The Threat Modeling Naturally Tool: An Interactive Tool Supporting More Natural Flexible and Ad-Hoc Threat Modeling
| dc.contributor.author | Thompson, Ronald E. | |
| dc.contributor.author | Red, Madison | |
| dc.contributor.author | Zhang, Richard | |
| dc.contributor.author | Kwon, Yaejie | |
| dc.contributor.author | Dang, Lisa | |
| dc.contributor.author | Pellegrini, Christopher | |
| dc.contributor.author | Nesru, Esam | |
| dc.contributor.author | Jain, Mira | |
| dc.contributor.author | Chin, Caroline | |
| dc.contributor.author | Votipka, Daniel | |
| dc.contributor.author | University, Tufts | |
| dc.contributor.author | College, Swarthmore | |
| dc.contributor.author | University, Northeastern | |
| dc.date.accessioned | 2024-10-28T14:30:27Z | |
| dc.date.available | 2024-10-28T14:30:27Z | |
| dc.date.issued | 2024 | |
| dc.description | USENIX Symposium on Usable Privacy and Security (SOUPS) 2024. August 11–13, 2024, Philadelphia, PA, United States. | |
| dc.description.abstract | Threat modeling is an important process in achieving secureby-design software systems. While some tools have been developed to aid system architects in building threat models, many of these do not support the more flexible ways that threat modeling occurs in practice. We present the Threat Modeling Naturally Tool as the first step in providing architects with a tool that allows for a more natural threat modeling process that is modular in design. This tool consists of a threat modeling Domain-Specific Language and a series of modular components that allow users to specify their system and assign threats and mitigations without disrupting their brainstorming. We describe the design and implementation of our tool using a mock medical device as a case study as well as discuss how the tool can be used for future work supporting threat modeling research. | |
| dc.description.uri | https://security-information-workers.github.io/downloads/wsiw2024-final18.pdf | |
| dc.format.extent | 8 pages | |
| dc.genre | conference papers and proceedings | |
| dc.genre | preprints | |
| dc.identifier | doi:10.13016/m2uapb-eyuv | |
| dc.identifier.uri | http://hdl.handle.net/11603/36740 | |
| dc.language.iso | en_US | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
| dc.title | The Threat Modeling Naturally Tool: An Interactive Tool Supporting More Natural Flexible and Ad-Hoc Threat Modeling | |
| dc.type | Text |
Files
Original bundle
1 - 1 of 1