Threat modeling begins with a clear understanding of the system in question. There are several areas to consider when trying to understand possible threats to an application: the mobile application structure, the data, identifying threat agents and methods of attack, and controls to prevent attacks. With those aspects in mind, you can create a threat model, which consists of an outline or checklist of items that need to be documented, reviewed, and discussed when developing a mobile application.
In this project, you will create a threat model. The length of this threat model should be eight to 10 pages.
Step 1: Describe Your Mobile Application Architecture
In your role as a cyber threat analyst, you will identify for senior management how a particular mobile application of your choosing conforms to mobile architectures where you are asked to describe device-specific features used by the application, wireless transmission protocols, data transmission mediums, interaction with hardware components, and other applications. You will identify the needs and requirements for application security, computing security, and device management and security. You will describe the operational environment and use cases, and identify the operating system security and enclave/computing environment security concerns, if there are any. This can be fictional or modeled after a real-world application. Be sure to use APA citation format.
Step 2: Define the Requirements for Your Mobile Application
In the previous step, you described your app’s architecture. For Step 2 and in the second section of your report, you will define what purpose the mobile app serves from a business perspective and what data the app will store, transmit, and receive. It’s also important to include a data flow diagram to determine exactly how data is handled and managed by the application. You can use fictional information or model it after a real-world application. Here are some questions to consider as you define your requirements:
- What is the business function of the app?
- What data does the application store/process (provide data flow diagram)?
- This diagram should outline network, device file system, and application data flows
- How is data transmitted between third-party APIs and app(s)?
Step 3: Identify Threats and Threat Agents
Now that you have identified the mobile app’s requirements, you will define its threats. In Section 3 of the report, you will identify possible threats to the mobile application and also identify the threat agents. Additionally, you will outline the process for defining what threats apply to your mobile application.
For an example of threat agent identification, review Threat Agent Identification Example.
For a list of threat agents, review List of Threat Agents.
Step 4: Identify Methods of Attack
In the previous step, you identified threat agents. In this step and in Section 4 of the report, you will identify different methods an attacker can use to reach the data. This data can be sensitive information to the device or something sensitive to the app itself. Read these resources on cyberattacks and provide senior management with an understanding of the possible methods of attack of your app.
When you have identified the attack methods, move to the next step, where you will analyze threats to your app.
Step 5: Controls
You’ve just identified the methods of attack, and now you will discuss the controls to prevent attacks. Consider the following questions:
Note: Not all of the following may apply. You will need to address only the areas that apply to the application you have chosen.
- What are the controls to prevent an attack? Conduct independent research, then define these controls by platform (e.g., Apple iOS, Android, Windows Mobile, BlackBerry).
- What are the controls to detect an attack? Define these controls by platform.
- What are the controls to mitigate/minimize impact of an attack? Define these controls by platform.
- What are the privacy controls (i.e., controls to protect users’ private information)? An example of this would be a security prompt for users to access an address book or geolocation.
- Create a mapping of controls to each specific method of attack (defined in the previous step)
Step 6: Complete Your Threat Model
You’ve just discussed the controls to prevent attacks. By now you should have completed all the components of your report. Now, you will compile all your findings and produce your threat model.
Developing a detailed threat model provides organizations with a clear illustration of the issues that they face and the opportunity to implement a proactive approach to threat prevention and dealing with any effects that the threat may present to the specific organization. As a cyber-threat analyst, it is one’s role to carry out the threat modeling associated with any application that an organization develops and relies on for business. Primarily, this threat development focuses on an application that could be used for banking and finance but it should be assumed to be a general mobile application. This threat model is based on the industry best practices and evidence across the mobile application space………
APA 2486 words