Overview of Threat Modeling

Threat modeling is the process to visualize the strength and weekness of complete architecture. It should cover the data flow for all the entry and exit points of the system . The component , external system should be linked for each entry and exit points. Generally the Data flow diagram (DFD) is used to draw the Data flow.
The attacker will learn the system behavior from the entry point, exit points in the system. Hence we need to apply the proper security control in the entry points, exit points.
We need to consider All the data from the browser(entry point) as untrusted . hence Security control need to be in place in server side so that we can trust the data .

Threat Modeling
The motive is to find the total vulnerability of total threats.
Risk modeling defines how much total vulnerability impact the Assets.
The valuable resource that need to be protected for successful business like protecting Credit card no, personal information like date of birth,password of individual.
Threat Profile
The list of all possible Threat in the system that needs Mitigation. This is living document means required update for any design changes happened in the system.
This helps for penetration testing to validate the security controls works as expected.
The attacker goal towards the valuable Assets(credit card info,password).It Will represent the what the attacker actually will play or try in the system.
It defines the weakness in the mitigation for any specific threat. The unmitigated threat leads to vulnerability means Architectural flaw in the system.
How much the Vulnerability affects the assets or the business.
It represent the security control used to protect the resource. It also refers as mitigation or countermeasures.
Risk Modeling or Risk Classification
This helps to know risk involved for Assets.
The some of the frameworks as available as below
  • STRIDE (Spoofing Identity, Tampering with Data, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege)
  • CVSS (Common Vulnerability Scoring System Version)
  • DREAD(Damage, Reproducibility, Exploitability, Affected users , Discoverability)
  • Identify all the valuable assets that needs protection
  • Use the existing architecture to understand the system.
  • Decompose the system so that flow from all the entry, exit points to valuable asset needs to be defined.
  • Create the thread profile which has the list of all the threat with priority for the business.
  • Validate each threat against the remediation.
  • If not fully remediated then it is said to be Vulnerability.
  • Based on the risk classification methodology(STRIDE, CVSS, DREAD) the Vulnerability score is calculated.