2013
DOI: 10.1007/s00766-013-0195-2
|View full text |Cite
|
Sign up to set email alerts
|

A descriptive study of Microsoft’s threat modeling technique

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

4
63
0
1

Year Published

2015
2015
2023
2023

Publication Types

Select...
7
3

Relationship

2
8

Authors

Journals

citations
Cited by 110 publications
(68 citation statements)
references
References 31 publications
4
63
0
1
Order By: Relevance
“…Threat modeling techniques can also be used to guide the hospital information systems administrators in the discovery of the actions that a malicious agent might perform [100]. There will undoubtedly be an increasing threat to the security of patient data with the growing interconnectivity between organizations, the scaling of healthcare information infrastructures [101], the increasing use of mobile instant messaging [102], outsourcing, and upcoming solutions such as cloud computing [30,[103][104][105].…”
Section: Summary Pointsmentioning
confidence: 99%
“…Threat modeling techniques can also be used to guide the hospital information systems administrators in the discovery of the actions that a malicious agent might perform [100]. There will undoubtedly be an increasing threat to the security of patient data with the growing interconnectivity between organizations, the scaling of healthcare information infrastructures [101], the increasing use of mobile instant messaging [102], outsourcing, and upcoming solutions such as cloud computing [30,[103][104][105].…”
Section: Summary Pointsmentioning
confidence: 99%
“…The security and privacy threats we consider in this motivating scenario focus mainly on the customer-centric plants, as it is the most challenging one with respect to two well-known threat models (the honest-but-curious 160 and the malicious adversarial threat model). To assess all threats we model the networked production workflow as a dataflow diagram on which we carry out a STRIDE security analysis (Scandariato et al, 2015). In Fig.…”
Section: Motivating Scenario On Iot-enabled Networked Productionmentioning
confidence: 99%
“…In contrast, sequence diagrams outperform textual use cases in the identification of threats related to the system's internal working. Scandariato et al [27] evaluated Microsoft STRIDE [5], which is is a mix of graphical (Data Flow Diagrams) and tabular notations. The results showed that STRIDE is not perceived as difficult by the participants but their productivity in threats identified per hour was very low.…”
Section: Background and Related Workmentioning
confidence: 99%