![]() ![]() ![]() The work offers an Academic Cloud Computing Threat Patters (ACCTP) catalog as a way of the threat modeling of cloud systems and a set of design primitives as means of learning cloud security challenges. ![]() This work briefly describes those efforts and concentrated on an ontological catalog of cloud system threats. Towards automation of the threat modeling process we have proposed an ontological approach both to analysis of a system design (by an ontology-driven threat modeling framework) and creation of security patterns (by an ontological schema of security pattern). Cloud computing domain has been in a focus of security scientists and experts for decade, however it is still a problem to make secure the use of cloud systems and their applications, because of distributed nature, variety of deployment models, and different stakeholders. This work considers challenges, related to the lack of methods of automatic threat modeling and well-formed data sources of threats and countermeasures as well as techniques to collect such security knowledge. It is used in conjunction with a model of the target system that can be constructed in parallel. STRIDE is a model of threats, used to help reason and find threats to a system. The STRIDE was initially created as part of the process of threat modeling. ![]() Information disclosure ( privacy breach or data leak).It provides a mnemonic for security threats in six categories. STRIDE is a model for identifying computer security threats developed by Praerit Garg and Loren Kohnfelder at Microsoft. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |