14 February 2015

I just finished a week of hard work. Some application owners asked me to run a (short!) security assessment for a single sign-on module they use in their internal database applications.

With the help of an application manager and a copy of the PLSQL code I started developing a threat model. Thanks to the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) frame developed by Microsoft, I was able to get a good understanding of the system and its weaknesses.

Generally threat modeling does not include a review of the program code. But in this case a closer look at the code was very helpful for understanding of the information flows and for answering the questions posed by STRIDE.

I can only recommend to every system development project: Start threat modeling as early as possible to get the most of it. Software quality and system security will increase dramatically, at no more costs.

Happy Valentine’s Day!