Пример #1
0
 def parameters(self):
     parameters = DocumentReferenceParameters(self.theName,
                                              self.theDocument,
                                              self.theContributor,
                                              self.theExcerpt)
     parameters.setId(self.theId)
     return parameters
Пример #2
0
 def update_object(self, dr, name):
     drParams = DocumentReferenceParameters(refName=dr.theName,
                                            docName=dr.theDocName,
                                            cName=dr.theContributor,
                                            docExc=dr.theExcerpt)
     try:
         drId = self.db_proxy.getDimensionId(name, 'document_reference')
         drParams.setId(drId)
         self.db_proxy.updateDocumentReference(drParams)
     except ARMException as ex:
         self.close()
         raise ARMHTTPError(ex)
Пример #3
0
 def update_document_reference(self, dr, name):
     found_dr = self.get_document_reference(name)
     drParams = DocumentReferenceParameters(refName=dr.theName,
                                            docName=dr.theDocName,
                                            cName=dr.theContributor,
                                            docExc=dr.theExcerpt)
     drParams.setId(found_dr.theId)
     try:
         self.db_proxy.updateDocumentReference(drParams)
     except ARMException as ex:
         self.close()
         raise ARMHTTPError(ex)
Пример #4
0
 def update_document_reference(self,dr,name):
   found_dr = self.get_document_reference(name)
   drParams = DocumentReferenceParameters(
     refName=dr.theName,
     docName=dr.theDocName,
     cName=dr.theContributor,
     docExc=dr.theExcerpt)
   drParams.setId(found_dr.theId)
   try:
     self.db_proxy.updateDocumentReference(drParams)
   except ARMException as ex:
     self.close()
     raise ARMHTTPError(ex)
Пример #5
0
 def setUp(self):
   call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
   cairis.core.BorgFactory.initialise()
   f = open(os.environ['CAIRIS_SRC'] + '/test/threats.json')
   d = json.load(f)
   f.close()
   self.ienvs = d['environments']
   self.iep = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"])
   b = Borg()
   b.dbProxy.addEnvironment(self.iep)
   self.oenvs = b.dbProxy.getEnvironments()
   self.iRoles = d['roles']
   self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[])
   b.dbProxy.addRole(self.irp)
   self.oRoles = b.dbProxy.getRoles()
   self.iPersonas = d['personas']
   self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[])
   b.dbProxy.addPersona(self.ipp)
   self.opp = b.dbProxy.getPersonas()
   self.iExternalDocuments = d['external_documents']
   self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"])
   self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"])
   b.dbProxy.addExternalDocument(self.iec1)
   b.dbProxy.addExternalDocument(self.iec2)
   self.oecs = b.dbProxy.getExternalDocuments()
   self.iDocumentReferences = d['document_references']
   self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"])
   self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"])
   b.dbProxy.addDocumentReference(self.idr1)
   b.dbProxy.addDocumentReference(self.idr2)
   self.odrs = b.dbProxy.getDocumentReferences()
   self.iPersonaCharacteristics = d['persona_characteristics']
   self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[])
   b.dbProxy.addPersonaCharacteristic(self.ipc1)
   self.opcs = b.dbProxy.getPersonaCharacteristics()
   self.iAttackers = d['attackers']
   self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])]
   self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps)
   b.dbProxy.addAttacker(self.iatk)
   self.oAttackers = b.dbProxy.getAttackers()
   self.iVtypes = d['valuetypes']
   self.ivt = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"])
   b.dbProxy.addValueType(self.ivt)
   self.ovt = b.dbProxy.getValueTypes('threat_type')
   self.iassets = d['assets']
   self.iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])]
   self.iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps)
   b.dbProxy.addAsset(self.iap)
   self.oap = b.dbProxy.getAssets()
   self.iThreats = d['threats']
Пример #6
0
 def endElement(self,name):
   if name == 'persona':
     p = PersonaParameters(self.theName,unescape(self.theActivities),unescape(self.theAttitudes),unescape(self.theAptitudes),unescape(self.theMotivations),unescape(self.theSkills),unescape(self.theIntrinsic),unescape(self.theContextual),self.theImage,self.isAssumptionPersona,self.theType,self.theTags,self.theEnvironmentProperties,{})
     self.thePersonas.append(p)
     self.resetPersonaAttributes()
   elif name == 'persona_environment':
     p = PersonaEnvironmentProperties(self.theEnvironmentName,self.isDirect,unescape(self.theNarrative),self.theRoles,{'narrative':{}})
     self.theEnvironmentProperties.append(p)
     self.resetPersonaEnvironmentAttributes()
   elif name == 'external_document':
     p = ExternalDocumentParameters(self.theName,self.theVersion,self.theDate,self.theAuthors,unescape(self.theDescription))
     self.theExternalDocuments.append(p)
     self.resetExternalDocumentAttributes()
   elif name == 'document_reference':
     p = DocumentReferenceParameters(self.theName,self.theDocument,self.theContributor,unescape(self.theExcerpt))
     self.theDocumentReferences.append(p)
     self.resetDocumentReferenceAttributes()
   elif name == 'persona_characteristic':
     p = PersonaCharacteristicParameters(self.thePersona,self.theModalQualifier,self.theBvName,unescape(self.theDefinition),self.theGrounds,self.theWarrants,[],self.theRebuttals)
     self.thePersonaCharacteristics.append(p)
     self.resetPersonaCharacteristicAttributes()
   elif name == 'task':
     p = TaskParameters(unescape(self.theName),unescape(self.theCode),unescape(self.theObjective),self.isAssumptionTask,self.theAuthor,self.theTags,self.theEnvironmentProperties)
     self.theTasks.append(p)
     self.resetTaskAttributes()
   elif name == 'task_environment':
     p = TaskEnvironmentProperties(unescape(self.theEnvironmentName),unescape(self.theDependencies),self.theTaskPersonas,self.theConcerns,self.theConcernAssociations,unescape(self.theNarrative),unescape(self.theConsequences),unescape(self.theBenefits),[],{'narrative':{},'consequences':{},'benefits':{}})
     self.theEnvironmentProperties.append(p)
     self.resetTaskEnvironmentAttributes()
   elif name == 'activities':
     self.inActivities = 0
   elif name == 'attitudes':
     self.inAttitudes = 0
   elif name == 'aptitudes':
     self.inAptitudes = 0
   elif name == 'motivations':
     self.inMotivations = 0
   elif name == 'skills':
     self.inSkills = 0
   elif name == 'intrinsic':
     self.inIntrinsic = 0
   elif name == 'contextual':
     self.inContextual = 0
   elif name == 'narrative':
     self.inNarrative = 0
   elif name == 'excerpt':
     self.inExcerpt = 0
   elif name == 'description':
     self.inDescription = 0
   elif name == 'definition':
     self.inDefinition = 0
   elif name == 'dependencies':
     self.inDependencies = 0
   elif name == 'objective':
     self.inObjective = 0
   elif name == 'benefits':
     self.inBenefits = 0
   elif name == 'consequences':
     self.inConsequences = 0
Пример #7
0
 def add_object(self, dr):
     drParams = DocumentReferenceParameters(refName=dr.theName,
                                            docName=dr.theDocName,
                                            cName=dr.theContributor,
                                            docExc=dr.theExcerpt)
     try:
         self.db_proxy.addDocumentReference(drParams)
     except ARMException as ex:
         self.close()
         raise ARMHTTPError(ex)
Пример #8
0
class ResponseTest(unittest.TestCase):

  def setUp(self):
    call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
    cairis.core.BorgFactory.initialise()
    f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json')
    d = json.load(f)
    f.close()
    self.ienvs = d['environments']
    self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"])
    b = Borg()
    b.dbProxy.addEnvironment(self.iep1)
    self.oenvs = b.dbProxy.getEnvironments()
    self.iRoles = d['roles']
    self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[])
    b.dbProxy.addRole(self.irp)
    self.oRoles = b.dbProxy.getRoles()
    self.iPersonas = d['personas']
    self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[])
    b.dbProxy.addPersona(self.ipp)
    self.opp = b.dbProxy.getPersonas()
    self.iExternalDocuments = d['external_documents']
    self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"])
    self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"])
    b.dbProxy.addExternalDocument(self.iec1)
    b.dbProxy.addExternalDocument(self.iec2)
    self.oecs = b.dbProxy.getExternalDocuments()
    self.iDocumentReferences = d['document_references']
    self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"])
    self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"])
    b.dbProxy.addDocumentReference(self.idr1)
    b.dbProxy.addDocumentReference(self.idr2)
    self.odrs = b.dbProxy.getDocumentReferences()
    self.iPersonaCharacteristics = d['persona_characteristics']
    self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[])
    b.dbProxy.addPersonaCharacteristic(self.ipc1)
    self.opcs = b.dbProxy.getPersonaCharacteristics()
    self.iAttackers = d['attackers']
    self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])]
    self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps)
    b.dbProxy.addAttacker(self.iatk)
    self.oAttackers = b.dbProxy.getAttackers()
    self.iVtypes = d['valuetypes']
    self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"])
    self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"])
    b.dbProxy.addValueType(self.ivt1)
    b.dbProxy.addValueType(self.ivt2)
    self.ovtt = b.dbProxy.getValueTypes('threat_type')
    self.ovtv = b.dbProxy.getValueTypes('vulnerability_type')
    self.iassets = d['assets']
    self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])]
    self.iaeps2 = [AssetEnvironmentProperties(self.iassets[1]["theEnvironmentProperties"][0][0],self.iassets[1]["theEnvironmentProperties"][0][1],self.iassets[1]["theEnvironmentProperties"][0][2])]
    self.iaeps3 = [AssetEnvironmentProperties(self.iassets[2]["theEnvironmentProperties"][0][0],self.iassets[2]["theEnvironmentProperties"][0][1],self.iassets[2]["theEnvironmentProperties"][0][2])]
    self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1)
    self.iap2 = AssetParameters(self.iassets[1]["theName"],self.iassets[1]["theShortCode"],self.iassets[1]["theDescription"],self.iassets[1]["theSignificance"],self.iassets[1]["theType"],"0","N/A",[],[],self.iaeps2)
    self.iap3 = AssetParameters(self.iassets[2]["theName"],self.iassets[2]["theShortCode"],self.iassets[2]["theDescription"],self.iassets[2]["theSignificance"],self.iassets[2]["theType"],"0","N/A",[],[],self.iaeps3)
    b.dbProxy.addAsset(self.iap1)
    b.dbProxy.addAsset(self.iap2)
    b.dbProxy.addAsset(self.iap3)
    self.oap = b.dbProxy.getAssets()
    self.iThreats = d['threats']
    self.iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])]
    self.itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],self.iteps)
    b.dbProxy.addThreat(self.itps)
    self.otps = b.dbProxy.getThreats()
    self.iVuln = d['vulnerabilities']
    self.iveps = [VulnerabilityEnvironmentProperties(self.iVuln[0]["theEnvironmentProperties"][0]["theName"],self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])]
    self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],self.iVuln[0]["theDescription"],self.iVuln[0]["theType"], [], self.iveps)
    b.dbProxy.addVulnerability(self.ivp)
    self.ovp = b.dbProxy.getVulnerabilities()
    self.imc = d['misuseCase']
    self.iRisks = d['risks']

    imcep = [MisuseCaseEnvironmentProperties(self.imc[0]["theEnvironmentProperties"][0]["theName"],self.imc[0]["theEnvironmentProperties"][0]["theDescription"])]
    imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,self.imc[0]["theRisk"])
    irp = RiskParameters(self.iRisks[0]["theName"],self.iRisks[0]["threatName"],self.iRisks[0]["vulName"], imcp,[])
    b.dbProxy.addRisk(irp)
    oRisks = b.dbProxy.getRisks()
    self.r = oRisks[self.iRisks[0]["theName"]]
    self.iResponses = d['responses']

