Checking threat modeling data flow diagrams for implementation conformance and security

Authors:
Marwan Abi-Antoun;Daniel Wang;Peter Torr
Affiliations:
Carnegie Mellon University, Pittsburgh, PA;Microsoft, Redmond, WA;Microsoft, Redmond, WA
Venue:
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Year:
2007

Citing 6
Cited 1

Writing Secure Code

Writing Secure Code
Documenting Software Architectures: Views and Beyond

Documenting Software Architectures: Views and Beyond
Software Reflexion Models: Bridging the Gap between Design and Implementation

IEEE Transactions on Software Engineering
Threat Modeling

Threat Modeling
Demystifying the Threat-Modeling Process

IEEE Security and Privacy
The Security Development Lifecycle

The Security Development Lifecycle

Analyzing security architectures

Proceedings of the IEEE/ACM international conference on Automated software engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Threat modeling is a lightweight approach to reason about application security and uses Data Flow Diagrams (DFDs) with security annotations. We extended Reflexion Models to check the conformance of an as-designed DFD with an approximation of the as-built DFD obtained from the implementation. We also designed a set of properties and an analysis to help novice designers think about security threats such as spoofing, tampering and information disclosure.