Last day of the OFFER FLAT 20% off & $20 sign up bonus Order Now

Last day of the offer FLAT 20% off & $20 sign up bonus

Free Resourses

I accept the T&C and other policies of the website and agree to receive offers and updates.

Estimated Price* $7.1 $8.9

offer
20%
OFF

*Prices may vary as per change in requirements

ISOL536 Security Architecture and Design

Published : 23-Oct,2021  |  Views : 10

Question

You may find it useful to read Appendix E from the beginning. There is lots of good material there.

That's it. Just provide answers to 2 questions. Don't worry about mitigations for the threats right now. The goal of this assignment is to get you to better understand how useful models can be to identify and mitigate threats.

Answer

Identify all the DFD elements.

There are five elements used for constructing the flow diagrams of data. It can be listed as:-

  • Processes
  • Data-flows
  • Data stores
  • External entities
  • Trust boundaries

Processes

A process is a component of DFD element that can be represented in the model only where the values of data that are being provided for the input into in the activity that is being transformed or manipulated in a way which the flowing out of the data of the process is altered as compared to that which already being flown (Kaddam & Onkar, 2015).

The movement may engross in the confinement of the information that was being related with something that a particular organization is focused on, such as a card number of a customer, deposited amount. It may also be related with the changes in the footage on this particular information, example altering in the balance of the customer.

Processes are generally denoted with a box, which is divided into three main parts as shown in diagram:

                                                                                     

Data-flows

A package of the information which is being flowed between different objects in the DFD is entirely being represented by the Data flow. A movement of the data between the storage and the processing takes place. It also represents the value of the data at some extent within the limitation of the immediate value and the computation and within it; the flow takes place internally to the diagram. The value is uncharged (Yuwen & Wang, 2014).

A data-flow is mainly denoted on the diagram as a line drawn between the source and recipient of the data-flow, with the arrow depicting the direction of flow of data.

                                                                         

Data stores

A data store is a place where the data is preserved and stored in a passive form and can be retrieved within the system, by reacting to the requests for storing and accessing the data stored.

A stored data can be depicted in the data-flow diagram by a rectangle as shown below.

                                                                                 

External entities/ Actors/ source and sink 

External entities are elements that are located outside of the boundary of the particular system that interacts with the system on providing the input to the system or overriding the output from the particular system, or by consuming and providing the input, thus it can send the information into the system or can accept the particular information from it (Ajaykumar & Prasad, 2014).

External entities are categorized on a DFD as ovals that are drawn on the periphery of the system of the boundary, that contains the name of the identifier and the entity an as revealed below.

                                                                                   

Trust boundaries 

Trust boundaries are the elements of a DFD that are being added to it in order for the allowance of DFD for the utilization for the modeling threat.

They are represented by a dotted line as showcased below:

                                                               

Identify three or more threats: one for a data flow, one for a data store and one for a process. 

  • External entity is mainly prone to two threats: spoofing and repudiation.
  • Process is inclined towards six different threats: repudiation information, and elevation of privileges.
  • Storing of data is leaned towards three different types of threats: tampering information and denial of service.

Spoofing is a particular type of the threat that an attacker can utilize by pretending as someone different which they are actually not. This special type of threat can be executed successfully if any external factor consists of the high level of trust (Glide & Harms, 2014). This can be removed or being eliminated by confirming the flow that is not treated as one of the trusted source of entity.

  • Tampering- It is type of threat in which the data is in, and can be changed when it is in rest or at transit.
  • Denial of Service- It is a type of threat that an attacker generally exploits for interrupting the system of legitimate operations by the authorized legitimate users by denial the access to the system to them or by degrading the service.
  • A type of threat in which an attacker can exploit by doing something on the system and claim for not having being performed the particular action.
  • Information disclosure: An attacker can exploit this specific threat and can expose the information to someone who is not at all authorized for seeing that information.
  • Elevation of privileges. An attacker can exploit this threat and gain capabilities without the proper authorization (Kaddam & Onkar, 2015).

The table below shows the type of threats and the particular elements of the system:

Elements

                                           Threat Types

Spoofing

Tampering

Repudiation

Denial of service

External Entity

Exist

 

Exist

 

Process

Exist

Exist

Exist

Exist

Data store

 

Exist

 

Exist

Data Flow

 

Exist

 

Exist

References

Ajaykumar, S. D., & Prasad, M. S. (2014). Transforming data flow diagram to use case diagram. International Journal of Management, IT and Engineering, 4(1), 561.

Gilde, R. G., & Harms, S. L. (2014). U.S. Patent No. 8,788,665. Washington, DC: U.S. Patent and Trademark Office.

Kadam, K. S., & Onkar, V. C. (2015). A review paper on student information supervision system. International Journal of Research In Science & Engineering, 1, 66-72.

Yuwen, S., & Wang, K. (2014). A Method of Data Flow Diagram Drawing Based on Word Segmentation Technique. In Frontier and Future Development of Information Technology in Medicine and Education (pp. 3269-3274). Springer Netherlands.

Our Amazing Features

delivery

No missing deadline risk

No matter how close the deadline is, you will find quick solutions for your urgent assignments.

work

100% Plagiarism-free content

All assessments are written by experts based on research and credible sources. It also quality-approved by editors and proofreaders.

time

500+ subject matter experts

Our team consists of writers and PhD scholars with profound knowledge in their subject of study and deliver A+ quality solution.

subject

Covers all subjects

We offer academic help services for a wide array of subjects.

price

Pocket-friendly rate

We care about our students and guarantee the best price in the market to help them avail top academic services that fit any budget.