Electromagnetic relays used for power system .pptx
Security Assessment of Keruak’s Informative Outdoor Safe Keeper
1. FACULTY OF ENGINEERING
DEPARTMENTS OF ELECTRONICS ENGINEERING AND AUTOMATION ENGINEERING
PIRAEUS UNIVERSITY OF APPLIED SCIENCES
Module: CI7130: Network and Information Security
Module Coordinator: Dr. Dionisis Adamopoulos & Dr. Harris Katopodis
MSc IN NETWORKING AND DATA COMMUNICATIONS
COURSEWORK
MODULE:
CI7130: Network and Information Security
Module Coordinator:
Dr. Dionisis Adamopoulos & Dr. Harris Katopodis
Date of Module:
23/05/2015
Name of Student:
Stamatakis Konstantinos
Kingston University London
2. FACULTY OF ENGINEERING
DEPARTMENTS OF ELECTRONICS ENGINEERING AND AUTOMATION ENGINEERING
PIRAEUS UNIVERSITY OF APPLIED SCIENCES
Module: CI7130: Network and Information Security
Module Coordinator: Dr. Dionisis Adamopoulos & Dr. Harris Katopodis
Subject: Security Assessment of Keruak’s Informative Outdoor Safe Keeper
Submission Date: 23/05/2015
Kingston University London
3. - 1 -
Executive Summary
The following security assessment report, addresses all the latest challenges and security
issues that have been brought up since the late installation and six month’s initial operation
of the Keruak’s Outdoor Cabinet Monitoring System, the “Keruak Informative Outdoor Safe
Keeper”, also known as KIOSK. As KIOSK monitors outdoor cabinets that are characterized
as most critical for Keruak communications company, it is essential to evaluate security
threats and vulnerabilities that have been identified during recent workshops and interviews
of staff members from all implicated divisions but also to determine any additional ones in
terms to technology solutions used to protect the secrecy of information data from various
communication services provided through these cabinets to major clients and public sector’s
entities that demand exceptional support and security, especially in the areas that affect
system’s availability, integrity and confidentiality. Due to its nature, KIOSK is monitoring units
exposed almost to anyone, vulnerable to numerous threats, from physical ones that are
usually monitored in real time to most sophisticated such as network access related threats,
therefore a security assessment of KIOSK will assist further to create profiles of threats that
may or already being identified in KIOSK with respective motives and outcomes, allowing
Information Security Department to develop new strategies and technological solutions for
KIOSK with greater precision and success in confronting the outcomes these threats may
have.
Preparation
The following security assessment report is being conducted, using the Operationally Critical
Threat, Asset and Vulnerability Evaluation (OCTAVE) methodology, which systematize and
enhance security risks that have been recognized and analyzed in security assessments’
allowing companies such as Keruak, to retrieve sufficing results in regards to security
evaluation, without excessive use on resources and funds [1], by utilizing our own valuable
human resources, like IT experts, employers and stuff that are related to Keruak’s KIOSK,
enabling them being better informed about security issues and improve they way they handle
vulnerabilities of the supported system’s security state, allowing us this way to gain excellent
results without having to resort or rely on outside security experts.
According to Software Engineering Institute, OCTAVE “is designed to allow broad
assessment of an organization’s operational risk environment with the goal of producing
more robust results without the need for extensive risk assessment knowledge”[2] and the
reason OCTAVE framework is considered to be most appropriate for our security
assessment needs is because it focuses mostly on information assets and specifically “of
how these assets used, stored, transported and processed”[2], but of also “how they are
exposed to potential vulnerabilities and threats” [2].