  def testResponse(self):
    iar1Name = self.iResponses[0]["theType"] + " " + self.iResponses[0]["theRisk"] 
    iaep1 = AcceptEnvironmentProperties(self.iResponses[0]["theEnvironmentProperties"][0],self.iResponses[0]["theEnvironmentProperties"][1],self.iResponses[0]["theEnvironmentProperties"][2])
    iar1 = ResponseParameters(iar1Name,self.iResponses[0]["theRisk"],[],[iaep1], self.iResponses[0]["theType"])

    iar2Name = self.iResponses[1]["theType"] + " " + self.iResponses[1]["theRisk"] 
    iaep2 = MitigateEnvironmentProperties(self.iResponses[1]["theEnvironmentProperties"],self.iResponses[1]["theType"])
    iar2 = ResponseParameters(iar2Name,self.iResponses[1]["theRisk"],[],[iaep2], self.iResponses[1]["theType"])

    b = Borg()
    b.dbProxy.addResponse(iar1)
    b.dbProxy.addResponse(iar2)

    self.ors = b.dbProxy.getResponses()
    self.oar1 = self.ors[iar1Name]
    self.oar2 = self.ors[iar2Name]

    self.assertEqual(iar1.name(),self.oar1.name())
    self.assertEqual(iar1.risk(),self.oar1.risk())
    self.assertEqual(iar1.responseType(),self.oar1.responseType())
    self.assertEqual(iar1.environmentProperties()[0].cost(),self.oar1.environmentProperties()[0].cost())
    self.assertEqual(iar1.environmentProperties()[0].description(),self.oar1.environmentProperties()[0].description())

    self.assertEqual(iar2.name(),self.oar2.name())
    self.assertEqual(iar2.risk(),self.oar2.risk())
    self.assertEqual(iar2.responseType(),self.oar2.responseType())

    rgp = cairis.core.GoalFactory.build(self.oar2)
    riskParameters = rgp[0]
    riskGoalId = b.dbProxy.addGoal(riskParameters)
    b.dbProxy.addTrace('response_goal',self.oar2.id(),riskGoalId)
    if (rgp > 1):
      threatParameters = rgp[1]
      vulnerabilityParameters = rgp[2]
      b.dbProxy.addGoal(vulnerabilityParameters)
      b.dbProxy.addGoal(threatParameters)
    b.dbProxy.relabelGoals(iaep2.name())

    oGoals = b.dbProxy.getGoals()
    print oGoals
    rg = oGoals['Deter' + self.oar2.risk()]
    vg = oGoals[vulnerabilityParameters.name()]
    tg = oGoals[threatParameters.name()]

    ogops = b.dbProxy.getGoalAssociations()
    ogop1 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + threatParameters.name() + '/or']
    ogop2 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' + vulnerabilityParameters.name() + '/or']

    b.dbProxy.deleteGoalAssociation(ogop1.id(),ogop1.goal(),ogop1.subGoal())
    b.dbProxy.deleteGoalAssociation(ogop2.id(),ogop2.goal(),ogop2.subGoal())
    b.dbProxy.deleteTrace('response',self.oar2.name(),'goal',rg.name())

    b.dbProxy.deleteGoal(tg.id())
    b.dbProxy.deleteGoal(vg.id())
    b.dbProxy.deleteGoal(rg.id())

    b.dbProxy.deleteResponse(self.oar2.id())
    b.dbProxy.deleteResponse(self.oar1.id())
  
  def tearDown(self):
    b = Borg()
    
    b.dbProxy.deleteRisk(self.r.id())
    b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id())
    b.dbProxy.deleteThreat(self.otps[self.itps.name()].id())
    b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id())
    b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id())
    b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id())
    b.dbProxy.deleteVulnerabilityType(0)
    b.dbProxy.deleteThreatType(0)
    b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id())
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id())
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id())
    b.dbProxy.deletePersona(self.opp[self.ipp.name()].id())
    b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id())
    b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id())
    b.dbProxy.close()
    call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
Пример #9
0
    def setUp(self):
        call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
        cairis.core.BorgFactory.initialise()
        f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json')
        d = json.load(f)
        f.close()
        self.ienvs = d['environments']
        self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],
                                          self.ienvs[0]["theShortCode"],
                                          self.ienvs[0]["theDescription"])
        b = Borg()
        b.dbProxy.addEnvironment(self.iep1)
        self.oenvs = b.dbProxy.getEnvironments()
        self.iRoles = d['roles']
        self.irp = RoleParameters(self.iRoles[0]["theName"],
                                  self.iRoles[0]["theType"],
                                  self.iRoles[0]["theShortCode"],
                                  self.iRoles[0]["theDescription"], [])
        b.dbProxy.addRole(self.irp)
        self.oRoles = b.dbProxy.getRoles()
        self.iPersonas = d['personas']
        self.ipp = PersonaParameters(
            self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"],
            self.iPersonas[0]["theAttitudes"],
            self.iPersonas[0]["theAptitudes"],
            self.iPersonas[0]["theMotivations"],
            self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"],
            self.iPersonas[0]["theContextual"], "", "0",
            self.iPersonas[0]["thePersonaType"], [], [
                PersonaEnvironmentProperties(
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theName"], (self.iPersonas[0]["theEnvironmentProperties"]
                                  [0]["theDirectFlag"] == "True"),
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theNarrative"], self.iPersonas[0]
                    ["theEnvironmentProperties"][0]["theRole"])
            ], [])
        b.dbProxy.addPersona(self.ipp)
        self.opp = b.dbProxy.getPersonas()
        self.iExternalDocuments = d['external_documents']
        self.iec1 = ExternalDocumentParameters(
            self.iExternalDocuments[0]["theName"],
            self.iExternalDocuments[0]["theVersion"],
            self.iExternalDocuments[0]["thePublicationDate"],
            self.iExternalDocuments[0]["theAuthors"],
            self.iExternalDocuments[0]["theDescription"])
        self.iec2 = ExternalDocumentParameters(
            self.iExternalDocuments[1]["theName"],
            self.iExternalDocuments[1]["theVersion"],
            self.iExternalDocuments[1]["thePublicationDate"],
            self.iExternalDocuments[1]["theAuthors"],
            self.iExternalDocuments[1]["theDescription"])
        b.dbProxy.addExternalDocument(self.iec1)
        b.dbProxy.addExternalDocument(self.iec2)
        self.oecs = b.dbProxy.getExternalDocuments()
        self.iDocumentReferences = d['document_references']
        self.idr1 = DocumentReferenceParameters(
            self.iDocumentReferences[0]["theName"],
            self.iDocumentReferences[0]["theDocName"],
            self.iDocumentReferences[0]["theContributor"],
            self.iDocumentReferences[0]["theExcerpt"])
        self.idr2 = DocumentReferenceParameters(
            self.iDocumentReferences[1]["theName"],
            self.iDocumentReferences[1]["theDocName"],
            self.iDocumentReferences[1]["theContributor"],
            self.iDocumentReferences[1]["theExcerpt"])
        b.dbProxy.addDocumentReference(self.idr1)
        b.dbProxy.addDocumentReference(self.idr2)
        self.odrs = b.dbProxy.getDocumentReferences()
        self.iPersonaCharacteristics = d['persona_characteristics']
        self.ipc1 = PersonaCharacteristicParameters(
            self.iPersonaCharacteristics[0]["thePersonaName"],
            self.iPersonaCharacteristics[0]["theModQual"],
            self.iPersonaCharacteristics[0]["theVariable"],
            self.iPersonaCharacteristics[0]["theCharacteristic"],
            [(self.iPersonaCharacteristics[0]["ground"], '', 'document')],
            [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [],
            [])
        b.dbProxy.addPersonaCharacteristic(self.ipc1)
        self.opcs = b.dbProxy.getPersonaCharacteristics()
        self.iAttackers = d['attackers']
        self.iatkeps = [
            AttackerEnvironmentProperties(
                self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],
                self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],
                self.iAttackers[0]["theEnvironmentProperties"][0]
                ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"]
                [0]["theCapabilities"])
        ]
        self.iatk = AttackerParameters(self.iAttackers[0]["theName"],
                                       self.iAttackers[0]["theDescription"],
                                       self.iAttackers[0]["theImage"], [],
                                       self.iatkeps)
        b.dbProxy.addAttacker(self.iatk)
        self.oAttackers = b.dbProxy.getAttackers()
        self.iVtypes = d['valuetypes']
        self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"],
                                        self.iVtypes[0]["theDescription"],
                                        self.iVtypes[0]["theType"])
        self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"],
                                        self.iVtypes[1]["theDescription"],
                                        self.iVtypes[1]["theType"])
        b.dbProxy.addValueType(self.ivt1)
        b.dbProxy.addValueType(self.ivt2)
        self.ovtt = b.dbProxy.getValueTypes('threat_type')
        self.ovtv = b.dbProxy.getValueTypes('vulnerability_type')
        self.iassets = d['assets']
        self.iaeps1 = [
            AssetEnvironmentProperties(
                self.iassets[0]["theEnvironmentProperties"][0][0],
                self.iassets[0]["theEnvironmentProperties"][0][1],
                self.iassets[0]["theEnvironmentProperties"][0][2])
        ]
        self.iaeps2 = [
            AssetEnvironmentProperties(
                self.iassets[1]["theEnvironmentProperties"][0][0],
                self.iassets[1]["theEnvironmentProperties"][0][1],
                self.iassets[1]["theEnvironmentProperties"][0][2])
        ]
        self.iaeps3 = [
            AssetEnvironmentProperties(
                self.iassets[2]["theEnvironmentProperties"][0][0],
                self.iassets[2]["theEnvironmentProperties"][0][1],
                self.iassets[2]["theEnvironmentProperties"][0][2])
        ]
        self.iap1 = AssetParameters(self.iassets[0]["theName"],
                                    self.iassets[0]["theShortCode"],
                                    self.iassets[0]["theDescription"],
                                    self.iassets[0]["theSignificance"],
                                    self.iassets[0]["theType"], "0", "N/A", [],
                                    [], self.iaeps1)
        self.iap2 = AssetParameters(self.iassets[1]["theName"],
                                    self.iassets[1]["theShortCode"],
                                    self.iassets[1]["theDescription"],
                                    self.iassets[1]["theSignificance"],
                                    self.iassets[1]["theType"], "0", "N/A", [],
                                    [], self.iaeps2)
        self.iap3 = AssetParameters(self.iassets[2]["theName"],
                                    self.iassets[2]["theShortCode"],
                                    self.iassets[2]["theDescription"],
                                    self.iassets[2]["theSignificance"],
                                    self.iassets[2]["theType"], "0", "N/A", [],
                                    [], self.iaeps3)
        b.dbProxy.addAsset(self.iap1)
        b.dbProxy.addAsset(self.iap2)
        b.dbProxy.addAsset(self.iap3)
        self.oap = b.dbProxy.getAssets()
        self.iThreats = d['threats']
        self.iteps = [
            ThreatEnvironmentProperties(
                self.iThreats[0]["theEnvironmentProperties"][0]["theName"],
                self.iThreats[0]["theEnvironmentProperties"][0]
                ["theLikelihood"],
                self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],
                self.iThreats[0]["theEnvironmentProperties"][0]
                ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"]
                [0]["theProperties"][0][1], self.iThreats[0]
                ["theEnvironmentProperties"][0]["theProperties"][0][1])
        ]
        self.itps = ThreatParameters(self.iThreats[0]["theName"],
                                     self.iThreats[0]["theType"],
                                     self.iThreats[0]["theMethod"], [],
                                     self.iteps)
        b.dbProxy.addThreat(self.itps)
        self.otps = b.dbProxy.getThreats()
        self.iVuln = d['vulnerabilities']
        self.iveps = [
            VulnerabilityEnvironmentProperties(
                self.iVuln[0]["theEnvironmentProperties"][0]["theName"],
                self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],
                self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])
        ]
        self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],
                                           self.iVuln[0]["theDescription"],
                                           self.iVuln[0]["theType"], [],
                                           self.iveps)
        b.dbProxy.addVulnerability(self.ivp)
        self.ovp = b.dbProxy.getVulnerabilities()
        self.imc = d['misuseCase']
        self.iRisks = d['risks']

