Presentation is loading. Please wait.

Presentation is loading. Please wait.

WwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling With STRIDE and DREAD Chuck Ben-Tzur Security Consultant Sentry Metrics March 27, 2007.

Similar presentations


Presentation on theme: "WwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling With STRIDE and DREAD Chuck Ben-Tzur Security Consultant Sentry Metrics March 27, 2007."— Presentation transcript:

1 wwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling With STRIDE and DREAD Chuck Ben-Tzur Security Consultant Sentry Metrics March 27, 2007

2 wwwTASK.to © Toronto Area Security Klatch 2007 (Application) Threat Modeling A process to identify threats to the system, the associated risks and determine the correct controls to produce effective countermeasures The output is a list of rated threats. The threat model helps you to focus on the most potent threats Aimed to be used at the design phase of a system. However, usually implemented at the testing phase (vulnerability assessment) Not only for web applications. Can be (and should be...) applied to different type of systems (e.g. networks)

3 wwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling (cont.) The threat modeling process (introduced by Microsoft around 2002) Identify Assets Create architecture overview (subsystems, trust boundaries, data flow) Decompose the application (Build a security profile) Identify the threats (STRIDE) Document the threats Rate the threats (DREAD)

4 wwwTASK.to © Toronto Area Security Klatch 2007 STRIDE A methodology for identifying and categorizing threats S S poofing identity T T ampering with data R R epudiation I I nformation disclosure D D enial of service E E levation of privileges “Business” oriented – easier for non-technical persons to relate to Expand (can replace) the “map by mechanisms and subsystems” approach Can be used also to identify threats (e.g. as pen. test checklist)

5 wwwTASK.to © Toronto Area Security Klatch 2007 DREAD A methodology for risk rating. Each vulnerability is graded in all of the following categories: D D amage potential 0 – Leaking Trivial Info, 5 – Sensitive, 10 – Admin level R R eproducibility 0 – Very difficult to reproduce, 5 – three steps, 10 – web browser E E xploitability 0 – very skilled, 5 – can be automated, 10 – novice programmer A A ffected Users 0 – few users, 5 – some users, 10 – all users D D iscoverability 0 – unlikely, 5 – accessible only to few users, 10 - published The risk overall rate calculation formula: Rating = (D + R + E + A + D) / 5 ThreatDREADRate Attacker obtains authentication credentials by monitoring the network High SQL commands injected into application10 59High

6 wwwTASK.to © Toronto Area Security Klatch 2007 DREAD (cont.)

7 wwwTASK.to O perationally C ritical T hreat A sset and V ulnerability E valuation Risk-based strategic assessment and planning technique for security Key differences: Organization focused (as opposed to system) Security practices (not technology specific) Strategic issues (not relating to tactical aspects) Self direction (security experts) Flexible - can be tailored for small and large organizations Focuses on the design and strategic planning of the organization Input is from both internal business and technical resources Not suitable for ad-hoc vulnerability assessments © Toronto Area Security Klatch 2007 The OCTAVE Option

8 wwwTASK.to © Toronto Area Security Klatch 2007 Resources Threat Modeling Microsoft Threat Analysis & Modeling v b7d &displaylang=en Octave Good book on the subject Threat Modeling (Microsoft Professional)


Download ppt "WwwTASK.to © Toronto Area Security Klatch 2007 Threat Modeling With STRIDE and DREAD Chuck Ben-Tzur Security Consultant Sentry Metrics March 27, 2007."

Similar presentations


Ads by Google