def update_asset_properties(self, props, name, existing_params=None):
if existing_params is None:
asset = self.get_asset_by_name(name, simplify=False)
existing_params = AssetParameters(
assetName=asset.theName,
shortCode=asset.theShortCode,
assetDesc=asset.theDescription,
assetSig=asset.theSignificance,
assetType=asset.theType,
cFlag=asset.isCritical,
cRationale=asset.theCriticalRationale,
tags=asset.theTags,
ifs=asset.theInterfaces,
cProperties=[]
)
existing_params.setId(asset.theId)
existing_params.theEnvironmentProperties = props
try:
self.db_proxy.updateAsset(existing_params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_asset_properties(self, props, name, existing_params=None):
if existing_params is None:
asset = self.get_asset_by_name(name, simplify=False)
existing_params = AssetParameters(
assetName=asset.theName,
shortCode=asset.theShortCode,
assetDesc=asset.theDescription,
assetSig=asset.theSignificance,
assetType=asset.theType,
cFlag=asset.isCritical,
cRationale=asset.theCriticalRationale,
tags=asset.theTags,
ifs=asset.theInterfaces,
cProperties=[])
existing_params.setId(asset.theId)
existing_params.theEnvironmentProperties = props
try:
self.db_proxy.updateAsset(existing_params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_asset(self, asset, name):
old_asset = self.get_asset_by_name(name, simplify=False)
id = old_asset.theId
params = AssetParameters(
assetName=asset.theName,
shortCode=asset.theShortCode,
assetDesc=asset.theDescription,
assetSig=asset.theSignificance,
assetType=asset.theType,
cFlag=asset.isCritical,
cRationale=asset.theCriticalRationale,
tags=asset.theTags,
ifs=asset.theInterfaces,
cProperties=asset.theEnvironmentProperties
)
params.setId(id)
try:
self.db_proxy.updateAsset(params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def parameters(self):
parameters = AssetParameters(
self.theAssetName, self.theShortCode, self.theAssetDescription,
self.theAssetSignificance, self.theType, self.theCriticalIndicator,
self.theCriticalRationale, self.theTags, self.theInterfaces,
self.theEnvironmentProperties)
parameters.setId(self.theAssetId)
return parameters
def assetParameters(self,assetId = -1): cMitigated = self.theSecurityProperties[armid.C_PROPERTY] iMitigated = self.theSecurityProperties[armid.I_PROPERTY] avMitigated = self.theSecurityProperties[armid.AV_PROPERTY] acMitigated = self.theSecurityProperties[armid.AC_PROPERTY] assetProperties = array((cMitigated,iMitigated,avMitigated,acMitigated)) mitName = self.theName + ' response' parameters = AssetParameters(mitName,self.theDescription,'Mitigation',assetProperties) parameters.setId(assetId) return parameters
def assetParameters(self,assetId = -1):
cMitigated = 1
iMitigated = 1
avMitigated = 1
acMitigated = 1
anMitigated = 1
panMitigated = 1
unlMitigated = 1
unoMitigated = 1
for idx,propertyName in enumerate(self.theMitigatedProperties):
if (propertyName == 'Confidentiality'): cMitigated = 3
elif (propertyName == 'Integrity'): iMitigated = 3
elif (propertyName == 'Availability'): avMitigated = 3
elif (propertyName == 'Accountability'): acMitigated = 3
elif (propertyName == 'Anonymity'): acMitigated = 4
elif (propertyName == 'Pseudonymity'): acMitigated = 5
elif (propertyName == 'Unlinkability'): acMitigated = 6
elif (propertyName == 'Unobservability'): acMitigated = 7
assetProperties = array((cMitigated,iMitigated,avMitigated,acMitigate,anMitigated,panMitigated,unlMitigated,unoMitigated))
mitName = self.theName + ' response'
parameters = AssetParameters(mitName,self.theDescription,assetProperties)
parameters.setId(assetId)
return parameters
def buildCMAsset(target):
assetName = target.name() + ' CM'
assetDesc = target.description()
assetType = target.type()
shortCode = 'XX'
significanceText = 'Mitigates risk '
b = Borg()
proxy = b.dbProxy
risks = proxy.mitigatedRisks(target.id())
significanceText += risks[0]
assetEnvironmentProperties = []
for cProps in target.environmentProperties():
assetEnvironmentProperties.append(AssetEnvironmentProperties(cProps.name(),cProps.properties(),cProps.rationale()))
return AssetParameters(assetName,shortCode,assetDesc,significanceText,assetType,False,'',target.tags(),[],assetEnvironmentProperties)
def update_asset(self, asset, name):
