-
Notifications
You must be signed in to change notification settings - Fork 9
Security
These security documents are under development and have not been reviewed.
Threat models are required for each injectable application, and can be broken into categories of increasing security and system complexity. Injectable applications generally have separate threat models between the reading and posting process.
Attacks will be judged according to the DREAD model:
- Damage: How big would the damage be if the attack succeeded?
- Reproducibility: How easy is it to reproduce an attack?
- Exploitability: How much time, effort, and expertise is needed to exploit the threat?
- Affected Users: If a threat were exploited, what percentage of users would be affected?
- Discoverability: How easy is it for an attacker to discover this threat?
Each category has a minimum score of 0 and a maximum score of 10. The final DREAD score is the average of the category scores: (D + R + E + A + D) / 5
These threat models are stripped down to the core concern of separating content presentation from content storage. The primary use case is to use third-party web applications while controlling the private content delivered through the application.
- [Posting Threat Model](Plain Posts Posting Threat Model) - Currently under development
- [Reading Threat Model](Plain Posts Reading Threat Model) - Currently under development
Adding Javascript cryptography on top of the core system adds guarantees to the [Plain Post Threat Model](Plain Posts Posting Threat Model). This class of injectable application does not reuse keys between different content URLs, which mitigates the concerns of JavaScript cryptography.
- Posting Threat Model - Development pending completion of the Plain Posts Posting Threat Model
- Reading Threat Model - Development pending completion of the Plain Posts Reading Threat Model
PGP:
- Posting Threat Model - Development pending completion of the Plain Posts Posting Threat Model
- Reading Threat Model - Development pending completion of the Plain Posts Reading Threat Model
The compiled encryption library adds the ability to process content with reusable keys by placing a secure computing environment outside JavaScript. The compiled encryption library will be packaged into the extensions when we have a finished injectable application making use of its cryptographic primitives.
[Group Encryption](Group Encryption):
- Posting Threat Model - Development pending completion of the ZeroBin Posting Threat Model
- Reading Threat Model - Development pending completion of the ZeroBin Reading Threat Model
Foundation Home
Repository List
Development Mailing List
Testing Mailing List
Announcement Mailing List
Central Wiki
Submit a Bug
IRC
Download Extension
These documents are under active development and discussion.
Credit: This Google Summer of Code content is licensed under the CC Attribution-Noncommercial-Share Alike 3.0 Unported license furnished by the Sahana Software Foundation.