期刊名称:International Journal on Computer Science and Engineering
印刷版ISSN:2229-5631
电子版ISSN:0975-3397
出版年度:2011
卷号:3
期号:2
页码:789-796
出版社:Engg Journals Publications
摘要:The threat modeling process starts with the phases of identifying critical assets, creating an architecture overview, and decomposing to identify possible points of attack. Data flow diagrams and sequence diagrams are used in this process. This paper proposes an alternative flow-based methodology for building an architectural map for the system. It provides a high-level methodology for creating a blueprint of the organization to guide security planning in the network.
关键词:conceptual model; information security; software lifecycle; threat modeling; network architecture; data flow diagrams; UML
