The search result changed since you submitted your search request. Documents might be displayed in a different sort order.
  • search hit 33 of 776
Back to Result List

Conception and Development of a Threat Modeling Tool

  • The development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase ofThe development of secure software systems is of ever-increasing importance. While software companies often invest large amounts of resources into the upkeeping and general security properties of large-scale applications when in production, they appear to neglect utilizing threat modeling in the earlier stages of the software development lifecycle. When applied during the design phase of development, and continuously during development iterations, threat modeling can help in following a “Security by Design” approach. This approach allows issues relating to IT security to be found early during development, reducing the need for later improvement – and thus saving resources in the long term. In this thesis the current state of threat modeling is investigated. Based on this analysis, requirements for a new tool are derived. These requirements are then used to develop a new tool, called OVVL, which utilizes all main components of current threat modeling methodologies, as well as functionality not available in existing solutions. After documenting the development process and OVVL in general, this newly developed tool is used to conduct two case studies in the field of e-commerce and IoT.show moreshow less

Download full text files

Export metadata

Metadaten
Author:Tobias Reski
Place of publication:Offenburg
Year of Publication:2019
Pagenumber:81
Language:English
GND Keyword:Bedrohungsanalyse; Verteiltes System; Web-Entwicklung
Tag:STRIDE; Software Architecture; Threat Modeling; Web Development
DDC classes:000 Allgemeines, Informatik, Informationswissenschaft
Advisor:Andreas Schaad, Oliver Vauderwange
Publishing Institution:Hochschule Offenburg
Granting Institution:Hochschule Offenburg
Date of final exam:2019/02/18
Document Type:Bachelor Thesis
Acces Right:Frei zugänglich
Release Date:2019/03/23
Licence (German):License LogoCreative Commons - CC BY-SA - Namensnennung - Weitergabe unter gleichen Bedingungen 4.0 International
URN:urn:nbn:de:bsz:ofb1-opus4-33399