ARM.ARMException as ex:
            self.close()
            raise ARMHTTPError(ex)
Beispiel #9
0
 def update_goal_value(self, goal_value, name, environment_name=''):
     assert isinstance(goal_value, ValueType)
     found_value = self.get_goal_value_by_name(name, environment_name)
     params = ValueTypeParameters(
         vtName=goal_value.theName,
         vtDesc=goal_value.theDescription,
         vType='goal_value',
         envName=environment_name,
         vtScore=goal_value.theScore,
         vtRat=goal_value.theRationale
     )
     params.setId(found_value.theId)
     try:
         self.db_proxy.updateValueType(params)
     except ARM.DatabaseProxyException as ex:
         raise ARMHTTPError(ex)
     except ARM.ARMException as ex:
         raise ARMHTTPError(ex)
Beispiel #10
0
 def endElement(self, name):
     if (name == 'threat_value') or (name == 'risk_value') or (
             name == 'countermeasure_value'
     ) or (name == 'severity_value') or (name == 'likelihood_value') or (
             name == 'capability_value') or (name == 'motivation_value'):
         if (name == 'motivation_value'):
             self.theTypeName == 'motivation'
         elif (name == 'capability_value'):
             self.theTypeName == 'capability'
         p = ValueTypeParameters(self.theName, self.theDescription,
                                 self.theTypeName)
         self.theValuesMap[self.theTypeName].append(p)
         self.resetAttributes()
Beispiel #11
0
    def update_threat_type(self, threat_type, name, environment_name=''):
        assert isinstance(threat_type, ValueType)

        found_type = self.get_threat_type_by_name(name, environment_name)

        params = ValueTypeParameters(
            vtName=threat_type.theName,
            vtDesc=threat_type.theDescription,
            vType='threat_type',
            envName=environment_name,
            vtScore=threat_type.theScore,
            vtRat=threat_type.theRationale
        )
        params.setId(found_type.theId)