        imcep = [
            MisuseCaseEnvironmentProperties(
                self.imc[0]["theEnvironmentProperties"][0]["theName"],
                self.imc[0]["theEnvironmentProperties"][0]["theDescription"])
        ]
        imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,
                          self.imc[0]["theRisk"])
        irp = RiskParameters(self.iRisks[0]["theName"],
                             self.iRisks[0]["threatName"],
                             self.iRisks[0]["vulName"], imcp, [])
        b.dbProxy.addRisk(irp)
        oRisks = b.dbProxy.getRisks()
        self.r = oRisks[self.iRisks[0]["theName"]]
        self.iResponses = d['responses']
Пример #10
0
class ResponseTest(unittest.TestCase):
    def setUp(self):
        call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
        cairis.core.BorgFactory.initialise()
        f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json')
        d = json.load(f)
        f.close()
        self.ienvs = d['environments']
        self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],
                                          self.ienvs[0]["theShortCode"],
                                          self.ienvs[0]["theDescription"])
        b = Borg()
        b.dbProxy.addEnvironment(self.iep1)
        self.oenvs = b.dbProxy.getEnvironments()
        self.iRoles = d['roles']
        self.irp = RoleParameters(self.iRoles[0]["theName"],
                                  self.iRoles[0]["theType"],
                                  self.iRoles[0]["theShortCode"],
                                  self.iRoles[0]["theDescription"], [])
        b.dbProxy.addRole(self.irp)
        self.oRoles = b.dbProxy.getRoles()
        self.iPersonas = d['personas']
        self.ipp = PersonaParameters(
            self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"],
            self.iPersonas[0]["theAttitudes"],
            self.iPersonas[0]["theAptitudes"],
            self.iPersonas[0]["theMotivations"],
            self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"],
            self.iPersonas[0]["theContextual"], "", "0",
            self.iPersonas[0]["thePersonaType"], [], [
                PersonaEnvironmentProperties(
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theName"], (self.iPersonas[0]["theEnvironmentProperties"]
                                  [0]["theDirectFlag"] == "True"),
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theNarrative"], self.iPersonas[0]
                    ["theEnvironmentProperties"][0]["theRole"])
            ], [])
        b.dbProxy.addPersona(self.ipp)
        self.opp = b.dbProxy.getPersonas()
        self.iExternalDocuments = d['external_documents']
        self.iec1 = ExternalDocumentParameters(
            self.iExternalDocuments[0]["theName"],
            self.iExternalDocuments[0]["theVersion"],
            self.iExternalDocuments[0]["thePublicationDate"],
            self.iExternalDocuments[0]["theAuthors"],
            self.iExternalDocuments[0]["theDescription"])
        self.iec2 = ExternalDocumentParameters(
            self.iExternalDocuments[1]["theName"],
            self.iExternalDocuments[1]["theVersion"],
            self.iExternalDocuments[1]["thePublicationDate"],
            self.iExternalDocuments[1]["theAuthors"],
            self.iExternalDocuments[1]["theDescription"])
        b.dbProxy.addExternalDocument(self.iec1)
        b.dbProxy.addExternalDocument(self.iec2)
        self.oecs = b.dbProxy.getExternalDocuments()
        self.iDocumentReferences = d['document_references']
        self.idr1 = DocumentReferenceParameters(
            self.iDocumentReferences[0]["theName"],
            self.iDocumentReferences[0]["theDocName"],
            self.iDocumentReferences[0]["theContributor"],
            self.iDocumentReferences[0]["theExcerpt"])
        self.idr2 = DocumentReferenceParameters(
            self.iDocumentReferences[1]["theName"],
            self.iDocumentReferences[1]["theDocName"],
            self.iDocumentReferences[1]["theContributor"],
            self.iDocumentReferences[1]["theExcerpt"])
        b.dbProxy.addDocumentReference(self.idr1)
        b.dbProxy.addDocumentReference(self.idr2)
        self.odrs = b.dbProxy.getDocumentReferences()
        self.iPersonaCharacteristics = d['persona_characteristics']
        self.ipc1 = PersonaCharacteristicParameters(
            self.iPersonaCharacteristics[0]["thePersonaName"],
            self.iPersonaCharacteristics[0]["theModQual"],
            self.iPersonaCharacteristics[0]["theVariable"],
            self.iPersonaCharacteristics[0]["theCharacteristic"],
            [(self.iPersonaCharacteristics[0]["ground"], '', 'document')],
            [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [],
            [])
        b.dbProxy.addPersonaCharacteristic(self.ipc1)
        self.opcs = b.dbProxy.getPersonaCharacteristics()
        self.iAttackers = d['attackers']
        self.iatkeps = [
            AttackerEnvironmentProperties(
                self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],
                self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],
                self.iAttackers[0]["theEnvironmentProperties"][0]
                ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"]
                [0]["theCapabilities"])
        ]
        self.iatk = AttackerParameters(self.iAttackers[0]["theName"],
                                       self.iAttackers[0]["theDescription"],
                                       self.iAttackers[0]["theImage"], [],
                                       self.iatkeps)
        b.dbProxy.addAttacker(self.iatk)
        self.oAttackers = b.dbProxy.getAttackers()
        self.iVtypes = d['valuetypes']
        self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"],
                                        self.iVtypes[0]["theDescription"],
                                        self.iVtypes[0]["theType"])
        self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"],
                                        self.iVtypes[1]["theDescription"],
                                        self.iVtypes[1]["theType"])
        b.dbProxy.addValueType(self.ivt1)
        b.dbProxy.addValueType(self.ivt2)
        self.ovtt = b.dbProxy.getValueTypes('threat_type')
        self.ovtv = b.dbProxy.getValueTypes('vulnerability_type')
        self.iassets = d['assets']
        self.iaeps1 = [
            AssetEnvironmentProperties(
                self.iassets[0]["theEnvironmentProperties"][0][0],
                self.iassets[0]["theEnvironmentProperties"][0][1],
                self.iassets[0]["theEnvironmentProperties"][0][2])
        ]
        self.iaeps2 = [
            AssetEnvironmentProperties(
                self.iassets[1]["theEnvironmentProperties"][0][0],
                self.iassets[1]["theEnvironmentProperties"][0][1],
                self.iassets[1]["theEnvironmentProperties"][0][2])
        ]
        self.iaeps3 = [
            AssetEnvironmentProperties(
                self.iassets[2]["theEnvironmentProperties"][0][0],
                self.iassets[2]["theEnvironmentProperties"][0][1],
                self.iassets[2]["theEnvironmentProperties"][0][2])
        ]
        self.iap1 = AssetParameters(self.iassets[0]["theName"],
                                    self.iassets[0]["theShortCode"],
                                    self.iassets[0]["theDescription"],
                                    self.iassets[0]["theSignificance"],
                                    self.iassets[0]["theType"], "0", "N/A", [],
                                    [], self.iaeps1)
        self.iap2 = AssetParameters(self.iassets[1]["theName"],
                                    self.iassets[1]["theShortCode"],
                                    self.iassets[1]["theDescription"],
                                    self.iassets[1]["theSignificance"],
                                    self.iassets[1]["theType"], "0", "N/A", [],
                                    [], self.iaeps2)
        self.iap3 = AssetParameters(self.iassets[2]["theName"],
                                    self.iassets[2]["theShortCode"],
                                    self.iassets[2]["theDescription"],
                                    self.iassets[2]["theSignificance"],
                                    self.iassets[2]["theType"], "0", "N/A", [],
                                    [], self.iaeps3)
        b.dbProxy.addAsset(self.iap1)
        b.dbProxy.addAsset(self.iap2)
        b.dbProxy.addAsset(self.iap3)
        self.oap = b.dbProxy.getAssets()
        self.iThreats = d['threats']
        self.iteps = [
            ThreatEnvironmentProperties(
                self.iThreats[0]["theEnvironmentProperties"][0]["theName"],
                self.iThreats[0]["theEnvironmentProperties"][0]
                ["theLikelihood"],
                self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],
                self.iThreats[0]["theEnvironmentProperties"][0]
                ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"]
                [0]["theProperties"][0][1], self.iThreats[0]
                ["theEnvironmentProperties"][0]["theProperties"][0][1])
        ]
        self.itps = ThreatParameters(self.iThreats[0]["theName"],
                                     self.iThreats[0]["theType"],
                                     self.iThreats[0]["theMethod"], [],
                                     self.iteps)
        b.dbProxy.addThreat(self.itps)
        self.otps = b.dbProxy.getThreats()
        self.iVuln = d['vulnerabilities']
        self.iveps = [
            VulnerabilityEnvironmentProperties(
                self.iVuln[0]["theEnvironmentProperties"][0]["theName"],
                self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],
                self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])
        ]
        self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],
                                           self.iVuln[0]["theDescription"],
                                           self.iVuln[0]["theType"], [],
                                           self.iveps)
        b.dbProxy.addVulnerability(self.ivp)
        self.ovp = b.dbProxy.getVulnerabilities()
        self.imc = d['misuseCase']
        self.iRisks = d['risks']

        imcep = [
            MisuseCaseEnvironmentProperties(
                self.imc[0]["theEnvironmentProperties"][0]["theName"],
                self.imc[0]["theEnvironmentProperties"][0]["theDescription"])
        ]
        imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,
                          self.imc[0]["theRisk"])
        irp = RiskParameters(self.iRisks[0]["theName"],
                             self.iRisks[0]["threatName"],
                             self.iRisks[0]["vulName"], imcp, [])
        b.dbProxy.addRisk(irp)
        oRisks = b.dbProxy.getRisks()
        self.r = oRisks[self.iRisks[0]["theName"]]
        self.iResponses = d['responses']

    def testResponse(self):
        iar1Name = self.iResponses[0]["theType"] + " " + self.iResponses[0][
            "theRisk"]
        iaep1 = AcceptEnvironmentProperties(
            self.iResponses[0]["theEnvironmentProperties"][0],
            self.iResponses[0]["theEnvironmentProperties"][1],
            self.iResponses[0]["theEnvironmentProperties"][2])
        iar1 = ResponseParameters(iar1Name, self.iResponses[0]["theRisk"], [],
                                  [iaep1], self.iResponses[0]["theType"])

        iar2Name = self.iResponses[1]["theType"] + " " + self.iResponses[1][
            "theRisk"]
        iaep2 = MitigateEnvironmentProperties(
            self.iResponses[1]["theEnvironmentProperties"],
            self.iResponses[1]["theType"])
        iar2 = ResponseParameters(iar2Name, self.iResponses[1]["theRisk"], [],
                                  [iaep2], self.iResponses[1]["theType"])

        b = Borg()
        b.dbProxy.addResponse(iar1)
        b.dbProxy.addResponse(iar2)

        self.ors = b.dbProxy.getResponses()
        self.oar1 = self.ors[iar1Name]
        self.oar2 = self.ors[iar2Name]

        self.assertEqual(iar1.name(), self.oar1.name())
        self.assertEqual(iar1.risk(), self.oar1.risk())
        self.assertEqual(iar1.responseType(), self.oar1.responseType())
        self.assertEqual(iar1.environmentProperties()[0].cost(),
                         self.oar1.environmentProperties()[0].cost())
        self.assertEqual(iar1.environmentProperties()[0].description(),
                         self.oar1.environmentProperties()[0].description())

        self.assertEqual(iar2.name(), self.oar2.name())
        self.assertEqual(iar2.risk(), self.oar2.risk())
        self.assertEqual(iar2.responseType(), self.oar2.responseType())

        rgp = cairis.core.GoalFactory.build(self.oar2)
        riskParameters = rgp[0]
        riskGoalId = b.dbProxy.addGoal(riskParameters)
        b.dbProxy.addTrace('response_goal', self.oar2.id(), riskGoalId)
        if (rgp > 1):
            threatParameters = rgp[1]
            vulnerabilityParameters = rgp[2]
            b.dbProxy.addGoal(vulnerabilityParameters)
            b.dbProxy.addGoal(threatParameters)
        b.dbProxy.relabelGoals(iaep2.name())