Members of the team
KIOSK department is considered to be part of Keruak’s IT infrastructure. Despite it was
originally planned to operate as a self-governing department, completely independent from
all other divisions, technical, logistic or HR ones and therefore any issues reported from
KIOSK staff members are forwarded directly to Chief Director of Security Department, as
originally planned through the initial developmental design of KIOSK by Chief Director of IT
Department, from information emitted by workshops that took place with Keruak executives,
IT experts and staff members, analyzing and examining KIOSK current operation
architecture, more divisions are implicated in it’s current operational status as presented in
the organization overview that follows, therefore the analysis team of experts created
correspondingly, from all implicated divisions to KIOSK operation and grouped together, in
order to have the most successive outcome. The members of analysis team are:
Chief Director of Security Department
Chief Director of IT Department
Team/Senior Supervisor of KIOSK Department
Administrative Head Assistants of KIOSK Department
Director of Communication Network Department
Chief Engineer of Communication Network Department
4. - 2 -
Team/Senior Supervisor of Outdoor Cabinets Maintenance Office
Organization Overview
KIOSK’s system infrastructure
is consisted of three areas
that are operated by different
departments of Keruak. The
Outdoor Cabinet Cloud
Network (OCCN), supported
by the Outdoor Cabinets
Maintenance Office, which is
a sub-division of the
Communication Network
Department, the KIOSK
Central Administration
System (CAS) which is
supported and maintained
entirely by KIOSK Department
and finally low level appliance
of KIOSK User interface (kUI)
and Keruak Information
Network Database (KiND),
both supported, maintained
and co-operated by Keruak’s
Security Department.
Fig. 1 KIOSK system architecture diagram
(for higher resolution diagram, see the Appendix, Figure 9)
The components of KIOSK, as presented in Figure 1 are:
PSTN Control Card, installed in each outdoor cabinet, sends and receives inbound and
outbound calls to the Media Gateway of GVP, thought TDMF signaling and Caller ID
Support via the SIP and PSTN connectors of Voice Platform (GVP), in order to verify the
identity of person accessing the outdoor cabinet [3][5]. The total of all outdoor cabinets
monitored by KIOSK, characterized as Outdoor Cabinet Cloud Network (OCCN).
Voice Platform Solution (VPS), an all-in-one solution, constituted by:
Genesys Voice Platform (GVP) containing Resource Manager, CTI and PSTN
connectors, Media Control Platform, Call Control Platform and Reporting Server
(GVP Reporting Server Database)
Session Initiation Protocol Server (SIP), delivering services such as Universal
Routing Server and backup Outbound Connectivity
Management Framework, administrating all VPS and GVP components
Genesys Administrator system, a Web-based GUI for configuration, management,
monitoring of components installed and data collection & logging [4][5].
Outbound Contact server (OCS), responsible for creating, executing and reporting
outbound and inbound campaigns (call and user events) by performing periodic check
calls, every 10 minutes, to monitor cabinets’ state condition through the PSTN and the
CTI interface of GVP, or any incoming events from PSTN Control Card (alarms, alerts or
verified calls). Logging files of CDRs created, containing records and events information
to GUI and User Event Attributes (such as Event Type and Call Result), are forwarded to
OCIM for storage and future processing [4][6]. OCS also uses the Caller ID Support,
transmitted to PSTN and CTI interface of GVP [6,p90].
Outdoor Cabinets Information and Media server (OCIM), interacts between OCS and any
authorized agent that uses DTFM signaling through phone call to inform the system that
a cabinet is going to be accessed. OCIM provides prompt, collection, detection and
handling of DTMF inputs and call events, Geo-Location, logging storage of all outbound
data and Call Detail Records (CDRs) of events took place through the periodic checks or
any other incoming events (alarms, alerts or verified calls in response to Event Types and
Call Results coming from OCS [6][7].
5. - 3 -
KIOSK server interacts with VPS, containing an Oracle Database 12c - Enterprise Edition
in order to store information coming from VPS’s components to create the GVP Reporting
Server Database in order to provide Web Service [8][9].
Resource Manager providing Session management and Service selection data of any
incoming request [10].
Media Control Platform, providing tables of functions of outbound calls, network and
application initiated calls, data logging and analysis from metrics Call Progress Detection
(CPD) [11].
Call Control Platform containing data of outbound calls being made through the PSTN
gateway and requests from incoming calls [12].