        try:
            self.db_proxy.updateValueType(params)
        except ARM.DatabaseProxyException as ex:
            self.close()
            raise ARMHTTPError(ex)
        except ARM.ARMException as ex:
            self.close()
            raise ARMHTTPError(ex)
Beispiel #12
0
 def endElement(self,name):
   if name == 'asset':
     spDict = {}
     spDict['confidentiality'] = (0,'None')
     spDict['integrity'] = (0,'None')
     spDict['availability'] = (0,'None')
     spDict['accountability'] = (0,'None')
     spDict['anonymity'] = (0,'None')
     spDict['pseudonymity'] = (0,'None')
     spDict['unlinkability'] = (0,'None')
     spDict['unobservability'] = (0,'None')
     for sp in self.theSecurityProperties:
       spName = sp[0]
       spValue = a2i(sp[1])
       spRationale = sp[2]
       if spName in spDict:
         spDict[spName] = (spValue,spRationale)
     spValues = [] 
     spValues.append(spDict['confidentiality'])
     spValues.append(spDict['integrity'])
     spValues.append(spDict['availability'])
     spValues.append(spDict['accountability'])
     spValues.append(spDict['anonymity'])
     spValues.append(spDict['pseudonymity'])
     spValues.append(spDict['unlinkability'])
     spValues.append(spDict['unobservability'])
     p = TemplateAssetParameters(self.theName,self.theShortCode,self.theDescription,self.theSignificance,self.theAssetType,self.theSurfaceType,self.theAccessRight,spValues,self.theTags,self.theInterfaces)
     self.theAssets.append(p)
     self.resetAssetAttributes()
   elif name == 'security_property':
     self.theSecurityProperties.append((self.thePropertyName,self.thePropertyValue,self.theRationale))
     self.resetSecurityPropertyAttributes()
   elif name == 'description':
     self.inDescription = 0
   elif name == 'rationale':
     self.inRationale = 0
   elif name == 'significance':
     self.inSignificance = 0
   elif name == 'access_right' or name == 'surface_type':
     p = ValueTypeParameters(self.theName,self.theDescription,name,'',self.theScore,self.theRationale)
     self.theValueTypes.append(p)
     self.resetValueTypeAttributes()
 def endElement(self,name):
   if (name == 'component'):
     p = ComponentParameters(self.theName,self.theDescription,self.theInterfaces,self.theStructure,self.theComponentRequirements,self.theComponentGoals,self.theComponentGoalAssociations)
     self.theComponents.append(p)
     self.resetComponentAttributes() 
   elif name == 'role':
     p = RoleParameters(self.theName,self.theType,self.theShortCode,self.theDescription,[])
     self.theRoles.append(p)
     self.resetRoleAttributes()
   elif name == 'asset':
     spDict = {}
     spDict['confidentiality'] = (0,'None')
     spDict['integrity'] = (0,'None')
     spDict['availability'] = (0,'None')
     spDict['accountability'] = (0,'None')
     spDict['anonymity'] = (0,'None')
     spDict['pseudonymity'] = (0,'None')
     spDict['unlinkability'] = (0,'None')
     spDict['unobservability'] = (0,'None')
     for sp in self.theSecurityProperties:
       spName = sp[0]
       spValue = a2i(sp[1])
       spRationale = sp[2]
       if spName in spDict:
         spDict[spName] = (spValue,spRationale)
     spValues = [] 
     spValues.append(spDict['confidentiality'])
     spValues.append(spDict['integrity'])
     spValues.append(spDict['availability'])
     spValues.append(spDict['accountability'])
     spValues.append(spDict['anonymity'])
     spValues.append(spDict['pseudonymity'])
     spValues.append(spDict['unlinkability'])
     spValues.append(spDict['unobservability'])
     p = TemplateAssetParameters(self.theName,self.theShortCode,self.theDescription,self.theSignificance,self.theAssetType,self.theSurfaceType,self.theAccessRight,spValues,self.theTags,self.theInterfaces)
     self.theAssets.append(p)
     self.resetAssetAttributes()
   elif name == 'security_property':
     self.theSecurityProperties.append((self.thePropertyName,self.thePropertyValue,self.theRationale))
     self.resetSecurityPropertyAttributes()
   elif name == 'structure':
     self.theStructure.append((self.theHeadName,self.theHeadAdornment,self.theHeadNav,self.theHeadNry,self.theHeadRole,self.theTailRole,self.theTailNry,self.theTailNav,self.theTailAdornment,self.theTailName))
     self.resetStructure()
   elif name == 'requirement':
     p = TemplateRequirementParameters(self.theReqName,self.theAsset,self.theType,self.theDescription,self.theRationale,self.theFitCriterion)
     self.theRequirements.append(p)
     self.resetRequirementAttributes()
   elif name == 'goal':
     p = TemplateGoalParameters(self.theName,self.theDefinition,self.theRationale,self.theConcerns,self.theResponsibilities)
     self.theGoals.append(p)
     self.resetGoalAttributes()
   elif name == 'connector':
     p = ConnectorParameters(self.theName,self.theViewName,self.theFromName,self.theFromRole,self.theFromInterface,self.theToName,self.theToInterface,self.theToRole,self.theConnectorAsset,self.theProtocolName,self.theAccessRight)
     self.theConnectors.append(p)
     self.resetConnectorAttributes() 
   elif name == 'component_goal_association':
     self.theComponentGoalAssociations.append((self.theGoalName,self.theSubGoalName,self.theRefType,self.theRationale))
     self.resetComponentGoalAssociationAttributes()
   elif name == 'description':
     self.inDescription = 0
   elif name == 'definition':
     self.inDefinition = 0
   elif name == 'synopsis':
     self.inSynopsis = 0
   elif name == 'rationale':
     self.inRationale = 0
   elif name == 'significance':
     self.inSignificance = 0
   elif name == 'fit_criterion':
     self.inFitCriterion = 0
   elif name == 'access_right' or name == 'protocol' or name == 'privilege' or name == 'surface_type':
     p = ValueTypeParameters(self.theName,self.theDescription,name,'',self.theScore,self.theRationale)
     self.theMetricTypes.append(p)
     self.resetValueTypeAttributes()
   elif name == 'architectural_pattern':
     self.theViewParameters = ComponentViewParameters(self.theViewName,self.theSynopsis,self.theMetricTypes,self.theRoles,self.theAssets,self.theRequirements,self.theGoals,self.theComponents,self.theConnectors)
    def endElement(self, name):
        if name == 'entry':
            self.theNamingConventions.append(
                (self.theCurrentNameEntry, self.theDefinition))
        elif name == 'revision':
            self.theRevisions.append((self.theCurrentRevNo,
                                      self.theCurrentRevDate, self.theRemarks))
        elif name == 'project_settings':
            self.theProjectSettings = (self.theName, self.theBackground,
                                       self.theStrategicGoals, self.theScope,
                                       self.theNamingConventions,
                                       self.theContributors, self.theRevisions,
                                       self.theRichPicture)
        elif name == 'asset_values':
            nv = ValueTypeParameters('None', self.theNoneValue, 'asset_value',
                                     self.theName)
            nv.setId(0)
            self.theAssetValues.append(nv)

