This article discusses:
Designing Secure SoftwareThreat Modeling and STRIDEData Flow DiagramsA Sample SystemApplying STRIDE to the Fabrikam Analyzer DatabaseAnalyzing Data Flows and Data StoresAnalyzing ProcessesMitigating the ThreatsFinding Manifestations of ThreatsAttack PatternsConclusion
You'll be manipulating accounting files, which by their very nature are sensitive and often subject to legal requirements. And you'll need to identify a specific group of people—the sales force. How will you know them? The problem statement implies a number of security requirements:
Customers may never state these explicitly, so designers must find the security requirements inherent in the problem statement.
For an excellent overview of many common types of attacks, we suggest Writing Secure Code, Second Edition, by Michael Howard and David LeBlanc (Microsoft Press, 2002). For more technically specific texts, see:
If you work frequently in any technologies, it’s probably a good idea to incorporate common flaws from those technologies into your own threat trees or checklists. And of course, you should review current and past security advisories from your own organization as well as other organizations who have implemented similar technologies. Microsoft makes security bulletins available at microsoft.com/security. Notable third parties include:
More MSDN Magazine Blog entries >
Browse All MSDN Magazines
Subscribe to MSDN Flash newsletter
Receive the MSDN Flash e-mail newsletter every other week, with news and information personalized to your interests and areas of focus.