def update_asset_association(self, oldEnvName, oldHeadAsset, oldTailAsset,
assoc):
old_assoc = self.get_asset_association(oldEnvName, oldHeadAsset,
oldTailAsset)
id = old_assoc.theId
assocParams = ClassAssociationParameters(
envName=assoc.theEnvironmentName,
headName=assoc.theHeadAsset,
headDim=assoc.theHeadDim,
headNav=assoc.theHeadNavigation,
headType=assoc.theHeadType,
headMultiplicity=assoc.theHeadMultiplicity,
headRole=assoc.theHeadRole,
tailRole=assoc.theTailRole,
tailMultiplicity=assoc.theTailMultiplicity,
tailType=assoc.theTailType,
tailNav=assoc.theTailNavigation,
tailDim=assoc.theTailDim,
tailName=assoc.theTailAsset,
rationale=assoc.theRationale)
assocParams.setId(id)
try:
self.db_proxy.updateClassAssociation(assocParams)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_asset_association(self,oldEnvName,oldHeadAsset,oldTailAsset,assoc):
assocParams = ClassAssociationParameters(
envName=assoc.theEnvironmentName,
headName=assoc.theHeadAsset,
headDim='asset',
headNav=assoc.theHeadNavigation,
headType=assoc.theHeadType,
headMultiplicity=assoc.theHeadMultiplicity,
headRole=assoc.theHeadRole,
tailRole=assoc.theTailRole,
tailMultiplicity=assoc.theTailMultiplicity,
tailType=assoc.theTailType,
tailNav=assoc.theTailNavigation,
tailDim='asset',
tailName=assoc.theTailAsset,
rationale=assoc.theRationale)
try:
if ((assoc.theEnvironmentName != oldEnvName) or (assoc.theHeadAsset != oldHeadAsset) or (assoc.theTailAsset != oldTailAsset)):
self.db_proxy.checkAssetAssociation(assoc.theEnvironmentName,assoc.theHeadAsset,assoc.theTailAsset)
caId = self.db_proxy.getDimensionId(oldEnvName + '/' + oldHeadAsset + '/' + oldTailAsset,'classassociation')
assocParams.setId(caId)
self.db_proxy.updateClassAssociation(assocParams)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def update_asset_association(self, assoc):
old_assoc = self.get_asset_association(assoc.theEnvironmentName, assoc.theHeadAsset, assoc.theTailAsset)
id = old_assoc.theId
assocParams = ClassAssociationParameters(
envName=assoc.theEnvironmentName,
headName=assoc.theHeadAsset,
headDim=assoc.theHeadDim,
headNav=assoc.theHeadNavigation,
headType=assoc.theHeadType,
headMultiplicity=assoc.theHeadMultiplicity,
headRole=assoc.theHeadRole,
tailRole=assoc.theTailRole,
tailMultiplicity=assoc.theTailMultiplicity,
tailType=assoc.theTailType,
tailNav=assoc.theTailNavigation,
tailDim=assoc.theTailDim,
tailName=assoc.theTailAsset,
rationale=assoc.theRationale,
)
assocParams.setId(id)
try:
self.db_proxy.updateClassAssociation(assocParams)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def parameters(self):
parameters = ClassAssociationParameters(
self.theEnvironmentName, self.theHeadAsset, 'asset',
self.theHeadNav, self.theHeadType, self.theHeadMultiplicity,
self.theHeadRole, self.theTailRole, self.theTailMultiplicity,
self.theTailType, self.theTailNav, 'asset', self.theTailAsset)
parameters.setId(self.theClassAssociationId)
return parameters
def importDiagramsNetAssetModel(importFile,envName,session_id):
objts, assocs = importDiagramsNetFile(importFile,'asset')
b = Borg()
db_proxy = b.get_dbproxy(session_id)
newAssetCount = 0
for asset in objts:
assetName = asset['name']
assetType = asset['type'].capitalize()
if (db_proxy.existingObject(assetName,'asset') == -1):
db_proxy.addAsset(AssetParameters(assetName,asset['short_code'],asset['description'],asset['significance'],assetType,0,'',[],[],[AssetEnvironmentProperties(envName,asset['properties'],asset['rationale'])]))
newAssetCount += 1
newAssocCount = 0
for assoc in assocs:
headAsset = assoc['head']
tailAsset = assoc['tail']
try:
db_proxy.checkAssetAssociation(envName,headAsset,tailAsset)
db_proxy.addClassAssociation(ClassAssociationParameters(envName,headAsset,'asset',assoc['headNav'],assoc['headType'],'*','','','*',assoc['tailType'],assoc['tailNav'],'asset',tailAsset,'To be defined'))
newAssocCount += 1
except DatabaseProxyException as ex:
if str(ex.value).find('already exists') == -1:
raise ARMException(str(ex.value))
msgStr = 'Imported ' + str(newAssetCount) + ' asset'
if (newAssetCount != 1): msgStr += 's'
msgStr += ', and ' + str(newAssocCount) + ' asset association'
if (newAssocCount != 1): msgStr += 's'
msgStr += '.'
