A study of security threat modeling and its use in evaluation of the certificate authority client certificate authority system
Software security has gone from not being a major concern in software development prior to the mid-1990s to becoming an integral consideration in development in the late 1990s and beyond. This is due in large part to the transition of software being developed as standalone applications running on a single computer to applications that run on a network and interconnected through multiple computers and servers. Developers have come to realize the importance of integrating software security into the software development lifecycle, rather than forcing security into a pre-existing design or patching vulnerabilities. Techniques, such as security threat modeling, have been defined to support the development of secure software. Security threat modeling is a systematic approach used to investigate, rate, and document threats that are associated with a software system. The approach involves understanding the system, identifying the entry points, assets, and trust levels, and identifying and prioritizing the security threats. ^ The goal of this research was to determine whether security threat modeling is a practical approach for finding threats and analyze the applicability of security threat modeling to a certificate authority system. The analysis was based on the configuration used at the San Diego SuperComputing Center. The significance of the research is to document threat model of a real system. The detailed documentation included data-flow diagrams, use-case modeling, and code documentation. In addition, observation leading to future improvement has been documented.^
Tai, Wai Yan Elsa, "A study of security threat modeling and its use in evaluation of the certificate authority client certificate authority system" (2007). ETD Collection for University of Texas, El Paso. AAI1444110.