Modeling Security Vulnerabilities: A Constraints and Assumptions Perspective

Preventing exploits from compromising software applications requires a fundamental understanding of how they are being exploited, and then leveraging that understanding in the formulation of tests that reveal software application vulnerabilities. To advance that understanding this paper first presents a process/object model of computation that establishes a relationship between software vulnerabilities, an executing process, and computer system resources such as memory, input/output, and cryptographic resources. That relationship promotes the concept that a software application is vulnerable to exploits when it violates (a) constraints imposed by computer system resources or (b) assumptions made about the usage of those resources. Secondly, the process/object model also serves as a foundation for the definition of a taxonomy of vulnerabilities. That is, the computer system resources (or objects) identified in the process/object model form the categories and refined subcategories of the taxonomy. Vulnerabilities, which are expressed in the form of constraints and assumptions, are classified within the taxonomy according to these categories and subcategories. This taxonomy of vulnerabilities is novel and distinctively different from other taxonomies found in literature, and is also outlined in this paper