GVP Reporting Server Database (RSD) submitting real-time call events, CDRs and
processing information coming from OCIM, organizing them into partitioning CDR and
Call Event tables, providing to each partition the ability to represent user’s pre-specified
periods of time, allowing this way database functions better performed. RSD also
provides tables with open data access interfaces via Reporting Web Services maintained
by the administrators KIOSK, allowing having multiple different user interfaces, set by
administrators, while kUI access call related data entries of events from database,
categorizing users to various User Access Groups [13].
Sensage Data Warehouse (SDW) is a CISCO’s cloud vendor providing storage and real
time analyzing of log data of multiple and diverse security events. In KIOSK both VPS
and KIOSK server are connected to SDW to provide redundancy, in case of failure at
critical components of the system [14].
Keruak Information Network Database (KiND), is a system of servers initially created at
2007, containing records of communication network architecture details of all customers
and subscribers, based on Apache Web Servers, using PHP 5.3+ and MySQL 5+,
running, a custom modified version by IT department, of TYPO3 CMS system and it is
used to correlate with KIOSK Server’s Oracle database, through the Oracle Enterprise
manager for MySQL extension, to retrieve all necessary network details for subscribers’
communication services provided through the outdoor cabinets monitored by KIOSK
[15][16].
KIOSK User Interface (kUI) is a GUI that presents, through an HTML web application, all
CDRs and events take place in real time, containing history of events for a period of 15
days, before moved permanently to OCIM and SDW. kUI is based on Hippo CMS
Enterprise Edition 10, using database entries from both Oracle Database 12c of KIOSK
server and the MySQL 5.5 of KiND. As an application server, kUI uses Oracle’s
WebLogic Server 12c with Oracle JVM - Java 8 for desktop’s web application
environment. [17][18][19][20].
Users of kUI are classified into 3 categories: Administrators, Super Users and Users, with
privileges that correspond accordingly (User Access Groups).
Security Assessment
The analysis team members after conducted all necessary interviews, reports and
workshops concluded to the following results, reviewing and identifying important assets and
areas of concern that concern these assets, as well as the security requirements and current
practices applied for protecting them:
PSTN Control Cards
Areas of Concern
An interruption of the operational status of the PSTN control card, due to potential failure of
hardware or communication network medium that connect physically the outdoor cabinet with
the KIOSK system, will result to isolation of cabinet without actual knowledge about it’s status
(interruption of service). In addition, throughout repairments or installations of communication
services and products performed by authorized technicians inside an outdoor cabinet of
OCCN, accidental interruption or outage of service might occur, due to failure based on
human faults.
Security Requirements
Confidentiality PSTN control card is monitoring the core network and services provided to
6. - 4 -
subscribers, by monitoring cabinet door state status (open/close). Any
violation of this, without a prior system update through standard procedures,
will lead to alert signaling.
Integrity Access is granted only to authorized technicians who belong to KIOSK’s
task force, prior verified with TDMF entry (PIN access code), unique for each
outdoor cabinet. Also for each technical operation performed in the cabinet
(repairs, modifications, installations) the KIOSK department is aware of, as
technicians receive their daily work schedule directly through the KIOSK
Dispatchers.
Availability The control card must be available 24/7/365 because, except it must be
available to technicians or any other authorized person who wishes to verify
his legitimate access to the outdoor cabinet, it must be constantly connected
with the OCS in order to respond to the frequent periodic polling.
Current protection strategies
Short outage of service provided by the control card would not cause significant problems if
not exceeds the proposed polling period (10 minutes). In case of power supply failure, UPS
system is launched automatically and standby technicians are activated. In any other failure,
Mobile Patrol Security is contacted.
KIOSK Central Administration System (CAS) - VPS, OCS, OCIM and KIOSK server
Areas of Concern
Any hardware or software failures due to potential malfunction, tampering or destruction of
equipment and power supply loss might lead to temporary system malfunction or break
down.
