Threat Modeling Here I am going to discuss only the pertinent info. But you should think about the other architectural components such as distributed architecture, performance and scalability impact your design with respect to security. For example, scalability: physical or virtual (vertical/horizontal or scale-in/scale-out). This document does not provide you all the details but just the highlights and some information with respect to implementation of an application. Case Study: You are searching for products online and placing the orders
1. Before you place the order a product(s) you have to create an account (ie., your mailing address to deliver products/goods)
2. You place the order using the credit card So based on this case study now think about what has to happen for you to place the order.
1. You access to Intranet as well as the Internet 2. Authenticate on the Web (create credentials: UID/Passwd) 3. This info is saved on the backend database 4. Maintain the session and transactional processing 5. Search and place the order (if you decide to purchase) 6. Provide credit card info and a third party validate this information (Clearing House).
Think about Payment Card Industry/Data Security Standards (PCI/DSS) and why it is import as to when you design the architecture)
7. The product order you placed is saved on the database Steps:
1. Define your security objectives? Example: is it providing secure service? 2. Profile the application.
a. Identify physical, logical topology b. Determine the components c. Services, protocols, ports etc….
3. Decompose the application a. Identify the trust boundaries b. Identify the entry points: ports 80/443/22 etc….
4. Identify exit points a. Example: Display the product catalog b. Other products on the Web page etc…..
5. Identify DFD
6. Documents all the security profile information 7. Identify threat and vulnerabilities (use STRIDE Threat List) and document\ 8. Finally, you prioritize the threats