Skip to end of banner Go to start of banner

CAS Threat Modeling

Skip to end of metadata

Created by David Ohsie , last modified on May 28, 2013

Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

"Threat modeling is an approach for analyzing the security of an application" (see https://www.owasp.org/index.php/Application_Threat_Modeling). One step in the threat modeling is the creation of a dataflow diagram (DFD) of the system so that all attack surfaces can be identified.

Global DFD of CAS interactions

Visio Source File: CAS DFD.vsd
Visio File in VDX format: CAS DFD.vdx

DFD of CAS protocol

DIA format : cassecurity_protocol.dia
VDX format : cassecurity_protocol.vdx

DIA format : cassecurity_protocol_proxy.dia
VDX format : cassecurity_protocol_proxy.vdx

DFD of CAS tickets storage

DIA format : cassecurity_tickets_storage_1.1.dia
VDX format : cassecurity_tickets_storage_1.1.vdx

No labels