        oGoals = b.dbProxy.getGoals()
        print oGoals
        rg = oGoals['Deter' + self.oar2.risk()]
        vg = oGoals[vulnerabilityParameters.name()]
        tg = oGoals[threatParameters.name()]

        ogops = b.dbProxy.getGoalAssociations()
        ogop1 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' +
                      threatParameters.name() + '/or']
        ogop2 = ogops[iaep2.name() + '/' + riskParameters.name() + '/' +
                      vulnerabilityParameters.name() + '/or']

        b.dbProxy.deleteGoalAssociation(ogop1.id(), ogop1.goal(),
                                        ogop1.subGoal())
        b.dbProxy.deleteGoalAssociation(ogop2.id(), ogop2.goal(),
                                        ogop2.subGoal())
        b.dbProxy.deleteTrace('response', self.oar2.name(), 'goal', rg.name())

        b.dbProxy.deleteGoal(tg.id())
        b.dbProxy.deleteGoal(vg.id())
        b.dbProxy.deleteGoal(rg.id())

        b.dbProxy.deleteResponse(self.oar2.id())
        b.dbProxy.deleteResponse(self.oar1.id())

    def tearDown(self):
        b = Borg()

        b.dbProxy.deleteRisk(self.r.id())
        b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id())
        b.dbProxy.deleteThreat(self.otps[self.itps.name()].id())
        b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id())
        b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id())
        b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id())
        b.dbProxy.deleteVulnerabilityType(0)
        b.dbProxy.deleteThreatType(0)
        b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id())
        b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id())
        b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id())
        b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id())
        b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id())
        b.dbProxy.deletePersona(self.opp[self.ipp.name()].id())
        b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id())
        b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id())
        b.dbProxy.close()
        call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
Пример #11
0
 def parameters(self):
   parameters = DocumentReferenceParameters(self.theName,self.theDocument,self.theContributor,self.theExcerpt)
   parameters.setId(self.theId)
   return parameters
Пример #12
0
    def testPersona(self):
        ipp = PersonaParameters(
            self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"],
            self.iPersonas[0]["theAttitudes"],
            self.iPersonas[0]["theAptitudes"],
            self.iPersonas[0]["theMotivations"],
            self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"],
            self.iPersonas[0]["theContextual"], "", "0",
            self.iPersonas[0]["thePersonaType"], [], [
                PersonaEnvironmentProperties(
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theName"], (self.iPersonas[0]["theEnvironmentProperties"]
                                  [0]["theDirectFlag"] == "True"),
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theNarrative"], self.iPersonas[0]
                    ["theEnvironmentProperties"][0]["theRole"])
            ], [])
        b = Borg()
        b.dbProxy.addPersona(ipp)

        thePersonas = b.dbProxy.getPersonas()
        op = thePersonas[self.iPersonas[0]["theName"]]
        self.assertEqual(ipp.name(), op.name())
        self.assertEqual(ipp.activities(), op.activities())
        self.assertEqual(ipp.attitudes(), op.attitudes())
        self.assertEqual(ipp.aptitudes(), op.aptitudes())
        self.assertEqual(ipp.motivations(), op.motivations())
        self.assertEqual(ipp.skills(), op.skills())
        self.assertEqual(ipp.intrinsic(), op.intrinsic())
        self.assertEqual(ipp.contextual(), op.contextual())

        self.assertEqual(
            self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"],
            op.environmentProperties()[0].directFlag())
        self.assertEqual(
            self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],
            op.environmentProperties()[0].narrative())
        self.assertEqual(
            self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"],
            op.environmentProperties()[0].roles())

        iec1 = ExternalDocumentParameters(
            self.iExternalDocuments[0]["theName"],
            self.iExternalDocuments[0]["theVersion"],
            self.iExternalDocuments[0]["thePublicationDate"],
            self.iExternalDocuments[0]["theAuthors"],
            self.iExternalDocuments[0]["theDescription"])
        iec2 = ExternalDocumentParameters(
            self.iExternalDocuments[1]["theName"],
            self.iExternalDocuments[1]["theVersion"],
            self.iExternalDocuments[1]["thePublicationDate"],
            self.iExternalDocuments[1]["theAuthors"],
            self.iExternalDocuments[1]["theDescription"])
        b.dbProxy.addExternalDocument(iec1)
        b.dbProxy.addExternalDocument(iec2)
        oecs = b.dbProxy.getExternalDocuments()
        oec1 = oecs[self.iExternalDocuments[0]["theName"]]
        oec2 = oecs[self.iExternalDocuments[1]["theName"]]

        self.assertEqual(self.iExternalDocuments[0]["theName"], oec1.name())
        self.assertEqual(self.iExternalDocuments[0]["theVersion"],
                         oec1.version())
        self.assertEqual(self.iExternalDocuments[0]["thePublicationDate"],
                         oec1.date())
        self.assertEqual(self.iExternalDocuments[0]["theAuthors"],
                         oec1.authors())
        self.assertEqual(self.iExternalDocuments[0]["theDescription"],
                         oec1.description())
        self.assertEqual(self.iExternalDocuments[1]["theName"], oec2.name())
        self.assertEqual(self.iExternalDocuments[1]["theVersion"],
                         oec2.version())
        self.assertEqual(self.iExternalDocuments[1]["thePublicationDate"],
                         oec2.date())
        self.assertEqual(self.iExternalDocuments[1]["theAuthors"],
                         oec2.authors())
        self.assertEqual(self.iExternalDocuments[1]["theDescription"],
                         oec2.description())

        idr1 = DocumentReferenceParameters(
            self.iDocumentReferences[0]["theName"],
            self.iDocumentReferences[0]["theDocName"],
            self.iDocumentReferences[0]["theContributor"],
            self.iDocumentReferences[0]["theExcerpt"])
        idr2 = DocumentReferenceParameters(
            self.iDocumentReferences[1]["theName"],
            self.iDocumentReferences[1]["theDocName"],
            self.iDocumentReferences[1]["theContributor"],
            self.iDocumentReferences[1]["theExcerpt"])
        idr3 = DocumentReferenceParameters(
            self.iDocumentReferences[2]["theName"],
            self.iDocumentReferences[2]["theDocName"],
            self.iDocumentReferences[2]["theContributor"],
            self.iDocumentReferences[2]["theExcerpt"])

        b.dbProxy.addDocumentReference(idr1)
        b.dbProxy.addDocumentReference(idr2)
        b.dbProxy.addDocumentReference(idr3)

        odrs = b.dbProxy.getDocumentReferences()
        odr1 = odrs[self.iDocumentReferences[0]["theName"]]
        odr2 = odrs[self.iDocumentReferences[1]["theName"]]
        odr3 = odrs[self.iDocumentReferences[2]["theName"]]

        self.assertEqual(self.iDocumentReferences[0]["theName"], odr1.name())
        self.assertEqual(self.iDocumentReferences[0]["theDocName"],
                         odr1.document())
        self.assertEqual(self.iDocumentReferences[0]["theContributor"],
                         odr1.contributor())
        self.assertEqual(self.iDocumentReferences[0]["theExcerpt"],
                         odr1.excerpt())
        self.assertEqual(self.iDocumentReferences[1]["theName"], odr2.name())
        self.assertEqual(self.iDocumentReferences[1]["theDocName"],
                         odr2.document())
        self.assertEqual(self.iDocumentReferences[1]["theContributor"],
                         odr2.contributor())
        self.assertEqual(self.iDocumentReferences[1]["theExcerpt"],
                         odr2.excerpt())
        self.assertEqual(self.iDocumentReferences[2]["theName"], odr3.name())
        self.assertEqual(self.iDocumentReferences[2]["theDocName"],
                         odr3.document())
        self.assertEqual(self.iDocumentReferences[2]["theContributor"],
                         odr3.contributor())
        self.assertEqual(self.iDocumentReferences[2]["theExcerpt"],
                         odr3.excerpt())

        ipc1 = PersonaCharacteristicParameters(
            self.iPersonaCharacteristics[0]["thePersonaName"],
            self.iPersonaCharacteristics[0]["theModQual"],
            self.iPersonaCharacteristics[0]["theVariable"],
            self.iPersonaCharacteristics[0]["theCharacteristic"],
            [(self.iPersonaCharacteristics[0]["ground"], '', 'document')],
            [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [],
            [(self.iPersonaCharacteristics[0]["rebuttal"], '', 'document')])

        b.dbProxy.addPersonaCharacteristic(ipc1)
        opcs = b.dbProxy.getPersonaCharacteristics()
        opc1 = opcs[self.iPersonaCharacteristics[0]["thePersonaName"] + '/' +
                    self.iPersonaCharacteristics[0]["theVariable"] + '/' +
                    self.iPersonaCharacteristics[0]["theCharacteristic"]]

        self.assertEqual(self.iPersonaCharacteristics[0]["thePersonaName"],
                         opc1.persona())
        self.assertEqual(self.iPersonaCharacteristics[0]["theModQual"],
                         opc1.qualifier())
        self.assertEqual(self.iPersonaCharacteristics[0]["theVariable"],
                         opc1.behaviouralVariable())
        self.assertEqual(self.iPersonaCharacteristics[0]["theCharacteristic"],
                         opc1.characteristic())
        self.assertEqual(self.iPersonaCharacteristics[0]["ground"],
                         opc1.grounds()[0][0])
        self.assertEqual(self.iPersonaCharacteristics[0]["warrant"],
                         opc1.warrant()[0][0])
        self.assertEqual(self.iPersonaCharacteristics[0]["rebuttal"],
                         opc1.rebuttal()[0][0])

        b.dbProxy.deletePersonaCharacteristic(opc1.id())

        b.dbProxy.deleteDocumentReference(odr1.id())
        b.dbProxy.deleteDocumentReference(odr2.id())
        b.dbProxy.deleteDocumentReference(odr3.id())

