Threat Modeling Stapes to Mitigate Could Threat

  IJCOT-book-cover
 
International Journal of Computer & Organization Trends  (IJCOT)          
 
© 2020 by IJCOT Journal
Volume - 10 Issue - 3
Year of Publication : 2020
Authors :  Md Haris Uddin Shairf, Ripon Datta, Shaamim Udding Ahmed
DOI : 10.14445/22492593/IJCOT-V10I3P303

Citation

MLA Style:Md Haris Uddin Shairf, Ripon Datta, Shaamim Udding Ahmed  "Threat Modeling Stapes to Mitigate Could Threat" International Journal of Computer and Organization Trends 10.3 (2020): 10-13. 

APA Style:Md Haris Uddin Shairf, Ripon Datta, Shaamim Udding Ahmed (2020). Threat Modeling Stapes to Mitigate Could Threat. International Journal of Computer and Organization Trends, 10(3), 10-13.

Abstract

The purpose of this work is to identify the various steps used in the threat modelling process. This paper, therefore, seeks to explain the assets implemented in facilitation of the process, the architecture used, the data required, along with how it is utilized, and identification of the threats. Another objective of this work is to identify how severe the security threats are. Primary and secondary data sources are analyzed. Also, a review of literature is done to provide more insights and information that supports or helps meeting the herein presented objectives. A step-by-step process of threat modelling is identified which include identification of security objectives; identification of assets and external dependencies; identification of trust zones; identification of potential threats and vulnerabilities; and documentation of threat model. Analysis the common global threats based on cloud data breach. We also analysis few threat models that can be the number of solutions to consider. The key to this paper is to present a valid asset and walk through the threat modelling process, find a better threat modelling scope.

References

[1] C. Direct, "An introduction to the Microsoft Azure portal," Find your cloud solution, 2019. [Online]. Available: https://www.clouddirect.net/knowledge-base/KB0011450/an-introduction-to-the-microsoft-azure-portal. [Accessed: 28-Aug-2019].
[2] R. Riddle, "7 Popular Azure Cloud Services for Enterprises," Managed Dedicated, Cloud and Hosting Services, 27-Sep-2018. [Online]. Available: https://www.codero.com/resources/blog/7-popular-azure-cloud-services-enterprises/. [Accessed: 28-Aug-2019].
[3] L. Dignan, "Top cloud providers 2018: How AWS, Microsoft, Google, IBM, Oracle, Alibaba stack up," ZDNet, 12-Feb-2019. [Online]. Available: https://www.zdnet.com/article/top-cloud-providers-2018-how-aws-microsoft-google-ibm-oracle-alibaba-stack-up/. [Accessed: 28-Aug-2019].
[4] I. T. Connect, "Azure AD Architecture," IT Connect, 2019. [Online]. Available: https://itconnect.uw.edu/wares/msinf/design/arch/aad-arch/. [Accessed: 28-Aug-2019].
[5] R. L`Esteve, "Azure Data Factory Mapping Data Flow for Datawarehouse ETL," SQL Server Tips, Techniques and Articles, 17-Jun-2019. [Online]. Available: https://www.mssqltips.com/sqlservertip/6074/azure-data-factory-mapping-data-flow-for-datawarehouse-etl/. [Accessed: 28-Aug-2019].
[6] Monhaber, “Security alerts in Azure Security Center," Microsoft Docs, 2019. [Online]. Available: https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview. [Accessed: 28-Aug-2019].
[7] Monhaber, "Security alerts in Azure Security Center," Microsoft Docs, 2019. [Online]. Available: https://docs.microsoft.com/en-us/azure/security-center/security-center-detection-capabilities#asc-detects. [Accessed: 28-Aug-2019].
[8] C. David. "Introducing azure machine learning." A guide for technical professionals, sponsored by Microsoft Corporation (2015).
[9] P. Joel, and V. A. Bharadi. "Signature Verification SaaS Implementation on Microsoft Azure Cloud." Procedia Computer Science 79 (2016): 410-418.
[10] B. Violino, "12 top cloud security threats: The dirty dozen," CSO Online, 11-Jun-2019. [Online]. Available: https://www.csoonline.com/article/3043030/the-dirty-dozen-12-top-cloud-security-threats.html. [Accessed: 28-Aug-2019].
[11] Sharif MHU, Datta R(2019). "IDENTIFYING RISKS AND SECURITY MEASURES FOR E-COMMERCE ORGANIZATIONS”. Retrieved from URL: https://pdfs.semanticscholar.org/a2ec/8c072d9813d7e6e87c9ae01ec5a108f92467.pdf
[12] Sharif MHU, Datta R(2019). "SOFTWARE AS A SERVICE HAS STRONG CLOUD SECURITY". Retrieved from URL: https://www.researchgate.net/profile/Haris_Sharif/publication/335232826_Software_as_a_Service_has_Strong_Cloud_Security/lin ks/5d6466fc299bf1f70b0eb0f2/Software-as-a-Service-has-Strong-Cloud-Security.pdf
[13] Md Haris Uddin Shairf, Ripon Datta, Mounicasri Valavala (2019) "Biometrics Authentication Analysis". DOI : 10.14445/22315373/IJMTT-V65I10P506 Retrieved from URL: http://www.ijmttjournal.org/Volume-65/Issue-10/IJMTT-V65I10P506.pdf
[14] Sharif Md Haris Uddin, Ripon Datta(2019). "Information Technology Security Analysis". Retrieved from URL:https://www.researchgate.net/publication/336603051_Information_Technology_Security_Analysis
[15] A. Salma, C.Sarada Devi, V. Saranya, "Smart Card for Banking with Highly Enhanced Security System”, SSRG International Journal of Electronics and Communication Engineering (SSRG-IJECE) – volume1 issue2, 2014.

Keywords
Authentication, Biometrics, Security Analysis, Biometrics-technique, Access Control.