Sussen Use Cases

Posted by lorenb on Apr 9, 2004 in projects |

Read some stuff from Robert Love about user centric design and use cases in OSS development. In a nut shell instead of having a functional specification, lists of needed components, a description of features at a low-level, and so on, all you have is a set of very high-level use cases, in plain English, describing an action a potential user might perform and then the system’s reaction.

It looks like an interesting idea and I’ve come up with some use cases for Sussen that tries to capture what we are working towards. They are presented here.

Note this is just a first draft, comments/suggestions are welcome.

Abstract: The goal of the Sussen project is to create a security scanner which remotely tests computers and network devices for security vulnerabilities and provide reports based on the results.

Use Cases: For the purposes of these use cases, the various compoents that comprise the Sussen project (sussen,sussen-sensor,sussen-plugins) will be considered black box.

These use cases were developed with the needs of a particular target audience in mind. Target audience members are assumed to have medium level of computer literacy, and to be familiar with a variety of applications and devices.

Are we vulnerable to [exploit] ?

Dave is notified of a new virus/worm that is spreading over the Internet. He wants to know if any of the machines on his network are are vulnerable. He loads sussen, provides his network range, the ID [CVE | Bugtraq | sussen-plugin] of the vulnerability, and selects a sussen-sensor to perform the work.

Dave then tells the software he wants a report in [HTML | PDF | Other] format and to send it via email to himself and Bob, the system administrator. Sussen allows him to manually enter the address(es) or select from contacts contained in his Evolution address book.

Dave starts the scan and when the testing is complete , the report is automatically emailed to both himself and Bob.

Large Network Scanning

Rusty wants to test the security of a large network. He has previously deployed a number of sussen-sensors in various points on the network. Rusty starts up the sussen software and provides the network range, the policy for the scan, and selects all his sussen-sensors to do the work. The software will distribute the work between the sensors and store the results of the tests in a database specified by Rusty.

Continuous Scanning

Jane wants to do regular [daily | weekly | monthly] scans of her network. She wants to know if anything changed since the last time she did a scan. She tells the software the network addresses and the policy to use for scanning.

The software performs the scan as normal but also saves the results on the sensor. The next time the scan is performed the sensor will refer to the historical data when performing the testing.

Custom Reports

Charles is a security consultant who does numerous vulnerability assessments on a regular basis. He wants to reduce the amount of presentation work he has to do with reports before he submits them to his clients.

Charles starts the report editor in the software and creates a custom report template containing his company logo and contact information, look & feel layout, and what information to include.

Security Tests

Steven hears about a new security exploit from a security mailing list. He wants to create a test for this exploit to know if he is vulnerable. He loads the sussen plugin editor and uses it to write, test and debug his security test. The editor provides templates and a help API which you can use to rapidly develop your tests.

Steven uses the software to upload the new security test to his sussen-sensor(s) and then performs a scan against his network with it.

Scan Policies

Alice wants to be able to define scan policies for different types of machines and devices that she has. The software presents the option to create new policies based on existing ones.

Alice uses one of her existing policies and modifies the particular security tests and scan parameters. When she is finished she saves that as a new policy. She creates policies for all various different classes of machines/devices (web servers, firewalls, routers, etc.)

Historical Reports

Dale needs the results of a scan he did six months ago. He loads the software and looks at the list of previous sessions. He sorts the list and finds the session he is looking for, selects it.

The software presents options for what kind of report Dale wants generated. Dale can choose from a list of predefined reports or create his own custom one.

... other posts by lorenb

April 2004

M T W T F S S

« Mar Jun »

1 2 3 4

5 6 7 8 9 10 11

12 13 14 15 16 17 18

19 20 21 22 23 24 25

26 27 28 29 30 31
Categories
- business (58)
- game development (4)
- general (63)
- gnome (171)
- iphone (58)
- linux (17)
- mono (58)
- projects (399)
- technology (79)
- windows (27)
Archives
iphone
- DefaultPass
- MMA Tracker
open source
people
- Canadian Wine Guy
Meta
Meta
- Log in
- Valid XHTML
- XFN
- WordPress

April 2004
M	T	W	T	F	S	S
« Mar				Jun »
		1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

LB Technology Services Blog

Sussen Use Cases

Categories

Archives

iphone

open source

people

Meta

Meta