old_asset = self.get_asset_by_name(name, simplify=False)
id = old_asset.theId
params = AssetParameters(assetName=asset.theName,
shortCode=asset.theShortCode,
assetDesc=asset.theDescription,
assetSig=asset.theSignificance,
assetType=asset.theType,
cFlag=asset.isCritical,
cRationale=asset.theCriticalRationale,
tags=asset.theTags,
ifs=asset.theInterfaces,
cProperties=asset.theEnvironmentProperties)
params.setId(id)
try:
self.db_proxy.updateAsset(params)
except ARM.DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def buildFromTemplate(assetName,assetEnvs):
b = Borg()
taObjt = b.dbProxy.dimensionObject(assetName,'template_asset')
assetDesc = taObjt.description()
assetType = taObjt.type()
shortCode = taObjt.shortCode()
significanceText = taObjt.significance()
assetEnvironmentProperties = []
secProperties = taObjt.securityProperties()
pRationale = taObjt.rationale()
tags = taObjt.tags()
ifs = taObjt.interfaces()
for envName in assetEnvs:
assetEnvironmentProperties.append(AssetEnvironmentProperties(envName,secProperties,pRationale))
return AssetParameters(assetName,shortCode,assetDesc,significanceText,assetType,False,'',tags,ifs,assetEnvironmentProperties)
def add_asset(self, asset, asset_props=None):
try:
self.db_proxy.nameCheck(asset.theName, 'asset')
except ARM.ARMException as ex:
self.close()
raise ARMHTTPError(ex)
assetParams = AssetParameters(
assetName=asset.theName,
shortCode=asset.theShortCode,
assetDesc=asset.theDescription,
assetSig=asset.theSignificance,
assetType=asset.theType,
cFlag=asset.isCritical,
cRationale=asset.theCriticalRationale,
tags=asset.theTags,
ifs=asset.theInterfaces,
cProperties=asset.theEnvironmentProperties)
asset_id = self.db_proxy.addAsset(assetParams)
return asset_id
def endElement(self, name):
if name == 'role':
p = RoleParameters(self.theName, self.theType, self.theShortCode,
self.theDescription, [])
self.theRoleParameters.append(p)
self.resetRoleAttributes()
elif name == 'asset':
envDict = {}
for sp in self.theSecurityProperties:
envName = sp[0]
spName = sp[1]
spValue = a2i(sp[2])
spRationale = sp[3]
if envName in envDict:
(envDict[envName])[spName] = (spValue, spRationale)
else:
spDict = {}
spDict['confidentiality'] = (0, 'None')
spDict['integrity'] = (0, 'None')
spDict['availability'] = (0, 'None')
spDict['accountability'] = (0, 'None')
spDict['anonymity'] = (0, 'None')
spDict['pseudonymity'] = (0, 'None')
spDict['unlinkability'] = (0, 'None')
spDict['unobservability'] = (0, 'None')
spDict[spName] = (spValue, spRationale)
envDict[envName] = spDict
for envName in envDict:
spDict = envDict[envName]
cProperty, cRationale = spDict['confidentiality']
iProperty, iRationale = spDict['integrity']
avProperty, avRationale = spDict['availability']
acProperty, acRationale = spDict['accountability']
anProperty, anRationale = spDict['anonymity']
panProperty, panRationale = spDict['pseudonymity']
unlProperty, unlRationale = spDict['unlinkability']
unoProperty, unoRationale = spDict['unobservability']
ep = AssetEnvironmentProperties(envName, [
cProperty, iProperty, avProperty, acProperty, anProperty,
panProperty, unlProperty, unoProperty
], [
cRationale, iRationale, avRationale, acRationale,
anRationale, panRationale, unlRationale, unoRationale
])
self.theEnvironmentProperties.append(ep)
p = AssetParameters(self.theName, self.theShortCode,
self.theDescription, self.theSignificance,
self.theAssetType, self.isCritical,
self.theCriticalRationale, self.theTags,
self.theInterfaces,
self.theEnvironmentProperties)
self.theAssetParameters.append(p)
self.resetAssetAttributes()
elif name == 'security_property':
self.theSecurityProperties.append(
(self.theEnvironmentName, self.thePropertyName,
self.thePropertyValue, self.theRationale))
self.resetSecurityPropertyAttributes()
elif name == 'threatened_property':
self.theSpDict[self.thePropertyName] = (self.thePropertyValue,
self.theRationale)
self.resetThreatenedPropertyAttributes()
elif name == 'vulnerability':
p = VulnerabilityParameters(self.theName, self.theDescription,
self.theType, self.theTags,
self.theEnvironmentProperties)
self.theVulnerabilities.append(p)
self.resetVulnerabilityAttributes()
elif name == 'vulnerability_environment':
p = VulnerabilityEnvironmentProperties(self.theEnvironmentName,