Security Requirements
Confidentiality Chief Director of the IT Department originally performed the initial installation
and configuration of all components included in the Central Administration
System. No modifications or alterations are allowed without his prior
approval. Operational status, of all components included, is real time
monitoring by Chief Director of IT Department and Administrative Assistants,
rotating into standby shifts, providing 24/7/365 QoS.
Integrity All assets are maintained by the Administrative Assistants, who are
responsible for routine inspections and maintenances.
Availability All assets should be available 24/7/365 as part of Central Administration
System
Current protection strategies
KIOSK system is using SDW cloud vendor for real time redundancy, allowing temporary
break down of components. VPS, OCS, OCIM and KIOSK server physical location (Server
Room) is protected with a 2-way Authentication mechanism (PIN access code and fingerprint
biometric system). All connections to other components of CAS, such as KiND, kUI terminals
and SDW are protected with hardware firewalls, VPN tunneling and IDS system
Keruak Information Network Database (KiND)
Areas of Concern
Potential failure of KiND due to hardware or software tampering, destruction of equipment,
power supply loss might lead to an instant system’s break down. Also accidental or
deliberate entries or modifications of data of subscribers will lead to a serious system’s
malfunction such as operational interruption. Furthermore “sensitive” network information of
clients that runs through outdoor cabinets KIOSK monitors, is exposed to all users of KiND,
e.g. Network Dispatchers from other technical departments who automatically supply
technicians with network details making KiND to be subject to threats such as deliberate or
accidental information disclosure, illegal processing of data, unauthorized use of equipment,
forging and abuse of rights
Security Requirements
Confidentiality Any network data, that involve clients and communication services using
outdoor cabinets KIOSK monitors, must be protected and secured from
unauthorized access. Information exposed even to KIOSK users should be
7. - 5 -
classified according to their privileges.
Integrity Any modification or update to such network data must take place only by
authorized and trained personnel.
Availability Network information must be available 24/7/365.
Current protection strategies
KiND is using a multiple mirroring server system for redundancy with additional UPS support
for power supply outage. Analytical details of the network are available only to Dispatchers
and technicians who have been granted access. Information from TYPO3 CMS to all
applications requiring data, including kUI, is acquired through VPN tunneling therefore no
outside actor could gain access through the network.
KIOSK User interface (kUI)
Areas of Concern
CDRs and events monitoring is also performed by members of the Security Department after
recent re-organization of company, no appropriate training or background check has been
applied to new low-end-users, therefore it is possible to have accidental handling and false
justification of incidents or events that might lead to interruption or even inappropriate
modification of information records, accidentally or deliberately. Additionally, as kUI is also
accessed through terminals and computer offices, located in areas outside KIOSK
department, there is a potential threat of disclosure, through physical access, in case a kUI
terminal remains active in the absence of its user.
Security Requirements
Confidentiality Information appears to KIOSK users should be categorized
according to their privileges.
Integrity All users of KIOSK must know how to deal with any incidents
Availability kUI interface must be monitored and available 24/7/365.
Current protection strategies
All kUI users using authentication mechanism to enter the Web Application and are classified
into different User Access Groups with different information access rights. Access to kUI is
granted through VPN tunneling avoiding outside network access in case of authentication
information leakage.
Sensage Data Warehouse (SDW)
As SDW is an external cloud vendor, no qualitative security assessment through the
OCTAVE framework can be performed, as it must be treated as “black box” because there
is no true knowledge of assets contained inside. Therefore SDW considered as untrusted.
After the analysis team identified important assets and recognized areas of concern in
relation to security requirements and current protection strategies, a further examination
applied by generating threat profiles for assets that considered as critical. Combining
information derived previously, the analysis team recognized specific assets as critical and
related them to areas of concern identified previously for these assets with additional
potential threats, extracted through gap analysis, that are presented below [21].
