A general high level overview of common steps in the defensive perspective threat modeling are:
* Define the application requirements:
o Identify business objectives
o Identify user roles that will interact with the application
o Identify the data the application will manipulate
o Identify the use cases for operating on that data that the application will facilitate
* Model the application architecture
o Model the components of the application
o Model the service roles that the components will act under
o Model any external dependencies
o Model the calls from roles, to components and eventually to the data store for each use case as identified above
* Identify any threats to the confidentiality, availability and integrity of the data and the application based on the data access control matrix that your application should be enforcing
* Assign risk values and determine the risk responses
* Determine the countermeasures to implement based on your chosen risk responses
* Continually update the threat model based on the emerging security landscape.
0 comments:
Post a Comment