Thread Modeling

Posted on Actualizado enn

Todo proyecto de seguridad informática debe iniciar con un modelado de amenzas.

1.-Decompose the application

  1. Uses Cases (how the app is used, identify entry points), assets (valores, recursos), trust levels
  2. DFD data flow diagrams, with previous information can generate this diagrams, to find targets
    1. Data sources, process, data flows, and interaction with users, these threat can be identified further as the roots for threats  trees

A list of: External dependencìes; entry points; assets; roles (set of priviledges, trust levels)

2.-Determine and rank threats

  1. A thread  categorization like STRIDE can be used or ASF application security frame.
    1. Defensive ASF
      1. Auditing and logging
      2. Authentication
      3. Authorization
      4. Configuration Managment
      5. Data protection in storage and transite
      6. Data validation
      7. Exception management
    2. Attacker
      1. Spoofing of user identity (illegal access) – Security control => Authetication
      2. Tampering (Maliciously add/modify persistent data) – Security control => Integrity
      3. Repudiation (are associated with users who deny performing an action without other parties having any way to prove ) – Security control => No repudiation
      4. Information disclosure (privacy breach or data leak, read data that was not granted) – Security control => Confidentiality
      5. Denial of service (D.o.S) (Make service unavailable) – Security control => Availability
      6. Elevation of privilege (Gain privileged access) – Security control => Authorization
    3. Determination of the security risk for each threat, use DREAD or a less subjective qualitative risk model
      1. Do nothing, inform about the risk, mitigate the risk, accept the risk, transfer the risk, terminate the risk

3.-Countermeasures and mitigation

  1. Mapping list of risk, mitigation strategy, level of mitigation, effort, business impact, owner


Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de

Estás comentando usando tu cuenta de Cerrar sesión /  Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión /  Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión /  Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión /  Cambiar )


Conectando a %s