Keruak Information Network Database (KiND)
Areas of Concern Threat Properties
1. Insider accidentally
tampers software or
causes hardware failure
Asset: KiND
Access: physical
Actor: insiders
Motive: accidental
Outcome: loss/destruction & interruption
2. Insider intentionally or
accidentally tampers
software, causing failure
or alters/retrieve the data
of critical information
entries
Asset: KiND
Access: physical & network
Actor: insiders
Motive: accidental & deliberate
Outcome: disclosure, modification,
loss/destruction & interruption
8. - 6 -
PSTN Control Cards
Areas of Concern Threat Properties
1. Technicians or any
other authorized
personnel accidentally
break the PSTN control
card
Asset: PSTN control card
Access: physical
Actor: insiders
Motive: accidental
Outcome: loss/destruction & interruption
2. Technicians or any
other authorized
personnel set control card
permanently to provide
negative/false condition
(no alerts/no intrusion)
Asset: PSTN control card
Access: physical
Actor: insiders
Motive: deliberate
Outcome: disclosure & modification
3. Outsiders accidentally
break down the cabinet
(car accident or any other
similar incident)
Asset: PSTN control card
Access: physical & network
Actor: outsiders
Motive: accidental
Outcome: loss/destruction & interruption
4. Terrorists or Vandals
damage outdoor cabinet
Asset: PSTN control card
Access: physical & network
Actor: outsiders
Motive: deliberate
Outcome: loss/destruction & interruption
5. Technicians or any
other authorized
personnel accidentally
break communication line
of the PSTN control card
Asset: PSTN control card
Access: network
Actor: insiders
Motive: accidental
Outcome: loss/destruction & interruption
6. Technicians or any
other authorized
personnel intentionally
trap communication line of
the PSTN control card to
remotely control access
Asset: PSTN control card
Access: network
Actor: insiders
Motive: deliberate
Outcome: disclosure & modification
Analysis team recorded all upper information, into Critical Threat profiles trees for Human
Actors using Network Access but also for Human Actors using Physical Access for both
critical assets identified (the PSTN control card and KiND), which can be found at Appendix
(Figure 2, 3, 4 and 5). Following, the analysis team focused at KIOSK information
infrastructure, examining and determining key components to system’s technology
architecture that could drive to unauthorized actions against the critical assets identified
before, by taking into consideration technological weaknesses pointed out, which human
threat actors could use to exploit and also proposing solutions that could minimize or mitigate
exploitation [21]. As key components, in terms of technology architecture and technology
weaknesses, the analysis team recognized the following:
Key Components Technology Vulnerabilities Solution
Communication between
OCCN and KIOSK
Communication is taking
place by PSTN connection
used by control card. In case
of total network failure, no
communication is possible
between the OCCN and
KIOSK, therefore cabinet’s
Installing additional GSM
connectors, to control cards
in order to have multiple ISPs
through different
communication paths,
providing network
redundancy between OCCN
9. - 7 -
condition is unknown. The
outcome is Interruption of
service (accidental or
deliberate)
and KIOSK.
Location of KiND
Access to data through
KiND related to the
KIOSK
Physical location of KiND
and a potential network or
physical access from
unauthorized insiders to
information related to KIOSK,
result to disclosure
Creating a new information
network database, separated
from KiND, that would host
all relative information data
related and required by
KIOSK to operate, installed
inside the KIOSK department
and maintained exclusively
by KIOSK’s Administrative
Assistants.
Sensage Data Warehouse
(SDW)
Using an external cloud
vendor storage and real time
analyzing of log data is
outside the logic of OCTAVE
framework. SDW must be
treated as untrusted, despite
the fact that the network
connection is protected
through VPN tunnelling and
firewall
Replace SDW redundancy
system with a new one,
installed KIOSK department
and exclusively maintained
and supported by the
Administrative Assistants of
KIOSK.
New-entry kUI users
New-entry kUI users’
terminal physical location
Physical location of new-
entry kUI users’ computers
may lead to accidental or
deliberate disclosure by
insiders. Also the fact that no
training has been provided to
new-entry users might lead
to false justification of
incidents and therefore to
modification or loss.
