Threat Modeling for Cloud-based applications with Open-Source Software and Proprietary Software tools

Authors

  • Martín Ariel Escowich Universidad Tecnológica Nacional, Facultad Regional Santa Fe - Argentina

Keywords:

Threat modeling, STRIDE, Cybersecurity, Software Development Process

Abstract

In this work, a comparative study of different Threat Modeling tools is addressed. Threat modeling is applied to a case study, in particular the modeling of a university Virtual Campus system, in order to carry out the analysis of the possible vulnerabilities of this system. For this, open source tools proposed by the OWASP foundation and a proprietary tool were selected. The research process consisted of studying the features provided by both tools, defining a comparison criteria, modeling the case study with OWASP Threat Dragon/OdTM (as an Open Source alternative), and Microsoft’s Threat Modeling Tool (as a proprietary alternative), and apply a reasoner to these models to detect the possible threats of the modeled system.

Downloads

Download data is not yet available.

Downloads

Published

2023-09-21

How to Cite

Escowich, M. A. (2023). Threat Modeling for Cloud-based applications with Open-Source Software and Proprietary Software tools. AJEA (Proceedings of UTN Academic Conferences and Events), (24). Retrieved from https://rtyc.utn.edu.ar/index.php/ajea/article/view/1229

Conference Proceedings Volume

No. 24 (2023): Conferences of Young Technological Researchers 2022

Section

Proceedings - Information and Computing System

License

Copyright (c) 2023 Martín Ariel Escowich

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.