Design Flaws as Security Threats

dc.contributor.authorMalamas, Kyriakos
dc.contributor.authorHosseini, Danial
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)sv
dc.contributor.departmentChalmers University of Technology / Department of Computer Science and Engineering (Chalmers)en
dc.description.abstractCurrent practices used to evaluate security in the architecture, usually involve threat modeling activities. These activities, however, often require a significant amount of resources, in terms of time and effort, to achieve complete threat coverage. Other approaches focus on identifying design flaws early on and usually involve the definition of a rule set and the creation of detailed models to check against these rules which require a significant amount of effort and expertise. This study proposes a manual approach in the form of a catalog of design flaws along with detection guidelines in order to detect design flaws related to security threats. A descriptive study is conducted to evaluate the effectiveness and productivity of the approach, as well as how the detected flaws can be related to threats identified by STRIDE. Finally, further investigation is done to understand how the approach can complement existing threat modeling techniques.
dc.subjectData- och informationsvetenskap
dc.subjectComputer and Information Science
dc.titleDesign Flaws as Security Threats
dc.type.degreeExamensarbete för masterexamensv
dc.type.degreeMaster Thesisen
local.programmeSoftware engineering and technology (MPSOF), MSc
Ladda ner
Original bundle
Visar 1 - 1 av 1
Bild (thumbnail)
2.35 MB
Adobe Portable Document Format