self.theSeverity,
self.theAssets)
self.theEnvironmentProperties.append(p)
self.resetVulnerabilityEnvironmentAttributes()
elif name == 'attacker':
p = AttackerParameters(self.theName, self.theDescription,
self.theImage, self.theTags,
self.theEnvironmentProperties)
self.theAttackerParameters.append(p)
self.resetAttackerAttributes()
elif name == 'attacker_environment':
p = AttackerEnvironmentProperties(self.theEnvironmentName,
self.theRoles,
self.theMotivations,
self.theCapabilities)
self.theEnvironmentProperties.append(p)
self.resetAttackerEnvironmentAttributes()
elif name == 'threat':
p = ThreatParameters(self.theName, self.theType, self.theMethod,
self.theTags, self.theEnvironmentProperties)
self.theThreats.append(p)
self.resetThreatAttributes()
elif name == 'threat_environment':
cProperty, cRationale = self.theSpDict['confidentiality']
iProperty, iRationale = self.theSpDict['integrity']
avProperty, avRationale = self.theSpDict['availability']
acProperty, acRationale = self.theSpDict['accountability']
anProperty, anRationale = self.theSpDict['anonymity']
panProperty, panRationale = self.theSpDict['pseudonymity']
unlProperty, unlRationale = self.theSpDict['unlinkability']
unoProperty, unoRationale = self.theSpDict['unobservability']
p = ThreatEnvironmentProperties(
self.theEnvironmentName, self.theLikelihood, self.theAssets,
self.theAttackers, [
cProperty, iProperty, avProperty, acProperty, anProperty,
panProperty, unlProperty, unoProperty
], [
cRationale, iRationale, avRationale, acRationale,
anRationale, panRationale, unlRationale, unoRationale
])
self.theEnvironmentProperties.append(p)
self.resetThreatEnvironmentAttributes()
elif name == 'risk':
mc = MisuseCase(-1, 'Exploit ' + self.theName,
self.theEnvironmentProperties, self.theName)
p = RiskParameters(self.theName, self.theThreat,
self.theVulnerability, mc, self.theTags)
self.theRisks.append(p)
self.resetRiskAttributes()
elif name == 'misusecase':
p = MisuseCaseEnvironmentProperties(self.theEnvironmentName,
self.theDescription)
self.theEnvironmentProperties.append(p)
self.resetRiskEnvironmentAttributes()
elif name == 'response':
p = ResponseParameters(self.theType + ' ' + self.theRisk,
self.theRisk, self.theTags,
self.theEnvironmentProperties, self.theType)
self.theResponses.append(p)
self.resetResponseAttributes()
elif name == 'accept_environment':
p = AcceptEnvironmentProperties(self.theEnvironmentName,
self.theCost, self.theDescription)
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'transfer_environment':
p = TransferEnvironmentProperties(self.theEnvironmentName,
self.theDescription,
self.theResponseRoles)
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'deter_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName, 'Deter')
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'prevent_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName,
'Prevent')
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'detect_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName,
'Detect', self.theDetectionPoint)
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'react_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName, 'React',
'', self.theDetectionMechanisms)
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'asset_association':
p = ClassAssociationParameters(
self.theEnvironmentName, self.theHeadName, 'asset',
self.theHeadNav, self.theHeadAdornment, self.theHeadNry,
self.theHeadRole, self.theTailRole, self.theTailNry,
self.theTailAdornment, self.theTailNav, 'asset',
self.theTailName)
self.theAssociations.append(p)
self.resetAssociationAttributes()
elif name == 'description':
self.inDescription = 0
elif name == 'method':
self.inMethod = 0
elif name == 'narrative':
self.inDescription = 0
elif name == 'rationale':
self.inRationale = 0
elif name == 'significance':
self.inSignificance = 0
elif name == 'critical':
self.inCritical = 0
def parameters(self): parameters = AssetParameters(self.theAssetName,self.theShortCode,self.theAssetDescription,self.theAssetSignificance,self.theType,self.theCriticalIndicator,self.theCriticalRationale,self.theTags,self.theInterfaces,self.theEnvironmentProperties) parameters.setId(self.theAssetId) return parameters
