ISOL536 Security Architecture : Microsofts threat - Modeling Technique
Answer:
The paper focuses on descriptive study of Microsoft’s threat modeling technique. According to Scandariato, Wuyts and Joosen (2015) Microsoft STRIDE is one of the threat modeling technique that is helpful in discovering various security weaknesses of different types of software systems. It is considered that threat modeling is one of the significant activities in the security o
f the software. It generally helps in guiding the analyst of security for discovering different types of actions that is might performed by the malicious agents for misusing different types of software system. One of the most significant as well as popular methodology is Microsoft’s STRIDE for threat modeling that is utilized on various products of Microsoft. It is generally endorsed by various secure software systems that include OWASP’s CLASP, Touchpoints as well as Microsoft’s SDL. The author reflects that threat modeling is generally utilized for analyzing the soundness of software architecture in order to spott different types of flaws.
It is analyzed that STRIDE is one of the subject of the ongoing research. This technique is generally augmented by OWASP for making it much more applicable in the domain of mobile applications. Further, its utilization is extended for analyzing privacy. Finally, STRIDE is adopted by the researchers for various types of system models. The author reflects that despite of the successful adoption of STRIDE, no empirical study was mainly conducted for quantifying both the effectiveness as well as cost of STRIDE. The main contribution of this paper is to evaluate STRIDE with the help of appropriate descriptive study that generally requires involvement of 57 students in the course of computer science (Scandariato, Wuyts & Joosen, 2015). Three research questions are addressed by the researcher in this paper, which helps in assessing the valid threats that are generally produced in an hour. The next research question evaluates the accuracy of the analysis that generally consequences by analyzing the appropriate number of false positives. Finally, it also helps in determining the correctness of various analyses that it is mainly resulted due to the quantity of false negatives that is generally the threats that are overlooked. The author elaborates the study which is conducted is instrumental that further helps in understanding the technique that eventually formulates various types of research hypotheses which are investigated by means of various types of comparative experiments. The procedure of threat modeling includes modeling of the system with the help of various types of data flow diagram, mapping different types of DFD elements for categorization threats, drawing the threat, documenting various types of threats and then proving appropriate tool support (Scandariato, Wuyts & Joosen, 2015). It is concluded that STRIDE is not too much complicated to study as well as accomplish but is very much time-consuming. However, various types of threats go unnoticed during various type of analysis. The results that are generally presented are mainly obtained for the software system, which include security specific mechanism. The author elaborates the findings by reflecting that STRIDE is one of the techniques, which are generally analyzed as hard, but the average number of various types of incorrect threat is low in comparison to average number of overlooked threats.
References
Scandariato, R., Wuyts, K., & Joosen, W. (2015). A descriptive study of Microsoft’s threat modeling technique. Requirements Engineering, 20(2), 163-180
Buy ISOL536 Security Architecture : Microsofts threat - Modeling Technique Answers Online
Talk to our expert to get the help with ISOL536 Security Architecture : Microsofts threat - Modeling Technique Answers to complete your assessment on time and boost your grades now
The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.