        b.dbProxy.deleteExternalDocument(oec1.id())
        b.dbProxy.deleteExternalDocument(oec2.id())
        b.dbProxy.deletePersona(op.id())
Пример #13
0
class RiskTest(unittest.TestCase):
    def setUp(self):
        call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
        cairis.core.BorgFactory.initialise()
        f = open(os.environ['CAIRIS_SRC'] + '/test/risks.json')
        d = json.load(f)
        f.close()
        self.ienvs = d['environments']
        self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],
                                          self.ienvs[0]["theShortCode"],
                                          self.ienvs[0]["theDescription"])
        b = Borg()
        b.dbProxy.addEnvironment(self.iep1)
        self.oenvs = b.dbProxy.getEnvironments()
        self.iRoles = d['roles']
        self.irp = RoleParameters(self.iRoles[0]["theName"],
                                  self.iRoles[0]["theType"],
                                  self.iRoles[0]["theShortCode"],
                                  self.iRoles[0]["theDescription"], [])
        b.dbProxy.addRole(self.irp)
        self.oRoles = b.dbProxy.getRoles()
        self.iPersonas = d['personas']
        self.ipp = PersonaParameters(
            self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"],
            self.iPersonas[0]["theAttitudes"],
            self.iPersonas[0]["theAptitudes"],
            self.iPersonas[0]["theMotivations"],
            self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"],
            self.iPersonas[0]["theContextual"], "", "0",
            self.iPersonas[0]["thePersonaType"], [], [
                PersonaEnvironmentProperties(
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theName"], (self.iPersonas[0]["theEnvironmentProperties"]
                                  [0]["theDirectFlag"] == "True"),
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theNarrative"], self.iPersonas[0]
                    ["theEnvironmentProperties"][0]["theRole"])
            ], [])
        b.dbProxy.addPersona(self.ipp)
        self.opp = b.dbProxy.getPersonas()
        self.iExternalDocuments = d['external_documents']
        self.iec1 = ExternalDocumentParameters(
            self.iExternalDocuments[0]["theName"],
            self.iExternalDocuments[0]["theVersion"],
            self.iExternalDocuments[0]["thePublicationDate"],
            self.iExternalDocuments[0]["theAuthors"],
            self.iExternalDocuments[0]["theDescription"])
        self.iec2 = ExternalDocumentParameters(
            self.iExternalDocuments[1]["theName"],
            self.iExternalDocuments[1]["theVersion"],
            self.iExternalDocuments[1]["thePublicationDate"],
            self.iExternalDocuments[1]["theAuthors"],
            self.iExternalDocuments[1]["theDescription"])
        b.dbProxy.addExternalDocument(self.iec1)
        b.dbProxy.addExternalDocument(self.iec2)
        self.oecs = b.dbProxy.getExternalDocuments()
        self.iDocumentReferences = d['document_references']
        self.idr1 = DocumentReferenceParameters(
            self.iDocumentReferences[0]["theName"],
            self.iDocumentReferences[0]["theDocName"],
            self.iDocumentReferences[0]["theContributor"],
            self.iDocumentReferences[0]["theExcerpt"])
        self.idr2 = DocumentReferenceParameters(
            self.iDocumentReferences[1]["theName"],
            self.iDocumentReferences[1]["theDocName"],
            self.iDocumentReferences[1]["theContributor"],
            self.iDocumentReferences[1]["theExcerpt"])
        b.dbProxy.addDocumentReference(self.idr1)
        b.dbProxy.addDocumentReference(self.idr2)
        self.odrs = b.dbProxy.getDocumentReferences()
        self.iPersonaCharacteristics = d['persona_characteristics']
        self.ipc1 = PersonaCharacteristicParameters(
            self.iPersonaCharacteristics[0]["thePersonaName"],
            self.iPersonaCharacteristics[0]["theModQual"],
            self.iPersonaCharacteristics[0]["theVariable"],
            self.iPersonaCharacteristics[0]["theCharacteristic"],
            [(self.iPersonaCharacteristics[0]["ground"], '', 'document')],
            [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [],
            [])
        b.dbProxy.addPersonaCharacteristic(self.ipc1)
        self.opcs = b.dbProxy.getPersonaCharacteristics()
        self.iAttackers = d['attackers']
        self.iatkeps = [
            AttackerEnvironmentProperties(
                self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],
                self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],
                self.iAttackers[0]["theEnvironmentProperties"][0]
                ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"]
                [0]["theCapabilities"])
        ]
        self.iatk = AttackerParameters(self.iAttackers[0]["theName"],
                                       self.iAttackers[0]["theDescription"],
                                       self.iAttackers[0]["theImage"], [],
                                       self.iatkeps)
        b.dbProxy.addAttacker(self.iatk)
        self.oAttackers = b.dbProxy.getAttackers()
        self.iVtypes = d['valuetypes']
        self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"],
                                        self.iVtypes[0]["theDescription"],
                                        self.iVtypes[0]["theType"])
        self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"],
                                        self.iVtypes[1]["theDescription"],
                                        self.iVtypes[1]["theType"])
        b.dbProxy.addValueType(self.ivt1)
        b.dbProxy.addValueType(self.ivt2)
        self.ovtt = b.dbProxy.getValueTypes('threat_type')
        self.ovtv = b.dbProxy.getValueTypes('vulnerability_type')
        self.iassets = d['assets']
        self.iaeps1 = [
            AssetEnvironmentProperties(
                self.iassets[0]["theEnvironmentProperties"][0][0],
                self.iassets[0]["theEnvironmentProperties"][0][1],
                self.iassets[0]["theEnvironmentProperties"][0][2])
        ]
        self.iap1 = AssetParameters(self.iassets[0]["theName"],
                                    self.iassets[0]["theShortCode"],
                                    self.iassets[0]["theDescription"],
                                    self.iassets[0]["theSignificance"],
                                    self.iassets[0]["theType"], "0", "N/A", [],
                                    [], self.iaeps1)
        self.iap2 = AssetParameters(self.iassets[1]["theName"],
                                    self.iassets[1]["theShortCode"],
                                    self.iassets[1]["theDescription"],
                                    self.iassets[1]["theSignificance"],
                                    self.iassets[1]["theType"], "0", "N/A", [],
                                    [], self.iaeps1)
        self.iap3 = AssetParameters(self.iassets[2]["theName"],
                                    self.iassets[2]["theShortCode"],
                                    self.iassets[2]["theDescription"],
                                    self.iassets[2]["theSignificance"],
                                    self.iassets[2]["theType"], "0", "N/A", [],
                                    [], self.iaeps1)
        b.dbProxy.addAsset(self.iap1)
        b.dbProxy.addAsset(self.iap2)
        b.dbProxy.addAsset(self.iap3)
        self.oap = b.dbProxy.getAssets()
        self.iThreats = d['threats']
        self.iteps = [
            ThreatEnvironmentProperties(
                self.iThreats[0]["theEnvironmentProperties"][0]["theName"],
                self.iThreats[0]["theEnvironmentProperties"][0]
                ["theLikelihood"],
                self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],
                self.iThreats[0]["theEnvironmentProperties"][0]
                ["theAttackers"], self.iThreats[0]["theEnvironmentProperties"]
                [0]["theProperties"][0][1], self.iThreats[0]
                ["theEnvironmentProperties"][0]["theProperties"][0][1])
        ]
        self.itps = ThreatParameters(self.iThreats[0]["theName"],
                                     self.iThreats[0]["theType"],
                                     self.iThreats[0]["theMethod"], [],
                                     self.iteps)
        b.dbProxy.addThreat(self.itps)
        self.otps = b.dbProxy.getThreats()
        self.iVuln = d['vulnerabilities']
        self.iveps = [
            VulnerabilityEnvironmentProperties(
                self.iVuln[0]["theEnvironmentProperties"][0]["theName"],
                self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],
                self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])
        ]
        self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],
                                           self.iVuln[0]["theDescription"],
                                           self.iVuln[0]["theType"], [],
                                           self.iveps)
        b.dbProxy.addVulnerability(self.ivp)
        self.ovp = b.dbProxy.getVulnerabilities()
        self.imc = d['misuseCase']
        self.iRisks = d['risks']

    def testRisk(self):
        imcep = [
            MisuseCaseEnvironmentProperties(
                self.imc[0]["theEnvironmentProperties"][0]["theName"],
                self.imc[0]["theEnvironmentProperties"][0]["theDescription"])
        ]
        imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,
                          self.imc[0]["theRisk"])
        irp = RiskParameters(self.iRisks[0]["theName"],
                             self.iRisks[0]["threatName"],
                             self.iRisks[0]["vulName"], imcp, [])
        b = Borg()
        b.dbProxy.addRisk(irp)
        oRisks = b.dbProxy.getRisks()
        o = oRisks[self.iRisks[0]["theName"]]
        self.assertEqual(irp.name(), o.name())
        self.assertEqual(irp.threat(), o.threat())
        self.assertEqual(irp.vulnerability(), o.vulnerability())

        #    scoreDetails = b.dbProxy.riskScore(self.iRisks[0]["threatName"],self.iRisks[0]["vulName"],self.iaeps1[0].name())
        #    preScore = scoreDetails[0][1]
        #    postScore = scoreDetails[0][2]
        #    self.assertEqual(preScore,9)
        #    self.assertEqual(postScore,9)

        imcp.theName = 'Updated risk'
        imcp.theId = o.misuseCase().id()
        irp.theRiskName = 'Updated risk'
        irp.theMisuseCase = imcp

        irp.setId(o.id())
        b.dbProxy.updateRisk(irp)
        oRisks = b.dbProxy.getRisks()
        o = oRisks['Updated risk']
        self.assertEqual(o.name(), 'Updated risk')
        self.assertEqual(irp.threat(), o.threat())
        self.assertEqual(irp.vulnerability(), o.vulnerability())

        b.dbProxy.deleteRisk(o.id())

    def tearDown(self):
        b = Borg()

