/// <summary>
/// Increments the passed SALLevelNIST object and takes care of the max values
/// </summary>
/// <param name="salLevelToincrement"></param>
/// <returns></returns>
private SALLevelNIST IncrementNISTSALLevel(SALLevelNIST salLevelToincrement)
{
SALLevelNIST salLevel = new SALLevelNIST(salLevelToincrement.SALValue, salLevelToincrement.SALName);
if (salLevel.SALValue < MAX_NIST_SAL_VALUE)
{
salLevel.SALValue++;
switch (salLevel.SALValue)
{
case (0):
case (1):
salLevel.SALName = Constants.SAL_LOW;
break;
case (2):
salLevel.SALName = Constants.SAL_MODERATE;
break;
case (3):
salLevel.SALName = Constants.SAL_HIGH;
break;
}
}
else
{
salLevel.SALValue = MAX_NIST_SAL_VALUE;
salLevel.SALName = MAX_NIST_SAL_NAME;
}
return(salLevel);
}
public void loadFromDb(int assessmentId, CSET_Context db)
{
NistProcessingLogic nistProcessing = new NistProcessingLogic();
List <CNSS_CIA_JUSTIFICATIONS> ciavalues = db.CNSS_CIA_JUSTIFICATIONS.Where(x => x.Assessment_Id == assessmentId).ToList <CNSS_CIA_JUSTIFICATIONS>();
foreach (CNSS_CIA_JUSTIFICATIONS cia in ciavalues)
{
switch (cia.CIA_Type.ToLower())
{
case "availability":
this.Availability_Special_Factor = cia.Justification;
this.Availability_Value = nistProcessing.GetWeightPair(cia.DropDownValueLevel.ToLower());
break;
case "confidentiality":
this.Confidentiality_Special_Factor = cia.Justification;
this.Confidentiality_Value = nistProcessing.GetWeightPair(cia.DropDownValueLevel.ToLower());
break;
case "integrity":
this.Integrity_Special_Factor = cia.Justification;
this.Integrity_Value = nistProcessing.GetWeightPair(cia.DropDownValueLevel.ToLower());
break;
}
}
}
/// <summary>
/// Returns the highest level of the passed parameters
/// </summary>
/// <param name="highestConfidentialityLevel"></param>
/// <param name="highestAvailabilityLevel"></param>
/// <param name="highestIntegrityLevel"></param>
/// <returns></returns>
public SALLevelNIST GetHighestLevel(SALLevelNIST currentHighestLevel, SALLevelNIST currentConfidentialityLevel, SALLevelNIST currentAvailabilityLevel, SALLevelNIST currentIntegrityLevel)
{
if (currentConfidentialityLevel.SALValue > currentHighestLevel.SALValue)
{
currentHighestLevel = currentConfidentialityLevel;
}
if (currentAvailabilityLevel.SALValue > currentHighestLevel.SALValue)
{
currentHighestLevel = currentAvailabilityLevel;
}
if (currentIntegrityLevel.SALValue > currentHighestLevel.SALValue)
{
currentHighestLevel = currentIntegrityLevel;
}
return(currentHighestLevel);
}
private List <NistSpecialFactor> GetSpecialFactors(int assessmentId, CSET_Context db)
{
var topList = db.NIST_SAL_INFO_TYPES.Where(x => x.Assessment_Id == assessmentId && x.Selected == true).ToList();
List <NistSpecialFactor> rvalue = new List <NistSpecialFactor>();
foreach (NIST_SAL_INFO_TYPES t in topList)
{
NistSpecialFactor sp = new NistSpecialFactor()
{
Availability_Special_Factor = t.Availability_Special_Factor,
Confidentiality_Special_Factor = t.Confidentiality_Special_Factor,
Integrity_Special_Factor = t.Integrity_Special_Factor,
Type_Value = t.Type_Value,
Availability_Value = SALLevelNIST.GetWeightPair(t.Availability_Value),
Integrity_Value = SALLevelNIST.GetWeightPair(t.Integrity_Value),
Confidentiality_Value = SALLevelNIST.GetWeightPair(t.Confidentiality_Value),
};
rvalue.Add(sp);
}
return(rvalue);
}
private void UpdateHighestLevels(IEnumerable <NistSpecialFactor> infoTypeList, IEnumerable <NISTQuestionPoco> nistQuestions)
{
HighestOverallNISTSALLevel = SALLevelNIST.SAL_LOW;
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// INFO TYPES
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Iterate over the Info Type list and set the highest SAL value for each type
foreach (NistSpecialFactor infoType in infoTypeList)
{
if (infoType.Confidentiality_Value.SALValue > highestInfoTypeConfidentialityValue.SALValue)
{
highestInfoTypeConfidentialityValue = infoType.Confidentiality_Value;
}
if (infoType.Availability_Value.SALValue > highestInfoTypeAvailabilityValue.SALValue)
{
highestInfoTypeAvailabilityValue = infoType.Availability_Value;
}
if (infoType.Integrity_Value.SALValue > highestInfoTypeIntegrityValue.SALValue)
{
highestInfoTypeIntegrityValue = infoType.Integrity_Value;
}
}
this.GetHighestLevel(this.HighestOverallNISTSALLevel, highestInfoTypeConfidentialityValue,
highestInfoTypeAvailabilityValue, highestInfoTypeIntegrityValue);
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// QUESTIONS
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Initialize the question values to that of the Info type values
highestQuestionConfidentialityValue = highestInfoTypeConfidentialityValue;
highestQuestionAvailabilityValue = highestInfoTypeAvailabilityValue;
highestQuestionIntegrityValue = highestInfoTypeIntegrityValue;
// Increments the SAL values as appropriate for each question
if (nistQuestions != null)
{
foreach (NISTQuestionPoco question in nistQuestions)
{
if (question.IsAnswerYes == true)
{
int questionNumber = question.QuestionNumber;
if ((questionNumber == 1) || (questionNumber == 3) || (questionNumber == 6) || (questionNumber == 7) || (questionNumber == 8))
{
highestQuestionConfidentialityValue = this.IncrementNISTSALLevel(highestQuestionConfidentialityValue);
}
if ((questionNumber == 1) || (questionNumber == 2) || (questionNumber == 3) || (questionNumber == 6) || (questionNumber == 5))
{
highestQuestionAvailabilityValue = this.IncrementNISTSALLevel(highestQuestionAvailabilityValue);
}
if ((questionNumber == 1) || (questionNumber == 2) || (questionNumber == 3) || (questionNumber == 4) || (questionNumber == 6))
{
highestQuestionIntegrityValue = this.IncrementNISTSALLevel(highestQuestionIntegrityValue);
}
}
}
}
// Get the highest overall Question value
this.HighestOverallNISTSALLevel = this.GetHighestLevel(this.HighestOverallNISTSALLevel, highestQuestionConfidentialityValue, highestQuestionAvailabilityValue, highestQuestionIntegrityValue);
}