You are here: Home Contents V5 N3 V5N3_Ingalsbe.html
Personal tools

Threat Modeling the Enterprise



Full text

Journal of Information Systems Security
Volume 5, Number 3 (2009)
Pages 4257
ISSN 1551-0123 (Print)
ISSN 1551-0808 (Online)
Jeffrey A. Ingalsbe — Ford Motor Company, USA
Dan Shoemaker — University of Detroit Mercy, USA
Nancy R. Mead — SEI/Carnegie Mellon University, USA
Antonio Drommi — University of Detroit Mercy, USA
Information Institute Publishing, Washington DC, USA




Current threat modeling methodologies and tools are biased toward systems under development. Organizations whose IT portfolio is made up of a large number of legacy systems, that run on fundamentally different and incongruous platforms and with little or no documentation, are left with few options. Rational, objective analysis of threats to assets and exploitable vulnerabilities requires, the portfolio to be represented in a consistent and understandable way based on a systematic, prescriptive, collaborative process that is usable but not burdensome. This paper describes a way to represent an IT portfolio from a security perspective using UML deployment diagrams and, subsequently, a process for threat modeling within that portfolio. To accomplish this, the UML deployment diagram was extended, a template created, and a process defined.




Threat Modeling, DREAD, STRIDE, UML




Arlow, J. and Neustadt, I. (2005) UML 2 and the Unified Process Second Edition, Addison-Wesley.

Howard, M., and LeBlanc, D., (2001) “Writing Secure Code (With CD-ROM)”, Microsoft Press 

ISO/IEC 27001:2005 “Information technology — Security techniques — Information security management systems – Requirements”

Jacobson, I., Booch, G., and Rumbaugh, J. (1999), “The Unified Modeling Language User Guide”, Addison-Wesley

Office of Management and Budget (2007), “Federal Enterprise Architecture Consolidated Reference Model Document Version 2.3”

Saitta, P., Larcom, B., Eddington, M. (2005), “Trike v.1 Methodology Document [Draft],”

Swiderski, F. and Snyder, W. (2004), “Threat Modeling,” Microsoft Press NIST Special Publication 800-53 (2007), “Recommended Security Controls for Federal Information Systems”, National Institute of Standards and Technology U.S. Department of Commerce