TY  - THES
U1  - Bachelor Thesis
A1  - Reski, Tobias
T1  - Conception and Development of a Threat Modeling Tool
N2  - The development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase of development, and continuously during development iterations, threat modeling can help in following a “Security by Design” approach. This approach allows issues relating to IT security to be found early during development, reducing the need for later improvement – and thus saving resources in the long term. In this thesis the current state of threat modeling is investigated. Based on this analysis, requirements for a new tool are derived. These requirements are then used to develop a new tool, called OVVL, which utilizes all main components of current threat modeling methodologies, as well as functionality not available in existing solutions. After documenting the development process and OVVL in general, this newly developed tool is used to conduct two case studies in the field of e-commerce and IoT.
KW  - Threat Modeling
KW  - Software Architecture
KW  - STRIDE
KW  - Web Development
KW  - Bedrohungsanalyse
KW  - Web-Entwicklung
KW  - Verteiltes System
Y2  - 2019
U6  - https://nbn-resolving.org/urn:nbn:de:bsz:ofb1-opus4-33399
UN  - https://nbn-resolving.org/urn:nbn:de:bsz:ofb1-opus4-33399
SP  - IV, 76
S1  - IV, 76
CY  - Offenburg
ER  -