        b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id())
        b.dbProxy.deleteThreat(self.otps[self.itps.name()].id())
        b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id())
        b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id())
        b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id())
        b.dbProxy.deleteVulnerabilityType(0)
        b.dbProxy.deleteThreatType(0)
        b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id())
        b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id())
        b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id())
        b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id())
        b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id())
        b.dbProxy.deletePersona(self.opp[self.ipp.name()].id())
        b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id())
        b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id())
        b.dbProxy.close()
        call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
Пример #14
0
 def endElement(self, name):
     if name == 'persona':
         p = PersonaParameters(self.theName, self.theActivities,
                               self.theAttitudes, self.theAptitudes,
                               self.theMotivations, self.theSkills,
                               self.theIntrinsic, self.theContextual,
                               self.theImage, self.isAssumptionPersona,
                               self.theType, self.theTags,
                               self.theEnvironmentProperties, {})
         self.thePersonas.append(p)
         self.resetPersonaAttributes()
     elif name == 'persona_environment':
         p = PersonaEnvironmentProperties(self.theEnvironmentName,
                                          self.isDirect, self.theNarrative,
                                          self.theRoles, {'narrative': {}})
         self.theEnvironmentProperties.append(p)
         self.resetPersonaEnvironmentAttributes()
     elif name == 'external_document':
         p = ExternalDocumentParameters(self.theName, self.theVersion,
                                        self.theDate, self.theAuthors,
                                        self.theDescription)
         self.theExternalDocuments.append(p)
         self.resetExternalDocumentAttributes()
     elif name == 'document_reference':
         p = DocumentReferenceParameters(self.theName, self.theDocument,
                                         self.theContributor,
                                         self.theExcerpt)
         self.theDocumentReferences.append(p)
         self.resetDocumentReferenceAttributes()
     elif name == 'concept_reference':
         p = ConceptReferenceParameters(self.theName, self.theConcept,
                                        self.theObject, self.theDescription)
         self.theConceptReferences.append(p)
         self.resetConceptReferenceAttributes()
     elif name == 'persona_characteristic':
         p = PersonaCharacteristicParameters(
             self.thePersona, self.theModalQualifier, self.theBvName,
             self.theDefinition, self.theGrounds, self.theWarrants, [],
             self.theRebuttals)
         self.thePersonaCharacteristics.append(p)
         self.resetPersonaCharacteristicAttributes()
     elif name == 'task_characteristic':
         p = TaskCharacteristicParameters(self.theTask,
                                          self.theModalQualifier,
                                          self.theDefinition,
                                          self.theGrounds, self.theWarrants,
                                          [], self.theRebuttals)
         self.theTaskCharacteristics.append(p)
         self.resetTaskCharacteristicAttributes()
     elif name == 'task':
         p = TaskParameters(self.theName, self.theCode, self.theObjective,
                            self.isAssumptionTask, self.theAuthor,
                            self.theTags, self.theEnvironmentProperties)
         self.theTasks.append(p)
         self.resetTaskAttributes()
     elif name == 'task_environment':
         p = TaskEnvironmentProperties(
             self.theEnvironmentName, self.theDependencies,
             self.theTaskPersonas, self.theConcerns,
             self.theConcernAssociations, self.theNarrative,
             self.theConsequences, self.theBenefits, {
                 'narrative': {},
                 'consequences': {},
                 'benefits': {}
             })
         self.theEnvironmentProperties.append(p)
         self.resetTaskEnvironmentAttributes()
     elif name == 'exception':
         self.theCurrentStep.addException(
             (self.theExcName, self.theExcType, self.theExcValue,
              self.theExcCat, self.theDefinition))
     elif name == 'step':
         self.theCurrentStep.setTags(self.theTags)
         self.theSteps.append(self.theCurrentStep)
         self.theCurrentStep = None
     elif name == 'usecase_environment':
         p = UseCaseEnvironmentProperties(self.theEnvironmentName,
                                          self.thePreconditions,
                                          self.theSteps,
                                          self.thePostconditions)
         self.theEnvironmentProperties.append(p)
         self.resetUseCaseEnvironmentAttributes()
     elif name == 'usecase':
         p = UseCaseParameters(self.theName, self.theAuthor, self.theCode,
                               self.theActors, self.theDescription,
                               self.theTags, self.theEnvironmentProperties)
         self.theUseCases.append(p)
         self.resetUseCaseAttributes()
     elif name == 'activities':
         self.inActivities = 0
     elif name == 'attitudes':
         self.inAttitudes = 0
     elif name == 'aptitudes':
         self.inAptitudes = 0
     elif name == 'motivations':
         self.inMotivations = 0
     elif name == 'skills':
         self.inSkills = 0
     elif name == 'intrinsic':
         self.inIntrinsic = 0
     elif name == 'contextual':
         self.inContextual = 0
     elif name == 'narrative':
         self.inNarrative = 0
     elif name == 'excerpt':
         self.inExcerpt = 0
     elif name == 'description':
         self.inDescription = 0
     elif name == 'definition':
         self.inDefinition = 0
     elif name == 'dependencies':
         self.inDependencies = 0
     elif name == 'objective':
         self.inObjective = 0
     elif name == 'preconditions':
         self.inPreconditions = 0
     elif name == 'postconditions':
         self.inPostconditions = 0
     elif name == 'benefits':
         self.inBenefits = 0
     elif name == 'consequences':
         self.inConsequences = 0
Пример #15
0
  def setUp(self):
    call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
    cairis.core.BorgFactory.initialise()
    f = open(os.environ['CAIRIS_SRC'] + '/test/responses.json')
    d = json.load(f)
    f.close()
    self.ienvs = d['environments']
    self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"])
    b = Borg()
    b.dbProxy.addEnvironment(self.iep1)
    self.oenvs = b.dbProxy.getEnvironments()
    self.iRoles = d['roles']
    self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[])
    b.dbProxy.addRole(self.irp)
    self.oRoles = b.dbProxy.getRoles()
    self.iPersonas = d['personas']
    self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[])
    b.dbProxy.addPersona(self.ipp)
    self.opp = b.dbProxy.getPersonas()
    self.iExternalDocuments = d['external_documents']
    self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"])
    self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"])
    b.dbProxy.addExternalDocument(self.iec1)
    b.dbProxy.addExternalDocument(self.iec2)
    self.oecs = b.dbProxy.getExternalDocuments()
    self.iDocumentReferences = d['document_references']
    self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"])
    self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"])
    b.dbProxy.addDocumentReference(self.idr1)
    b.dbProxy.addDocumentReference(self.idr2)
    self.odrs = b.dbProxy.getDocumentReferences()
    self.iPersonaCharacteristics = d['persona_characteristics']
    self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[])
    b.dbProxy.addPersonaCharacteristic(self.ipc1)
    self.opcs = b.dbProxy.getPersonaCharacteristics()
    self.iAttackers = d['attackers']
    self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])]
    self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps)
    b.dbProxy.addAttacker(self.iatk)
    self.oAttackers = b.dbProxy.getAttackers()
    self.iVtypes = d['valuetypes']
    self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"])
    self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"])
    b.dbProxy.addValueType(self.ivt1)
    b.dbProxy.addValueType(self.ivt2)
    self.ovtt = b.dbProxy.getValueTypes('threat_type')
    self.ovtv = b.dbProxy.getValueTypes('vulnerability_type')
    self.iassets = d['assets']
    self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])]
    self.iaeps2 = [AssetEnvironmentProperties(self.iassets[1]["theEnvironmentProperties"][0][0],self.iassets[1]["theEnvironmentProperties"][0][1],self.iassets[1]["theEnvironmentProperties"][0][2])]
    self.iaeps3 = [AssetEnvironmentProperties(self.iassets[2]["theEnvironmentProperties"][0][0],self.iassets[2]["theEnvironmentProperties"][0][1],self.iassets[2]["theEnvironmentProperties"][0][2])]
    self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1)
    self.iap2 = AssetParameters(self.iassets[1]["theName"],self.iassets[1]["theShortCode"],self.iassets[1]["theDescription"],self.iassets[1]["theSignificance"],self.iassets[1]["theType"],"0","N/A",[],[],self.iaeps2)
    self.iap3 = AssetParameters(self.iassets[2]["theName"],self.iassets[2]["theShortCode"],self.iassets[2]["theDescription"],self.iassets[2]["theSignificance"],self.iassets[2]["theType"],"0","N/A",[],[],self.iaeps3)
    b.dbProxy.addAsset(self.iap1)
    b.dbProxy.addAsset(self.iap2)
    b.dbProxy.addAsset(self.iap3)
    self.oap = b.dbProxy.getAssets()
    self.iThreats = d['threats']
    self.iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])]
    self.itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],self.iteps)
    b.dbProxy.addThreat(self.itps)
    self.otps = b.dbProxy.getThreats()
    self.iVuln = d['vulnerabilities']
    self.iveps = [VulnerabilityEnvironmentProperties(self.iVuln[0]["theEnvironmentProperties"][0]["theName"],self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])]
    self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],self.iVuln[0]["theDescription"],self.iVuln[0]["theType"], [], self.iveps)
    b.dbProxy.addVulnerability(self.ivp)
    self.ovp = b.dbProxy.getVulnerabilities()
    self.imc = d['misuseCase']
    self.iRisks = d['risks']

    imcep = [MisuseCaseEnvironmentProperties(self.imc[0]["theEnvironmentProperties"][0]["theName"],self.imc[0]["theEnvironmentProperties"][0]["theDescription"])]
    imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,self.imc[0]["theRisk"])
    irp = RiskParameters(self.iRisks[0]["theName"],self.iRisks[0]["threatName"],self.iRisks[0]["vulName"], imcp,[])
    b.dbProxy.addRisk(irp)
    oRisks = b.dbProxy.getRisks()
    self.r = oRisks[self.iRisks[0]["theName"]]
    self.iResponses = d['responses']
Пример #16
0
class ThreatTest(unittest.TestCase):

  def setUp(self):
    call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
    cairis.core.BorgFactory.initialise()
    f = open(os.environ['CAIRIS_SRC'] + '/test/threats.json')
    d = json.load(f)
    f.close()
    self.ienvs = d['environments']
    self.iep = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"])
    b = Borg()
    b.dbProxy.addEnvironment(self.iep)
    self.oenvs = b.dbProxy.getEnvironments()
    self.iRoles = d['roles']
    self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[])
    b.dbProxy.addRole(self.irp)
    self.oRoles = b.dbProxy.getRoles()
    self.iPersonas = d['personas']
    self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[])
    b.dbProxy.addPersona(self.ipp)
    self.opp = b.dbProxy.getPersonas()
    self.iExternalDocuments = d['external_documents']
    self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"])
    self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"])
    b.dbProxy.addExternalDocument(self.iec1)
    b.dbProxy.addExternalDocument(self.iec2)
    self.oecs = b.dbProxy.getExternalDocuments()
    self.iDocumentReferences = d['document_references']
    self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"])
    self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"])
    b.dbProxy.addDocumentReference(self.idr1)
    b.dbProxy.addDocumentReference(self.idr2)
    self.odrs = b.dbProxy.getDocumentReferences()
    self.iPersonaCharacteristics = d['persona_characteristics']
    self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[])
    b.dbProxy.addPersonaCharacteristic(self.ipc1)
    self.opcs = b.dbProxy.getPersonaCharacteristics()
    self.iAttackers = d['attackers']
    self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])]
    self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps)
    b.dbProxy.addAttacker(self.iatk)
    self.oAttackers = b.dbProxy.getAttackers()
    self.iVtypes = d['valuetypes']
    self.ivt = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"])
    b.dbProxy.addValueType(self.ivt)
    self.ovt = b.dbProxy.getValueTypes('threat_type')
    self.iassets = d['assets']
    self.iaeps = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])]
    self.iap = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps)
    b.dbProxy.addAsset(self.iap)
    self.oap = b.dbProxy.getAssets()
    self.iThreats = d['threats']

  def testThreat(self):
    iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])]
    itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],iteps)
    b = Borg()
    b.dbProxy.addThreat(itps)
    oThreats = b.dbProxy.getThreats()
    o = oThreats[self.iThreats[0]["theName"]]
    self.assertEqual(itps.name(), o.name())
    self.assertEqual(itps.type(),o.type())
    self.assertEqual(itps.method(),o.method())
    oteps = o.environmentProperties()
    self.assertEqual(iteps[0].name(), oteps[0].name())
    self.assertEqual(iteps[0].likelihood()[0], oteps[0].likelihood()[0])
    self.assertEqual(str(iteps[0].assets()[0]), str(oteps[0].assets()[0]))
    self.assertEqual(str(iteps[0].attackers()[0]), str(oteps[0].attackers()[0]))
    self.assertEqual(str(iteps[0].rationale()[0]), str(oteps[0].rationale()[0]))

    b.dbProxy.deleteThreat(o.id())
  
  def tearDown(self):
    b = Borg()
    
#   b.dbProxy.deletePersonaCharacteristic(self.opcs[self.ipc1.name()].id())
    b.dbProxy.deleteAsset(self.oap[self.iap.name()].id())
    b.dbProxy.deleteThreatType(0)
    b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id())
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id())
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id())
    b.dbProxy.deletePersona(self.opp[self.ipp.name()].id())
    b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id())
    b.dbProxy.deleteEnvironment(self.oenvs[self.iep.name()].id())
    b.dbProxy.close()
    call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
Пример #17
0
class RiskTest(unittest.TestCase):

