STRIDE – Based Risk Assessment for Web Application

Abstract:

Article Preview

This paper proposes a lightweight model as an alternative methodology of risk assessment for web applications. The assessment model presented in this paper takes into account not only the threats to the web applications but also the environments where they are hosted. STRIDE model is used as a measure to identify the threats by analyzing dataflow, data store and process presented in dataflow diagram. Moreover, DREAD is used to calculate the security risk of each threat, which is extended with the consideration of the assets’ criticalities and their application environments.

Info:

Periodical:

Edited by:

Qi Luo

Pages:

1323-1328

DOI:

10.4028/www.scientific.net/AMM.58-60.1323

Citation:

H. Guan et al., "STRIDE – Based Risk Assessment for Web Application", Applied Mechanics and Materials, Vols. 58-60, pp. 1323-1328, 2011

Online since:

June 2011

Export:

Price:

$35.00

In order to see related information, you need to Login.

In order to see related information, you need to Login.