Design Flaws as Security Threats

Examensarbete för masterexamen

Please use this identifier to cite or link to this item:
Download file(s):
File Description SizeFormat 
250250.pdfFulltext2.41 MBAdobe PDFView/Open
Type: Examensarbete för masterexamen
Master Thesis
Title: Design Flaws as Security Threats
Authors: Malamas, Kyriakos
Hosseini, Danial
Abstract: Current practices used to evaluate security in the architecture, usually involve threat modeling activities. These activities, however, often require a significant amount of resources, in terms of time and effort, to achieve complete threat coverage. Other approaches focus on identifying design flaws early on and usually involve the definition of a rule set and the creation of detailed models to check against these rules which require a significant amount of effort and expertise. This study proposes a manual approach in the form of a catalog of design flaws along with detection guidelines in order to detect design flaws related to security threats. A descriptive study is conducted to evaluate the effectiveness and productivity of the approach, as well as how the detected flaws can be related to threats identified by STRIDE. Finally, further investigation is done to understand how the approach can complement existing threat modeling techniques.
Keywords: Data- och informationsvetenskap;Computer and Information Science
Issue Date: 2017
Publisher: Chalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)
Chalmers University of Technology / Department of Computer Science and Engineering (Chalmers)
Collection:Examensarbeten för masterexamen // Master Theses

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.