return msgStr
def update_asset_association(self,oldEnvName,oldHeadAsset,oldTailAsset,assoc):
assocParams = ClassAssociationParameters(
envName=assoc.theEnvironmentName,
headName=assoc.theHeadAsset,
headDim='asset',
headNav=assoc.theHeadNavigation,
headType=assoc.theHeadType,
headMultiplicity=assoc.theHeadMultiplicity,
headRole=assoc.theHeadRole,
tailRole=assoc.theTailRole,
tailMultiplicity=assoc.theTailMultiplicity,
tailType=assoc.theTailType,
tailNav=assoc.theTailNavigation,
tailDim='asset',
tailName=assoc.theTailAsset,
rationale=assoc.theRationale)
try:
caId = self.db_proxy.getDimensionId(oldEnvName + '/' + oldHeadAsset + '/' + oldTailAsset,'classassociation')
assocParams.setId(caId)
self.db_proxy.updateClassAssociation(assocParams)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def on_assetAssociationOkButton_clicked(self, callback_data):
headAdornment = self.decorator.getComboValue(
"assetAssociationHeadAdornmentCtrl")
headNry = self.decorator.getComboValue("assetAssociationHeadNryCtrl")
headRole = self.decorator.getText("assetAssociationHeadRoleCtrl")
tailRole = self.decorator.getText("assetAssociationTailRoleCtrl")
tailNry = self.decorator.getComboValue("assetAssociationTailNryCtrl")
tailAdornment = self.decorator.getComboValue(
"assetAssociationTailAdornmentCtrl")
tailName = self.decorator.getComboValue("assetAssociationTailNameCtrl")
parameters = ClassAssociationParameters(self.theCurrentEnvironment,
self.theHeadName, 'asset',
tailAdornment, tailNry,
tailRole, headRole, headNry,
headAdornment, 'asset',
tailName)
self.dbProxy.addClassAssociation(parameters)
self.window.destroy()
def add_asset_association(self, assoc):
assocParams = ClassAssociationParameters(
envName=assoc.theEnvironmentName,
headName=assoc.theHeadAsset,
headDim='asset',
headNav=assoc.theHeadNavigation,
headType=assoc.theHeadType,
headMultiplicity=assoc.theHeadMultiplicity,
headRole=assoc.theHeadRole,
tailRole=assoc.theTailRole,
tailMultiplicity=assoc.theTailMultiplicity,
tailType=assoc.theTailType,
tailNav=assoc.theTailNavigation,
tailDim='asset',
tailName=assoc.theTailAsset,
rationale=assoc.theRationale)
try:
self.db_proxy.addClassAssociation(assocParams)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
def parameters(self): parameters = ClassAssociationParameters(self.theEnvironmentName,self.theHeadAsset,'asset',self.theHeadNav,self.theHeadType,self.theHeadMultiplicity,self.theHeadRole,self.theTailRole,self.theTailMultiplicity,self.theTailType,self.theTailNav,'asset',self.theTailAsset) parameters.setId(self.theClassAssociationId) return parameters
def endElement(self, name):
if name == 'role':
p = RoleParameters(self.theName, self.theType,
unescape(self.theShortCode),
unescape(self.theDescription), [])
self.theRoleParameters.append(p)
self.resetRoleAttributes()
elif name == 'asset':
envDict = {}
for sp in self.theSecurityProperties:
envName = sp[0]
spName = sp[1]
spValue = a2i(sp[2])
spRationale = sp[3]
if envName in envDict:
(envDict[envName])[spName] = (spValue, spRationale)
else:
spDict = {}
spDict['confidentiality'] = (0, 'None')
spDict['integrity'] = (0, 'None')
spDict['availability'] = (0, 'None')
spDict['accountability'] = (0, 'None')
spDict['anonymity'] = (0, 'None')
spDict['pseudonymity'] = (0, 'None')
spDict['unlinkability'] = (0, 'None')
spDict['unobservability'] = (0, 'None')
spDict[spName] = (spValue, spRationale)
envDict[envName] = spDict
for envName in envDict:
spDict = envDict[envName]
cProperty, cRationale = spDict['confidentiality']
iProperty, iRationale = spDict['integrity']
avProperty, avRationale = spDict['availability']
acProperty, acRationale = spDict['accountability']
anProperty, anRationale = spDict['anonymity']
panProperty, panRationale = spDict['pseudonymity']
unlProperty, unlRationale = spDict['unlinkability']
unoProperty, unoRationale = spDict['unobservability']
ep = AssetEnvironmentProperties(envName, [
cProperty, iProperty, avProperty, acProperty, anProperty,
panProperty, unlProperty, unoProperty
], [
cRationale, iRationale, avRationale, acRationale,
anRationale, panRationale, unlRationale, unoRationale
])
self.theEnvironmentProperties.append(ep)
p = AssetParameters(self.theName, unescape(self.theShortCode),
unescape(self.theDescription),
unescape(self.theSignificance),
self.theAssetType, self.isCritical,
self.theCriticalRationale, self.theTags,
self.theInterfaces,
self.theEnvironmentProperties)
self.theAssetParameters.append(p)
self.resetAssetAttributes()
elif name == 'security_property':
self.theSecurityProperties.append(
(self.theEnvironmentName, self.thePropertyName,