            lv = ValueTypeParameters('Low', self.theLowValue, 'asset_value',
                                     self.theName)
            lv.setId(1)
            self.theAssetValues.append(lv)

            mv = ValueTypeParameters('Medium', self.theMedValue, 'asset_value',
                                     self.theName)
            mv.setId(2)
            self.theAssetValues.append(mv)

            hv = ValueTypeParameters('High', self.theHighValue, 'asset_value',
                                     self.theName)
            hv.setId(3)
            self.theAssetValues.append(hv)

            self.resetAssetValues()
        elif name == 'environment':
            p = EnvironmentParameters(self.theName, self.theShortCode,
                                      self.theDefinition,
                                      self.theCompositeEnvironments,
                                      self.theDuplicateProperty,
                                      self.theOverridingEnvironment)
            p.setAssetValues(self.theAssetValues)
            self.theEnvironments.append(p)
            self.resetEnvironmentAttributes()
        elif name == 'background':
            self.inBackground = 0
        elif name == 'strategic_goals':
            self.inStrategicGoals = 0
        elif name == 'scope':
            self.inScope = 0
        elif name == 'definition':
            self.inDefinition = 0
        elif name == 'remarks':
            self.inRemarks = 0
        elif name == 'none':
            self.inNone = 0
        elif name == 'low':
            self.inLow = 0
        elif name == 'medium':
            self.inMed = 0
        elif name == 'high':
            self.inHigh = 0
  def endElement(self,name):
    if name == 'entry':
      self.theNamingConventions.append((self.theCurrentNameEntry,self.theDefinition))
    elif name == 'revision':
      self.theRevisions.append((self.theCurrentRevNo,self.theCurrentRevDate,self.theRemarks))
    elif name == 'project_settings':
      self.theProjectSettings = (self.theName,self.theBackground,self.theStrategicGoals,self.theScope,self.theNamingConventions,self.theContributors,self.theRevisions,self.theRichPicture)
    elif name == 'asset_values':
      nv = ValueTypeParameters('None',self.theNoneValue,'asset_value',self.theName)
      nv.setId(0)
      self.theAssetValues.append(nv)

      lv = ValueTypeParameters('Low',self.theLowValue,'asset_value',self.theName)
      lv.setId(1)
      self.theAssetValues.append(lv)

      mv = ValueTypeParameters('Medium',self.theMedValue,'asset_value',self.theName)
      mv.setId(2)
      self.theAssetValues.append(mv)

      hv = ValueTypeParameters('High',self.theHighValue,'asset_value',self.theName)
      hv.setId(3)
      self.theAssetValues.append(hv)

      self.resetAssetValues()
    elif name == 'environment':
      p = EnvironmentParameters(self.theName,self.theShortCode,self.theDefinition,self.theCompositeEnvironments,self.theDuplicateProperty,self.theOverridingEnvironment)
      p.setAssetValues(self.theAssetValues)
      self.theEnvironments.append(p)
      self.resetEnvironmentAttributes()
    elif name == 'background':
      self.inBackground = 0
    elif name == 'strategic_goals':
      self.inStrategicGoals = 0
    elif name == 'scope':
      self.inScope = 0
    elif name == 'definition':
      self.inDefinition = 0
    elif name == 'remarks':
      self.inRemarks = 0
    elif name == 'none':
      self.inNone = 0
    elif name == 'low':
      self.inLow = 0
    elif name == 'medium':
      self.inMed = 0
    elif name == 'high':
      self.inHigh = 0
Beispiel #16
0
 def parameters(self):
   parameters = ValueTypeParameters(self.theName,self.theDescription,self.theValueType,self.theEnvironmentName,self.theScore,self.theRationale)
   parameters.setId(self.theValueTypeId)
   return parameters