記錄 5 之 6
Record:   Prev Next
作者 Tai, Wai Yan Elsa
書名 A study of security threat modeling and its use in evaluation of the certificate authority client certificate authority system
國際標準書號 9780549003410
book jacket
說明 178 p
附註 Source: Masters Abstracts International, Volume: 45-06, page: 3193
Adviser: Ann Gates
Thesis (M.S.)--The University of Texas at El Paso, 2007
Software security has gone from not being a major concern in software development prior to the mid-1990s to becoming an integral consideration in development in the late 1990s and beyond. This is due in large part to the transition of software being developed as standalone applications running on a single computer to applications that run on a network and interconnected through multiple computers and servers. Developers have come to realize the importance of integrating software security into the software development lifecycle, rather than forcing security into a pre-existing design or patching vulnerabilities. Techniques, such as security threat modeling, have been defined to support the development of secure software. Security threat modeling is a systematic approach used to investigate, rate, and document threats that are associated with a software system. The approach involves understanding the system, identifying the entry points, assets, and trust levels, and identifying and prioritizing the security threats
The goal of this research was to determine whether security threat modeling is a practical approach for finding threats and analyze the applicability of security threat modeling to a certificate authority system. The analysis was based on the configuration used at the San Diego SuperComputing Center. The significance of the research is to document threat model of a real system. The detailed documentation included data-flow diagrams, use-case modeling, and code documentation. In addition, observation leading to future improvement has been documented
School code: 0459
DDC
Host Item Masters Abstracts International 45-06
主題 Computer Science
0984
Alt Author The University of Texas at El Paso. Computer Science
記錄 5 之 6
Record:   Prev Next