Posted on

Threat Modeling: STRIDE & Data Flow diagrams

I’ve learned some very easy and useful techniques for performing threat modeling in order to evaluate and improve a system’s security. This stuff is a mandatory, documented step in developing for the DoD.

I used to be intimidated by trying to analyze the security of a system. No more.

Now that I have a clue about it, and see how relatively approachable the whole subject is, I consider this a vital step of any design process. Right up there with guessing the resources you’ll need, choosing a
platform, programming language, etc. Really – this is super easy. It’s kinda like basic class diagrams, only for security.

Of course, security goes much deeper than these simple tools, just like object oriented design goes deeper than class diagrams. But in each case, the simple tool gets you a heck of a long way.

Just trust me – this is good reading. RREEAAADDD, my geek friends. At least enough to get a solid feel for this. Maybe this is old hat for some of you.

STRIDE / Data Flow Diagram based analysis:
http://msdn.microsoft.com/en-us/magazine/cc163519.aspx

Threat Trees:
http://etutorials.org/Linux+systems/secure+linux-based+servers/Chapter+1.+Threat+Modeling+and+Risk+Management/Section+1.3.+An+Alternative+Attack+Trees/

Richard

This article was posted to The List by Richard and has been reproduced here for general consumption.