Transfer all employers
considered as “kUI users” to
the KIOSK department and
provide them with proper
training about policies and
practices in terms of security
and KIOSK operational
requirements of all systems
procedures.
Simultaneous service outage
on both OCS and SIP’s
server backup outbound
connectivity
In the worst case scenario,
where both OCS and VPS’s
SIP server, simultaneously
having service outage,
outbound connectivity to
OCCN is impossible and this
leads to interruption.
A Business-Continuity
approach must be applied,
installing an additional
system server with outbound
connectivity to OCCN and
KIOSK components, such as
KIOSK server and OCIM.
This Business Continuity
server must be located inside
KIOSK, configured and
maintained by Chief Director
of IT Department.
Revising all the above, the analysis team of experts, concluded into final Threat Trees for
Human Actors using Network Access for both critical assets previously identified, that also
represent the way key components and technological weaknesses correspond with these
threat trees [21]. KiND’s and PSTN control cards Threat Trees for Human Actors using
Network Access, combining key components and technology weakness are presented in
Appendix (Figure 6,7).
All suggestions and architecture proposed and analyzed through the final stages of this
security assessment are presented below (Figure 8). Notice that in this final diagram, all new
systems proposed appear inside CAS and have replaced previous ones. Specifically, KiND
10. - 8 -
has been replaced with Critical Network Information Server. The SDW cloud is no longer
present and has been replaced with a secondary Reporting Database Server. All kUI users
and their terminals have been transferred inside KIOSK department and the Business
Continuity server is being installed and connected to all components accordingly, for treating
the worst-case scenario. Furthermore PSTN and GSM connectivity has been applied to both
VPS and Business Continuity server, ensuring network redundancy to all KIOSK
components. Finally IDS system is no longer needed and will be used for future needs of
department.
Fig. 8 KIOSK new system architecture diagram
Conclusion
Through the security assessment took place, analysis team managed to identify successfully
major technological vulnerabilities of KIOSK that would eventually have lead to security
issues. The analysis team, under the scope of OCTAVE framework managed to address all
weaknesses identified through security evaluation and through workshops took place with
the collaboration of the experts participated, specific solutions proposed in order to take
actions against the issues that were identified, by implementing advanced security practices
within the KIOSK department. Future repetition of security assessment must be considered
as essential and current assessment will be used as reference guide for any forthcoming
security evaluation of KIOSK department. Please note that this security assessment
approached security risks in a qualitative perspective, for reasons analyzed previously.
Supplementary risk analyses is advised as OCTAVE can be combined with quantitative risk
analyses methods, such as DREAD or CVSS Version 2.0.
11. - 9 -
References
[1] Januszkiewicz Paulina, Pyka Marek (2007). «Designing a Security Policy According
to BS 7799 Using the OCTAVE Methodology» [Internet] pp.4-5
<http://ieeexplore.ieee.org.ezproxy.kingston.ac.uk/stamp/stamp.jsp?tp=&arnumber=4
159867> [Accessed April 2015]
[2] R. Caralli, J. Stevens, L. Young, W.Wilson (2007). «Introducing OCTAVE Allegro:
Improving the Information Security Risk Assessment Process» [Internet] pp.14-16