  def setUp(self):
    call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
    cairis.core.BorgFactory.initialise()
    f = open(os.environ['CAIRIS_SRC'] + '/test/risks.json')
    d = json.load(f)
    f.close()
    self.ienvs = d['environments']
    self.iep1 = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"])
    b = Borg()
    b.dbProxy.addEnvironment(self.iep1)
    self.oenvs = b.dbProxy.getEnvironments()
    self.iRoles = d['roles']
    self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[])
    b.dbProxy.addRole(self.irp)
    self.oRoles = b.dbProxy.getRoles()
    self.iPersonas = d['personas']
    self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[])
    b.dbProxy.addPersona(self.ipp)
    self.opp = b.dbProxy.getPersonas()
    self.iExternalDocuments = d['external_documents']
    self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"])
    self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"])
    b.dbProxy.addExternalDocument(self.iec1)
    b.dbProxy.addExternalDocument(self.iec2)
    self.oecs = b.dbProxy.getExternalDocuments()
    self.iDocumentReferences = d['document_references']
    self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"])
    self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"])
    b.dbProxy.addDocumentReference(self.idr1)
    b.dbProxy.addDocumentReference(self.idr2)
    self.odrs = b.dbProxy.getDocumentReferences()
    self.iPersonaCharacteristics = d['persona_characteristics']
    self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[])
    b.dbProxy.addPersonaCharacteristic(self.ipc1)
    self.opcs = b.dbProxy.getPersonaCharacteristics()
    self.iAttackers = d['attackers']
    self.iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])]
    self.iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],self.iatkeps)
    b.dbProxy.addAttacker(self.iatk)
    self.oAttackers = b.dbProxy.getAttackers()
    self.iVtypes = d['valuetypes']
    self.ivt1 = ValueTypeParameters(self.iVtypes[0]["theName"], self.iVtypes[0]["theDescription"], self.iVtypes[0]["theType"])
    self.ivt2 = ValueTypeParameters(self.iVtypes[1]["theName"], self.iVtypes[1]["theDescription"], self.iVtypes[1]["theType"])
    b.dbProxy.addValueType(self.ivt1)
    b.dbProxy.addValueType(self.ivt2)
    self.ovtt = b.dbProxy.getValueTypes('threat_type')
    self.ovtv = b.dbProxy.getValueTypes('vulnerability_type')
    self.iassets = d['assets']
    self.iaeps1 = [AssetEnvironmentProperties(self.iassets[0]["theEnvironmentProperties"][0][0],self.iassets[0]["theEnvironmentProperties"][0][1],self.iassets[0]["theEnvironmentProperties"][0][2])]
    self.iap1 = AssetParameters(self.iassets[0]["theName"],self.iassets[0]["theShortCode"],self.iassets[0]["theDescription"],self.iassets[0]["theSignificance"],self.iassets[0]["theType"],"0","N/A",[],[],self.iaeps1)
    self.iap2 = AssetParameters(self.iassets[1]["theName"],self.iassets[1]["theShortCode"],self.iassets[1]["theDescription"],self.iassets[1]["theSignificance"],self.iassets[1]["theType"],"0","N/A",[],[],self.iaeps1)
    self.iap3 = AssetParameters(self.iassets[2]["theName"],self.iassets[2]["theShortCode"],self.iassets[2]["theDescription"],self.iassets[2]["theSignificance"],self.iassets[2]["theType"],"0","N/A",[],[],self.iaeps1)
    b.dbProxy.addAsset(self.iap1)
    b.dbProxy.addAsset(self.iap2)
    b.dbProxy.addAsset(self.iap3)
    self.oap = b.dbProxy.getAssets()
    self.iThreats = d['threats']
    self.iteps = [ThreatEnvironmentProperties(self.iThreats[0]["theEnvironmentProperties"][0]["theName"],self.iThreats[0]["theEnvironmentProperties"][0]["theLikelihood"],self.iThreats[0]["theEnvironmentProperties"][0]["theAssets"],self.iThreats[0]["theEnvironmentProperties"][0]["theAttackers"],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1],self.iThreats[0]["theEnvironmentProperties"][0]["theProperties"][0][1])]
    self.itps = ThreatParameters(self.iThreats[0]["theName"],self.iThreats[0]["theType"],self.iThreats[0]["theMethod"],[],self.iteps)
    b.dbProxy.addThreat(self.itps)
    self.otps = b.dbProxy.getThreats()
    self.iVuln = d['vulnerabilities']
    self.iveps = [VulnerabilityEnvironmentProperties(self.iVuln[0]["theEnvironmentProperties"][0]["theName"],self.iVuln[0]["theEnvironmentProperties"][0]["theSeverity"],self.iVuln[0]["theEnvironmentProperties"][0]["theAssets"])]
    self.ivp = VulnerabilityParameters(self.iVuln[0]["theName"],self.iVuln[0]["theDescription"],self.iVuln[0]["theType"], [], self.iveps)
    b.dbProxy.addVulnerability(self.ivp)
    self.ovp = b.dbProxy.getVulnerabilities()
    self.imc = d['misuseCase']
    self.iRisks = d['risks']

  def testRisk(self):
    imcep = [MisuseCaseEnvironmentProperties(self.imc[0]["theEnvironmentProperties"][0]["theName"],self.imc[0]["theEnvironmentProperties"][0]["theDescription"])]
    imcp = MisuseCase(int(0), self.imc[0]["theName"], imcep,self.imc[0]["theRisk"])
    irp = RiskParameters(self.iRisks[0]["theName"],self.iRisks[0]["threatName"],self.iRisks[0]["vulName"], imcp,[])
    b = Borg()
    b.dbProxy.addRisk(irp)
    oRisks = b.dbProxy.getRisks()
    o = oRisks[self.iRisks[0]["theName"]]
    self.assertEqual(irp.name(), o.name())
    self.assertEqual(irp.threat(),o.threat())
    self.assertEqual(irp.vulnerability(),o.vulnerability())

#    scoreDetails = b.dbProxy.riskScore(self.iRisks[0]["threatName"],self.iRisks[0]["vulName"],self.iaeps1[0].name())
#    preScore = scoreDetails[0][1]
#    postScore = scoreDetails[0][2]
#    self.assertEqual(preScore,9)
#    self.assertEqual(postScore,9)

    imcp.theName = 'Updated risk'
    imcp.theId = o.misuseCase().id()
    irp.theRiskName = 'Updated risk'
    irp.theMisuseCase = imcp

    irp.setId(o.id())
    b.dbProxy.updateRisk(irp)
    oRisks = b.dbProxy.getRisks()
    o = oRisks['Updated risk']
    self.assertEqual(o.name(),'Updated risk')
    self.assertEqual(irp.threat(),o.threat())
    self.assertEqual(irp.vulnerability(),o.vulnerability())
    
    b.dbProxy.deleteRisk(o.id())
  
  def tearDown(self):
    b = Borg()
    
    b.dbProxy.deleteVulnerability(self.ovp[self.ivp.name()].id())
    b.dbProxy.deleteThreat(self.otps[self.itps.name()].id())
    b.dbProxy.deleteAsset(self.oap[self.iap3.name()].id())
    b.dbProxy.deleteAsset(self.oap[self.iap2.name()].id())
    b.dbProxy.deleteAsset(self.oap[self.iap1.name()].id())
    b.dbProxy.deleteVulnerabilityType(0)
    b.dbProxy.deleteThreatType(0)
    b.dbProxy.deleteAttacker(self.oAttackers[self.iatk.name()].id())
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id())
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id())
    b.dbProxy.deletePersona(self.opp[self.ipp.name()].id())
    b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id())
    b.dbProxy.deleteEnvironment(self.oenvs[self.iep1.name()].id())
    b.dbProxy.close()
    call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
Пример #18
0
class AttackerTest(unittest.TestCase):

  def setUp(self):
    call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
    cairis.core.BorgFactory.initialise()
    f = open(os.environ['CAIRIS_SRC'] + '/test/attackers.json')
    d = json.load(f)
    f.close()
    self.ienvs = d['environments']
    self.iep = EnvironmentParameters(self.ienvs[0]["theName"],self.ienvs[0]["theShortCode"],self.ienvs[0]["theDescription"])
    b = Borg()
    b.dbProxy.addEnvironment(self.iep)
    self.oenvs = b.dbProxy.getEnvironments()
    self.iRoles = d['roles']
    self.irp = RoleParameters(self.iRoles[0]["theName"], self.iRoles[0]["theType"], self.iRoles[0]["theShortCode"], self.iRoles[0]["theDescription"],[])
    b.dbProxy.addRole(self.irp)
    self.oRoles = b.dbProxy.getRoles()
    self.iPersonas = d['personas']
    self.ipp = PersonaParameters(self.iPersonas[0]["theName"],self.iPersonas[0]["theActivities"],self.iPersonas[0]["theAttitudes"],self.iPersonas[0]["theAptitudes"],self.iPersonas[0]["theMotivations"],self.iPersonas[0]["theSkills"],self.iPersonas[0]["theIntrinsic"],self.iPersonas[0]["theContextual"],"","0",self.iPersonas[0]["thePersonaType"],[],[PersonaEnvironmentProperties(self.iPersonas[0]["theEnvironmentProperties"][0]["theName"],(self.iPersonas[0]["theEnvironmentProperties"][0]["theDirectFlag"] == "True"),self.iPersonas[0]["theEnvironmentProperties"][0]["theNarrative"],self.iPersonas[0]["theEnvironmentProperties"][0]["theRole"])],[])
    b.dbProxy.addPersona(self.ipp)
    self.opp = b.dbProxy.getPersonas()
    self.iExternalDocuments = d['external_documents']
    self.iec1 = ExternalDocumentParameters(self.iExternalDocuments[0]["theName"],self.iExternalDocuments[0]["theVersion"],self.iExternalDocuments[0]["thePublicationDate"],self.iExternalDocuments[0]["theAuthors"],self.iExternalDocuments[0]["theDescription"])
    self.iec2 = ExternalDocumentParameters(self.iExternalDocuments[1]["theName"],self.iExternalDocuments[1]["theVersion"],self.iExternalDocuments[1]["thePublicationDate"],self.iExternalDocuments[1]["theAuthors"],self.iExternalDocuments[1]["theDescription"])
    b.dbProxy.addExternalDocument(self.iec1)
    b.dbProxy.addExternalDocument(self.iec2)
    self.oecs = b.dbProxy.getExternalDocuments()
    self.iDocumentReferences = d['document_references']
    self.idr1 = DocumentReferenceParameters(self.iDocumentReferences[0]["theName"],self.iDocumentReferences[0]["theDocName"],self.iDocumentReferences[0]["theContributor"],self.iDocumentReferences[0]["theExcerpt"])
    self.idr2 = DocumentReferenceParameters(self.iDocumentReferences[1]["theName"],self.iDocumentReferences[1]["theDocName"],self.iDocumentReferences[1]["theContributor"],self.iDocumentReferences[1]["theExcerpt"])
    b.dbProxy.addDocumentReference(self.idr1)
    b.dbProxy.addDocumentReference(self.idr2)
    self.odrs = b.dbProxy.getDocumentReferences()
    self.iPersonaCharacteristics = d['persona_characteristics']
    self.ipc1 = PersonaCharacteristicParameters(self.iPersonaCharacteristics[0]["thePersonaName"],self.iPersonaCharacteristics[0]["theModQual"],self.iPersonaCharacteristics[0]["theVariable"],self.iPersonaCharacteristics[0]["theCharacteristic"],[(self.iPersonaCharacteristics[0]["ground"],'','document')],[(self.iPersonaCharacteristics[0]["warrant"],'','document')],[],[])
    b.dbProxy.addPersonaCharacteristic(self.ipc1)
    self.opcs = b.dbProxy.getPersonaCharacteristics()
    self.iAttackers = d['attackers']
    
  def testAttacker(self):
    iatkeps = [AttackerEnvironmentProperties(self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],self.iAttackers[0]["theEnvironmentProperties"][0]["theMotives"],self.iAttackers[0]["theEnvironmentProperties"][0]["theCapabilities"])]
    iatk = AttackerParameters(self.iAttackers[0]["theName"], self.iAttackers[0]["theDescription"], self.iAttackers[0]["theImage"],[],iatkeps)
    b = Borg()
    b.dbProxy.addAttacker(iatk)
    oAttackers = b.dbProxy.getAttackers()
    o = oAttackers[self.iAttackers[0]["theName"]]
    self.assertEqual(iatk.name(), o.name())
    self.assertEqual(iatk.description(),o.description())
    self.assertEqual(iatk.image(),o.image())
    oatkeps = o.environmentProperties()
    self.assertEqual(iatkeps[0].name(), oatkeps[0].name())
    self.assertEqual(str(iatkeps[0].roles()[0]), str(oatkeps[0].roles()[0]))
    self.assertEqual(str(iatkeps[0].motives()[0]), str(oatkeps[0].motives()[0]))
    self.assertEqual(str(iatkeps[0].capabilities()[0][0]), str(oatkeps[0].capabilities()[0][0]))
    self.assertEqual(str(iatkeps[0].capabilities()[0][1]), str(oatkeps[0].capabilities()[0][1]))

    iatk.theName = 'Updated name'
    iatk.setId(o.id())
    b.dbProxy.updateAttacker(iatk)
    oAttackers = b.dbProxy.getAttackers()
    o = oAttackers["Updated name"]
    self.assertEqual(o.name(),'Updated name')


    b.dbProxy.deleteAttacker(o.id())
  
  def tearDown(self):
    b = Borg()
    
