Homework Help is Here – Start Your Trial Now!
Engineering
AI and Machine Learning
You are assigned to be part of the threat modelling team. You need to follow the main steps of the threat modelling process : Decompose the application using data flow diagrams. • Determine the threats to the system using the STRIDE model and threat trees. ● • Rank the threats by decreasing risk using the DREAD model. Choose how to respond to each threat. Choose techniques to mitigate the threats: (A single table describing the threats, their STRIDE classification, their mitigation techniques). ● .

You are assigned to be part of the threat modelling team. You need to follow the main steps of the threat modelling process : Decompose the application using data flow diagrams. • Determine the threats to the system using the STRIDE model and threat trees. ● • Rank the threats by decreasing risk using the DREAD model. Choose how to respond to each threat. Choose techniques to mitigate the threats: (A single table describing the threats, their STRIDE classification, their mitigation techniques). ● .

icon
Related questions
Question
Consider the following case study: Video OnDemand is a new subscription-based service for on-demand Internet streaming media. There are three types of users for Video On Demand: 1. Standard users; 2. Premium users; 3. Maintainers. Standard and Premium users are able to log in, renew their subscriptions, search and have access to the standard video library. In addition, Premier users have access to the latest release library. Maintainers are able to log in, add videos, modify user's subscriptions, search for any type of video, and read the audit log involving users' activities. An unregistered individual can obtain access to the system via an automatic procedure involving the payment of the subscription: such a procedure can be audited by maintainers. You are assigned to be part of the threat modelling team. You need to follow the main steps of the threat modelling process: Decompose the application using data flow diagrams. • Determine the threats to the system using the STRIDE model and threat trees. ● ● ● ● Rank the threats by decreasing risk using the DREAD model. Choose how to respond to each threat. Choose techniques to mitigate the threats: (A single table describing the threats, their STRIDE classification, their mitigation techniques).
Transcribed Image Text:Consider the following case study: Video OnDemand is a new subscription-based service for on-demand Internet streaming media. There are three types of users for Video On Demand: 1. Standard users; 2. Premium users; 3. Maintainers. Standard and Premium users are able to log in, renew their subscriptions, search and have access to the standard video library. In addition, Premier users have access to the latest release library. Maintainers are able to log in, add videos, modify user's subscriptions, search for any type of video, and read the audit log involving users' activities. An unregistered individual can obtain access to the system via an automatic procedure involving the payment of the subscription: such a procedure can be audited by maintainers. You are assigned to be part of the threat modelling team. You need to follow the main steps of the threat modelling process: Decompose the application using data flow diagrams. • Determine the threats to the system using the STRIDE model and threat trees. ● ● ● ● Rank the threats by decreasing risk using the DREAD model. Choose how to respond to each threat. Choose techniques to mitigate the threats: (A single table describing the threats, their STRIDE classification, their mitigation techniques).
Expert Solution
steps

Step by step

Solved in 4 steps with 1 images

SEE SOLUTIONCheck out a sample Q&A here
Blurred answer