self.thePropertyValue, unescape(self.theRationale)))
self.resetSecurityPropertyAttributes()
elif name == 'threatened_property':
self.theSpDict[self.thePropertyName] = (self.thePropertyValue,
unescape(
self.theRationale))
self.resetThreatenedPropertyAttributes()
elif name == 'vulnerability':
p = VulnerabilityParameters(self.theName,
unescape(self.theDescription),
self.theType, self.theTags,
self.theEnvironmentProperties)
self.theVulnerabilities.append(p)
self.resetVulnerabilityAttributes()
elif name == 'vulnerability_environment':
p = VulnerabilityEnvironmentProperties(self.theEnvironmentName,
self.theSeverity,
self.theAssets)
self.theEnvironmentProperties.append(p)
self.resetVulnerabilityEnvironmentAttributes()
elif name == 'attacker':
p = AttackerParameters(self.theName, unescape(self.theDescription),
self.theImage, self.theTags,
self.theEnvironmentProperties)
self.theAttackerParameters.append(p)
self.resetAttackerAttributes()
elif name == 'attacker_environment':
p = AttackerEnvironmentProperties(self.theEnvironmentName,
self.theRoles,
self.theMotivations,
self.theCapabilities)
self.theEnvironmentProperties.append(p)
self.resetAttackerEnvironmentAttributes()
elif name == 'threat':
p = ThreatParameters(self.theName, self.theType,
unescape(self.theMethod), self.theTags,
self.theEnvironmentProperties)
self.theThreats.append(p)
self.resetThreatAttributes()
elif name == 'threat_environment':
cProperty, cRationale = self.theSpDict['confidentiality']
iProperty, iRationale = self.theSpDict['integrity']
avProperty, avRationale = self.theSpDict['availability']
acProperty, acRationale = self.theSpDict['accountability']
anProperty, anRationale = self.theSpDict['anonymity']
panProperty, panRationale = self.theSpDict['pseudonymity']
unlProperty, unlRationale = self.theSpDict['unlinkability']
unoProperty, unoRationale = self.theSpDict['unobservability']
p = ThreatEnvironmentProperties(
self.theEnvironmentName, self.theLikelihood, self.theAssets,
self.theAttackers, [
cProperty, iProperty, avProperty, acProperty, anProperty,
panProperty, unlProperty, unoProperty
], [
cRationale, iRationale, avRationale, acRationale,
anRationale, panRationale, unlRationale, unoRationale
])
self.theEnvironmentProperties.append(p)
self.resetThreatEnvironmentAttributes()
elif name == 'risk':
mc = MisuseCase(-1, 'Exploit ' + self.theName,
self.theEnvironmentProperties, self.theName)
p = RiskParameters(self.theName, self.theThreat,
self.theVulnerability, mc, self.theTags)
self.theRisks.append(p)
self.resetRiskAttributes()
elif name == 'misusecase':
p = MisuseCaseEnvironmentProperties(self.theEnvironmentName,
unescape(self.theDescription))
self.theEnvironmentProperties.append(p)
self.resetRiskEnvironmentAttributes()
elif name == 'response':
p = ResponseParameters(self.theType + ' ' + self.theRisk,
self.theRisk, self.theTags,
self.theEnvironmentProperties, self.theType)
self.theResponses.append(p)
self.resetResponseAttributes()
elif name == 'accept_environment':
p = AcceptEnvironmentProperties(self.theEnvironmentName,
self.theCost,
unescape(self.theDescription))
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'transfer_environment':
p = TransferEnvironmentProperties(self.theEnvironmentName,
unescape(self.theDescription),
self.theResponseRoles)
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'deter_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName, 'Deter')
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'prevent_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName,
'Prevent')
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'detect_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName,
'Detect', self.theDetectionPoint)
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'react_environment':
p = MitigateEnvironmentProperties(self.theEnvironmentName, 'React',
'', self.theDetectionMechanisms)
self.theEnvironmentProperties.append(p)
self.resetResponseEnvironmentAttributes()
elif name == 'asset_association':
p = ClassAssociationParameters(
self.theEnvironmentName, self.theHeadName, 'asset',
self.theHeadNav, self.theHeadAdornment, self.theHeadNry,
self.theHeadRole, self.theTailRole, self.theTailNry,
self.theTailAdornment, self.theTailNav, 'asset',
self.theTailName, unescape(self.theRationale))
self.theAssociations.append(p)
self.resetAssociationAttributes()
elif name == 'description':
self.inDescription = 0
elif name == 'method':
self.inMethod = 0
elif name == 'narrative':
self.inDescription = 0
elif name == 'rationale':
self.inRationale = 0
elif name == 'significance':
self.inSignificance = 0
elif name == 'critical':
self.inCritical = 0