Skip to main content

Contextualisation of Data Flow Diagrams for security analysis.

Faily, S., Scandariato, R., Shostack, A., Sion, L. and Ki-Aries, D., 2020. Contextualisation of Data Flow Diagrams for security analysis. arXiv (2006.04098v1 [cs.CR).

Full text available as:

[img]
Preview
PDF
2006.04098v1.pdf - Published Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

900kB

Official URL: https://arxiv.org/abs/2006.04098

Abstract

Data flow diagrams (DFDs) are popular for sketching systems for subsequent threat modelling. Their limited semantics make reasoning about them difficult, but enriching them endangers their simplicity and subsequent ease of take up. We present an approach for reasoning about tainted data flows in design-level DFDs by putting them in context with other complementary usability and requirements models. We illustrate our approach using a pilot study, where tainted data flows were identified without any augmentations to either the DFD or its complementary models.

Item Type:Article
Additional Information:Workshop pre-print
Uncontrolled Keywords:cs.CR; cs.CR; cs.SE
Group:Faculty of Science & Technology
ID Code:34459
Deposited By: Unnamed user with email symplectic@symplectic
Deposited On:01 Sep 2020 12:28
Last Modified:01 Sep 2020 12:28

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -