Volltext-Downloads (blau) und Frontdoor-Views (grau)

A Case Study Based Review on Threat Modeling Techniques and their Efficacy in Modern Software Engineering

  • Threat Modeling is a vital approach to implementing ”Security by Design” because it enables the discovery of vulnerabilities and mitigation of threats during the early stage of the Software Development Life Cycle as opposed to later on when they will be more expensive to fix. This thesis makes a review of the current threat Modeling approaches, methods, and tools. It then creates a meta-modelThreat Modeling is a vital approach to implementing ”Security by Design” because it enables the discovery of vulnerabilities and mitigation of threats during the early stage of the Software Development Life Cycle as opposed to later on when they will be more expensive to fix. This thesis makes a review of the current threat Modeling approaches, methods, and tools. It then creates a meta-model adaptation of a fictitious cloud-based shop application which is tested using STRIDE and PASTA to check for vulnerabilities, weaknesses, and impact risk. The Analysis is done using Microsoft Threat Modeling Tool and IriusRisk. Finally, an evaluation of the results is made to ascertain the effectiveness of the processes involved with highlights of the challenges in threat modeling and recommendations on how security developers can make improvements.show moreshow less

Download full text files

  • MScThesis_MartinsOkoi.pdf
    eng

Export metadata

Statistics

frontdoor_oas
Metadaten
Author:Martins Divine Okoi
Place of publication:Offenburg
Year of Publication:2021
Page Number:xii, 136
Language:English
DDC classes:000 Allgemeines, Informatik, Informationswissenschaft / 000 Allgemeines, Wissenschaft / 004 Informatik
Advisor:Andreas Schaad, Dirk Drechsler
Publishing Institution:Hochschule Offenburg
Granting Institution:Hochschule Offenburg
Date of final exam:2021/12/20
Document Type:Master's Thesis
Institutes:Abschlussarbeiten / Master-Studiengänge / ENITS
Open Access:Nein
Release Date:2022/03/22
Licence (German):License LogoCreative Commons - CC BY-SA - Namensnennung - Weitergabe unter gleichen Bedingungen 4.0 International