[OWASP-TESTING] testing project part 1 - threat modeling
mads at opencs.com.br
Tue Jul 6 10:46:53 EDT 2004
Mark Curphey wrote:
> This is too late in the day for this discussion. It can be tabled for
> version 2 of Part 1. Part 1 contents were fixed a while back.
See your point, its already late
> I would suggest however you look at UMLSec and SecUML as modeling
> languages for application security modeling. Writing Secure Code is very
> tactical in places.
I have followed UMLSec in its beginning but not recently, will check up
> Time frame analysis should probably use UML State Transition Diagrams
> not sequence diagrams although both maybe useful.
> Abuse cases are a marketing term for what is formally referred to in UML
> as the alternative path. UML is supported by textual use cases as well
> as visual models.
More or less Mark, in my understanding, abuse cases try to break the
system based on the use case design, that is on the design level. You
might call it a security minded alternative path but I like the term
because it is explicitly security related.
You force the designer to think of what the system must not accept in
terms of security, I don't think you can have a negative alternative
path in the same case?
Another point however is that Threat Modeling should consider other
levels of the system, not just the design level where use cases lives.
> I think we may well need to spawn off a separate project eventually on
> modeling security and threat modeling.
That would be cool Mark, like the "OWASP Threat Modeling Guide" :o)
That is certainly not a bad idea! but let finish off the current version
What are the steps from now?, you want a revision of the current doc? I
found some spelling errors, what would be the best way to submit those?
Do you want them?
The document is already full of revisions, I think it would be better to
submit pagenumber, line and text in an email, agreed?
Mads Rasmussen, M.Sc.
Open Communications Security
+55 11 3345 2525
More information about the Owasp-testing