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id())
    b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id())
    b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id())
    b.dbProxy.deletePersona(self.opp[self.ipp.name()].id())
    b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id())
    b.dbProxy.deleteEnvironment(self.oenvs[self.iep.name()].id())
    b.dbProxy.close()
    call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])
Пример #19
0
def importPersonaCharacteristicsWorkbook(wbFile,session_id):
  eds = []
  drs = []
  pcs = []

  wb = load_workbook(filename = wbFile,data_only=True)
  edSheet = wb.worksheets[0]
  edNames = set([])
  for row in edSheet.iter_rows(min_row=2):
    edName = row[0].value
    edAuth = row[1].value
    edVer = row[2].value
    edPD = str(row[3].value)
    edDesc = row[4].value
    if (edName != '' and edName != None):
      edNames.add(edName)
      if (edAuth == '' or edAuth == None):
        edAuth = 'Unknown'
      if (edVer == '' or edVer == None):
        edVer = '1'
      if (edPD == '' or edPD == None):
        edPD = 'Unknown'
      if (edDesc == '' or edDesc == None):
        edDesc = 'Unknown'
      eds.append(ExternalDocumentParameters(edName,edVer,edPD,edAuth,edDesc))

  b = Borg()
  db_proxy = b.get_dbproxy(session_id)

  drNames = set([])
  drSheet = wb.worksheets[1]
  for row in drSheet.iter_rows(min_row=2):
    drName = row[0].value
    drDoc = row[1].value
    drCont = row[2].value
    drExc = row[3].value

    if (drName != '' and drName != None):
      drNames.add(drName)
      if (drDoc not in edNames):
        if (db_proxy.existingObject(drDoc,'external_document') == -1):
          raise ARMException("Cannot import document reference " + drName + ". " + drDoc + " not an external document.")
      if (drCont == '' or drCont == None):
        drCont = 'Unknown'
      if (drExc == '' or drExc == None):
        drExc = 'Unknown'
      drs.append(DocumentReferenceParameters(drName,drDoc,drCont,drExc))

  pcSheet = wb.worksheets[2]
  for row in pcSheet.iter_rows(min_row=2):
    pcName = row[0].value
    pName = row[1].value.strip()
    bvName = row[2].value.strip()
    modQual = row[3].value.strip()
    grounds  = row[4].value
    if (grounds == None):
      grounds = []
    else:
      grounds = list(map(lambda x: (x.strip(),'','document'),grounds.strip().split(',')))
      if (len(grounds) == 1 and grounds[0][0] == ''):
        grounds = []

    warrant  = row[5].value
    if (warrant == None):
      warrant = []
    else:
      warrant = list(map(lambda x: (x.strip(),'','document'),warrant.strip().split(',')))
      if (len(warrant) == 1 and warrant[0][0] == ''):
        warrant = []

    rebuttal = row[6].value
    if (rebuttal == None):
      rebuttal = []
    else:
      rebuttal = list(map(lambda x: (x.strip(),'','document'),rebuttal.strip().split(',')))
      if (len(rebuttal) == 1 and rebuttal[0][0] == ''):
        rebuttal = []

    if (pcName != ''):
      if (db_proxy.existingObject(pName,'persona') == -1):
        raise ARMException("Cannot import persona characteristic " + pcName + ". Persona " + pName + " does not exist.")
      if bvName not in ['Activities','Attitudes','Aptitudes','Motivations','Skills','Environment Narrative','Intrinsic','Contextual']:
        raise ARMException("Cannot import persona characteristic " + pcName + ". " + bvName + " is an invalid behavioural variable name.")

      if (modQual == '' or modQual == None):
        modQual = 'Possibly'

      for g in grounds:
        if ((g[0] not in drNames) and (db_proxy.existingObject(g[0],'document_reference') == -1)):
          raise ARMException("Cannot import persona characteristic " + pcName + ". Document reference corresponding with grounds " + g[0] + " does not exist.")
      for w in warrant:
        if ((w[0] not in drNames) and (db_proxy.existingObject(w[0],'document_reference') == -1)):
          raise ARMException("Cannot import persona characteristic " + pcName + ". Document reference corresponding with warrant " + w[0] + " does not exist.")
      for r in rebuttal:
        if ((r[0] not in drNames) and (db_proxy.existingObject(r[0],'document_reference') == -1)):
          raise ARMException("Cannot import persona characteristic " + pcName + ". Document reference corresponding with rebuttal " + r[0] + " does not exist.")

      pcs.append(PersonaCharacteristicParameters(pName,modQual,bvName,pcName,grounds,warrant,[],rebuttal))
      
  for edParameters in eds:
    objtId = db_proxy.existingObject(edParameters.name(),'external_document')
    if objtId == -1:
      db_proxy.addExternalDocument(edParameters)
    else:
      edParameters.setId(objtId)
      db_proxy.updateExternalDocument(edParameters)

  for drParameters in drs:
    objtId = db_proxy.existingObject(drParameters.name(),'document_reference')
    if objtId == -1:
      db_proxy.addDocumentReference(drParameters)
    else:
      drParameters.setId(objtId)
      db_proxy.updateDocumentReference(drParameters)

  for pcParameters in pcs:
    objtId = db_proxy.existingObject(pcParameters.characteristic(),'persona_characteristic')
    if objtId == -1:
      db_proxy.addPersonaCharacteristic(pcParameters)
    else:
      pcParameters.setId(objtId)
      db_proxy.updatePersonaCharacteristic(pcParameters)

  msgStr = 'Imported ' + str(len(eds)) + ' external documents, ' + str(len(drs)) + ' document references, and ' + str(len(pcs)) + ' persona characteristics.'
  return msgStr
Пример #20
0
class AttackerTest(unittest.TestCase):
    def setUp(self):
        call([os.environ['CAIRIS_SRC'] + "/test/initdb.sh"])
        cairis.core.BorgFactory.initialise()
        f = open(os.environ['CAIRIS_SRC'] + '/test/attackers.json')
        d = json.load(f)
        f.close()
        self.ienvs = d['environments']
        self.iep = EnvironmentParameters(self.ienvs[0]["theName"],
                                         self.ienvs[0]["theShortCode"],
                                         self.ienvs[0]["theDescription"])
        b = Borg()
        b.dbProxy.addEnvironment(self.iep)
        self.oenvs = b.dbProxy.getEnvironments()
        self.iRoles = d['roles']
        self.irp = RoleParameters(self.iRoles[0]["theName"],
                                  self.iRoles[0]["theType"],
                                  self.iRoles[0]["theShortCode"],
                                  self.iRoles[0]["theDescription"], [])
        b.dbProxy.addRole(self.irp)
        self.oRoles = b.dbProxy.getRoles()
        self.iPersonas = d['personas']
        self.ipp = PersonaParameters(
            self.iPersonas[0]["theName"], self.iPersonas[0]["theActivities"],
            self.iPersonas[0]["theAttitudes"],
            self.iPersonas[0]["theAptitudes"],
            self.iPersonas[0]["theMotivations"],
            self.iPersonas[0]["theSkills"], self.iPersonas[0]["theIntrinsic"],
            self.iPersonas[0]["theContextual"], "", "0",
            self.iPersonas[0]["thePersonaType"], [], [
                PersonaEnvironmentProperties(
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theName"], (self.iPersonas[0]["theEnvironmentProperties"]
                                  [0]["theDirectFlag"] == "True"),
                    self.iPersonas[0]["theEnvironmentProperties"][0]
                    ["theNarrative"], self.iPersonas[0]
                    ["theEnvironmentProperties"][0]["theRole"])
            ], [])
        b.dbProxy.addPersona(self.ipp)
        self.opp = b.dbProxy.getPersonas()
        self.iExternalDocuments = d['external_documents']
        self.iec1 = ExternalDocumentParameters(
            self.iExternalDocuments[0]["theName"],
            self.iExternalDocuments[0]["theVersion"],
            self.iExternalDocuments[0]["thePublicationDate"],
            self.iExternalDocuments[0]["theAuthors"],
            self.iExternalDocuments[0]["theDescription"])
        self.iec2 = ExternalDocumentParameters(
            self.iExternalDocuments[1]["theName"],
            self.iExternalDocuments[1]["theVersion"],
            self.iExternalDocuments[1]["thePublicationDate"],
            self.iExternalDocuments[1]["theAuthors"],
            self.iExternalDocuments[1]["theDescription"])
        b.dbProxy.addExternalDocument(self.iec1)
        b.dbProxy.addExternalDocument(self.iec2)
        self.oecs = b.dbProxy.getExternalDocuments()
        self.iDocumentReferences = d['document_references']
        self.idr1 = DocumentReferenceParameters(
            self.iDocumentReferences[0]["theName"],
            self.iDocumentReferences[0]["theDocName"],
            self.iDocumentReferences[0]["theContributor"],
            self.iDocumentReferences[0]["theExcerpt"])
        self.idr2 = DocumentReferenceParameters(
            self.iDocumentReferences[1]["theName"],
            self.iDocumentReferences[1]["theDocName"],
            self.iDocumentReferences[1]["theContributor"],
            self.iDocumentReferences[1]["theExcerpt"])
        b.dbProxy.addDocumentReference(self.idr1)
        b.dbProxy.addDocumentReference(self.idr2)
        self.odrs = b.dbProxy.getDocumentReferences()
        self.iPersonaCharacteristics = d['persona_characteristics']
        self.ipc1 = PersonaCharacteristicParameters(
            self.iPersonaCharacteristics[0]["thePersonaName"],
            self.iPersonaCharacteristics[0]["theModQual"],
            self.iPersonaCharacteristics[0]["theVariable"],
            self.iPersonaCharacteristics[0]["theCharacteristic"],
            [(self.iPersonaCharacteristics[0]["ground"], '', 'document')],
            [(self.iPersonaCharacteristics[0]["warrant"], '', 'document')], [],
            [])
        b.dbProxy.addPersonaCharacteristic(self.ipc1)
        self.opcs = b.dbProxy.getPersonaCharacteristics()
        self.iAttackers = d['attackers']

    def testAttacker(self):
        iatkeps = [
            AttackerEnvironmentProperties(
                self.iAttackers[0]["theEnvironmentProperties"][0]["theName"],
                self.iAttackers[0]["theEnvironmentProperties"][0]["theRoles"],
                self.iAttackers[0]["theEnvironmentProperties"][0]
                ["theMotives"], self.iAttackers[0]["theEnvironmentProperties"]
                [0]["theCapabilities"])
        ]
        iatk = AttackerParameters(self.iAttackers[0]["theName"],
                                  self.iAttackers[0]["theDescription"],
                                  self.iAttackers[0]["theImage"], [], iatkeps)
        b = Borg()
        b.dbProxy.addAttacker(iatk)
        oAttackers = b.dbProxy.getAttackers()
        o = oAttackers[self.iAttackers[0]["theName"]]
        self.assertEqual(iatk.name(), o.name())
        self.assertEqual(iatk.description(), o.description())
        self.assertEqual(iatk.image(), o.image())
        oatkeps = o.environmentProperties()
        self.assertEqual(iatkeps[0].name(), oatkeps[0].name())
        self.assertEqual(str(iatkeps[0].roles()[0]),
                         str(oatkeps[0].roles()[0]))
        self.assertEqual(str(iatkeps[0].motives()[0]),
                         str(oatkeps[0].motives()[0]))
        self.assertEqual(str(iatkeps[0].capabilities()[0][0]),
                         str(oatkeps[0].capabilities()[0][0]))
        self.assertEqual(str(iatkeps[0].capabilities()[0][1]),
                         str(oatkeps[0].capabilities()[0][1]))

        iatk.theName = 'Updated name'
        iatk.setId(o.id())
        b.dbProxy.updateAttacker(iatk)
        oAttackers = b.dbProxy.getAttackers()
        o = oAttackers["Updated name"]
        self.assertEqual(o.name(), 'Updated name')

        b.dbProxy.deleteAttacker(o.id())

    def tearDown(self):
        b = Borg()

        b.dbProxy.deleteDocumentReference(self.odrs[self.idr1.name()].id())
        b.dbProxy.deleteDocumentReference(self.odrs[self.idr2.name()].id())
        b.dbProxy.deleteExternalDocument(self.oecs[self.iec1.name()].id())
        b.dbProxy.deleteExternalDocument(self.oecs[self.iec2.name()].id())
        b.dbProxy.deletePersona(self.opp[self.ipp.name()].id())
        b.dbProxy.deleteRole(self.oRoles[self.irp.name()].id())
        b.dbProxy.deleteEnvironment(self.oenvs[self.iep.name()].id())
        b.dbProxy.close()
        call([os.environ['CAIRIS_SRC'] + "/test/dropdb.sh"])