Evaluating security measures of a layered system

Most distributed systems that we use in our daily lives have layered architecture since such architectures allow separation of processing between multiple processes in different layers thereby reducing the complexity of the system. Unauthorized control over such systems can have potentially serious consequences ranging from huge monetary loss to even loss of human life. Hence considerable research attention is being given towards building tools and techniques for quantitative modeling and evaluation of security properties. This thesis proposes a high-level stochastic model to estimate security of a layered system. It discusses evaluation of availability and integrity as two major security properties of a three-layered architecture consisting of Client, Web-server and Database. Using Mobius software, this study models the change in vulnerability of a layer owing to an intrusion in another layer. Furthermore, it analyzes the impact on the security of the upper layers due to an intruded lower layer. While maintaining a system availability of 97.73%, this study indicates that increasing the system host attack rate in the Database layer from 10 to 20 will reduce system availability to 97.55%. Similar modification made to a Web-server layer will contribute to 97.04% availability. This set of results imply that increasing attack rate in Web Server layer has a more severe impact on system availability, while the same modification in Database layer will less severely influence system availability. Similar results have been gathered when measuring integrity of the system under identical set of modification. At system integrity of 96.88%, increasing host attack rate in Database layer has resulted in achieving integrity of 96.68%, similar experiment for Web server layer resulted in system integrity of 96.57%.