<http://resources.sei.cmu.edu/asset_files/TechnicalReport/2007_005_001_14885.pdf
> [Accessed April 2015]
[3] Voice Platform Solution 8.1 «Integration Guide» (2013) [Internet]
Genesys. p.90 http://docs.genesys.com/Special:Repository/81gvp_ig-
vps.pdf?id=51370a50-6039-4c4c-9ef1-758621427e14 [Accessed May 2015]
[4] Voice Platform 8.5 «GVP Architecture» (2015) [Internet]
Genesys. <http://docs.genesys.com/Documentation/GVP/85/GDG/ARCH> [Accessed
May 2015]
[5] GVP Architecture «Resource Manager» (2015) [Internet] Genesys. <
http://docs.genesys.com/Documentation/GVP/85/GDG/GCRM> [Accessed May 2015]
[6] Outbound Contact 8.1 «Reference manual» (2013) [Internet] Genesys. pp. 7-16,
pp.87-88 http://docs.genesys.com/Special:Repository/81ou_ref.pdf?id=f7675552-
8d66-4283-81df-f22ede9e3825 [Accessed May 2015]
[7] Genesys Media Server 8.5 «Deployment Guide» (2013) [Internet] Genesys. pp.14-
20 <http://docs.genesys.com/Special:Repository/85gvp_dep-gms.pdf?id=ee7c3617-
3882-434a-9e28-52a1d1cab433> [Accessed May 2015]
[8] Configuring GVP «Configuring the GVP Reporting Server Database» (2015) [Internet]
Genesys. <http://docs.genesys.com/Documentation/GVP/85/GDG/CGRSD#BYB>
[Accessed May 2015]
[9] Oracle Database Consolidation «Manage Many Databases As One» (2015) [Internet]
Oracle. <https://www.oracle.com/database/solutions/consolidation.html> [Accessed
May 2015]
[10] GVP Architecture «Media Control Platfrom» (2015) [Internet]
Genesys. <http://docs.genesys.com/Documentation/GVP/85/GDG/GCRM#RMRMF>
[Accessed May 2015]
[11] GVP Architecture «Resource Manager Functions» (2015) [Internet] Genesys
<http://docs.genesys.com/Documentation/GVP/85/GDG/GCMCP#MCPF>
[12] GVP Architecture «Call Control Functions» (2015) [Internet] Genesys
<http://docs.genesys.com/Documentation/GVP/85/GDG/GCCCP#GCCCPF>
[Accessed May 2015]
[13] GVP Architecture «Reporting Server Functions» (2015) [Internet] Genesys
<http://docs.genesys.com/Documentation/GVP/85/GDG/GCRS#ARCHRSF>
[Accessed May 2015]
[14] Sensage «Event Data Warehouse» (2015) [Internet] CISCO
<https://marketplace.cisco.com/catalog/products/2168> [Accessed May 2015]
[15] MySQL Enterprise Edition «Oracle Enterprise Manager for MySQL» (2015) [Internet]
MySQL. <https://www.mysql.com/products/enterprise/em.html> [Accessed May 2015]
[16] TYPO3 «TYPO3 CMS» (2015) [Internet] TYPO3. <http://typo3.org/typo3-cms/>
[Accessed May 2015]
[17] TYPO3 Extension Repository «What are Extensions» (2015) [Internet] TYPO3.
<http://typo3.org/extensions/what-are-extensions/> [Accessed May 2015]
[18] Oracle WebLogic Server «WebLogic Server Overview» (2015) [Internet] Oracle.
<http://www.oracle.com/technetwork/middleware/weblogic/overview/index.html>
[Accessed May 2015]
[19] Java Platform Standard Edition «Java Platform SE Overview» (2015) [Internet]
Oracle. <http://www.oracle.com/technetwork/java/javase/overview/index.html>
[Accessed May 2015]
12. - 10 -
[20] Hippo CMS 10 «System Requirements Hippo CMS 10» (2015) [Internet] Hippo.
<http://www.onehippo.org/library/about/system-requirements.html> [Accessed May
2015]
[21] Christopher Alberts, Audrey Dorofee (2001). «Designing a Security Policy According
to BS 7799 Using the OCTAVE Methodology» [Internet] p.8, pp.11-12
<http://people.tuke.sk/dezider.guspan/security/___bezpecnost%20OCTAVE%20CERT/OCT
AVE%20Threat%20Profiles-OCTAVEthreatProfiles.pdf> > [Accessed May 2015]
Appendix
Fig. 2 Threat Tree for Human Actors using Physical Access Fig. 3 Threat Tree for Human Actors using Network Access
Fig. 4 Threat Tree for Human Actors using Physical Access Fig. 5 Threat Tree for Human Actors using Network Access