Threat Modeling - Perhaps It's Time

Steven, John

doi:10.1109/msp.2010.110

Cited by 14 publications

(8 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Developers begin by creating simple diagrams and tables to provide an overview of the system being threat modeled. These diagrams can clarify different interdependencies and features of systems, which are particularly important for smart, internet-connected devices (Steven, 2010). For tech designers and vendors, these visual representations form a useful way to abstract all system properties and diagnose what an application does (Coles & Tarandach, 2020).…”

Section: System: What Are You Building?mentioning

confidence: 99%

Threat Modeling Intimate Partner Violence: Tech Abuse as a Cybersecurity Challenge in the Internet of Things

Slupska¹,

Tanczer²

2021

The Emerald International Handbook of Technology-Facilitated Violence and Abuse

View full text Add to dashboard Cite

Technology-Facilitated abuse, so-called "tech abuse," through phones, trackers, and other emerging innovations, has a substantial impact on the nature of intimate partner violence (IPV). The current chapter examines the risks and harms posed to IPV victims/survivors from the burgeoning Internet of Things (IoT) environment. IoT systems are understood as "smart" devices such as conventional household appliances that are connected to the internet. Interdependencies between different products together with the devices' enhanced functionalities offer opportunities for coercion and control. Across the chapter, we use the example of IoT to showcase how and why tech abuse is a socio-technological issue and requires not only human-centered (i.e., societal) but also cybersecurity (i.e., technical) responses. We apply the method of "threat modeling," which is a process used to investigate potential cybersecurity attacks, to shift the conventional technical focus from the risks to systems toward risks to people. Through the analysis of a smart lock, we highlight insufficiently designed IoT privacy and security features and uncover how seemingly neutral design decisions can constrain, shape, and facilitate coercive and controlling behaviors.

show abstract

Section: System: What Are You Building?mentioning

confidence: 99%

Threat Modeling Intimate Partner Violence: Tech Abuse as a Cybersecurity Challenge in the Internet of Things

Slupska¹,

Tanczer²

2021

The Emerald International Handbook of Technology-Facilitated Violence and Abuse

View full text Add to dashboard Cite

show abstract

“…Threat modeling process is also a collaborative process where participants include: business stakeholders; productteam members from all product development phases, such as enterprise, software and application architects, development leads, IT infrastructure specialists, engineers; security experts such as security analysts, security architects, threat modeling experts [31], [33].…”

Section: A Threat Modeling Definitionmentioning

confidence: 99%

“…Threat modeling is important because it helps in 1) identifying business-logic flaws and other critical vulnerabilities that expose core business assets, 2) enriching assessments with new potential attack vectors, 3) prioritizing the types of attacks to address 4) mitigating the risks more effectively and 5) fixing issues early in the development process [31], [34].…”

Section: A Threat Modeling Definitionmentioning

confidence: 99%

“…Several threat modeling processes including various activities are proposed in literature [4], [15] and widely used in industry (Microsoft [25], [27], [33], CIGITAL [31] and EMC [6]), as shown in Table I. We summarize the threat modeling process into four main phases:…”

Section: B Threat Modeling Processmentioning

confidence: 99%

“…However, the need of security knowledge can "leave most 'off-the-street' developers estranged" [36], with the result that threat modeling is performed sub-optimally or with significant effort involved, or not performed at all. Even after security training, the threat modeling process is still difficult to execute [31].…”

Section: B Threat Modeling Processmentioning

confidence: 99%

See 2 more Smart Citations

Asset-Oriented Threat Modeling

Messe

Chiprianov

Belloir

et al. 2020

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

View full text Add to dashboard Cite

Threat modeling is recognized as one of the most important activities in software security. It helps to address security issues in software development. Several threat modeling processes are widely used in the industry such as the one of Microsoft SDL. In threat modeling, it is essential to first identify assets before enumerating threats, in order to diagnose the threat targets and spot the protection mechanisms. Asset identification and threat enumeration are collaborative activities involving many actors such as security experts and software architects. These activities are traditionally carried out in brainstorming sessions. Due to the lack of guidance, the lack of a sufficiently formalized process, the high dependence on actors' knowledge, and the variety of actors' background, these actors often have difficulties collaborating with each other. Brainstorming sessions are thus often conducted sub-optimally and require significant effort. To address this problem, we aim at structuring the asset identification phase by proposing a systematic asset identification process, which is based on a reference model. This process structures and identifies relevant assets, facilitating the threat enumeration during brainstorming. We illustrate the proposed process with a case study and show the usefulness of our process in supporting threat enumeration and improving existing threat modeling processes such as the Microsoft SDL one.Index Terms-threat modeling (process), asset-based reference model, asset identification, attack pattern

show abstract